Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/9UfcElV6FGqnWUudaSruqvyi2FI.roa
File: 9UfcElV6FGqnWUudaSruqvyi2FI.roa (raw, json)
Hash identifier: CVpAEFj8eThpbv/b3C0RBGIfa5CwQNaW2whrFunq5ag=
Subject key identifier: F5:47:DC:12:55:7A:14:6A:A7:59:4B:9D:69:2A:EE:AA:FC:A2:D8:52
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 0A105130
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/9UfcElV6FGqnWUudaSruqvyi2FI.roa
Signing time: Wed 01 Jun 2022 05:33:13 +0000
ROA not before: Wed 01 Jun 2022 05:33:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205806
IP address blocks: 156.67.152.0/22 maxlen: 22
156.67.152.0/21 maxlen: 21
156.67.148.0/22 maxlen: 22
156.67.156.0/22 maxlen: 22
156.67.144.0/21 maxlen: 21
156.67.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168841520 (0xa105130)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Jun 1 05:33:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f547dc12557a146aa7594b9d692aeeaafca2d852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:63:68:b4:ac:07:4c:b1:96:9b:22:61:3f:ab:
76:d2:74:19:bc:22:4e:19:3f:ae:5f:73:e7:24:3e:
d4:8b:a5:b6:73:8e:eb:58:09:97:3f:02:dd:fa:2a:
17:73:b8:14:74:06:2f:16:dd:35:f8:be:31:09:4a:
8a:d3:27:a2:03:f5:04:5c:27:f2:e1:05:2a:e3:3e:
66:c5:a2:3c:59:c0:fc:b5:55:88:81:84:de:3a:d1:
7c:23:bc:db:be:4c:80:3c:36:ed:14:54:82:e1:b1:
63:9a:38:85:6c:5d:ca:9c:bd:d8:ce:7d:9a:18:36:
0c:37:4d:77:e6:fe:67:93:b6:6c:09:57:f9:f8:96:
41:5c:1b:f6:46:db:01:2c:06:db:6d:59:1b:b4:d2:
7c:dc:61:e7:83:6e:3b:42:dd:03:37:5a:9b:c9:2a:
64:5f:8e:7a:e5:11:c3:a6:c8:f2:66:be:33:78:34:
e2:a9:8f:f6:eb:69:d6:d1:fe:b2:6f:d6:d8:c0:ca:
b2:e0:3a:fb:da:74:e1:95:a0:75:2f:49:c3:4c:18:
63:5a:ea:2c:45:0f:67:57:a2:2e:be:71:ca:cb:fb:
8e:1b:38:2a:14:fa:68:6a:08:f8:f0:c9:6b:1f:3b:
a4:a0:12:81:b6:29:3d:77:dc:0a:ac:e1:61:37:1c:
34:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:47:DC:12:55:7A:14:6A:A7:59:4B:9D:69:2A:EE:AA:FC:A2:D8:52
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/9UfcElV6FGqnWUudaSruqvyi2FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.144.0/20
Signature Algorithm: sha256WithRSAEncryption
a1:74:32:b8:e6:56:f1:9d:3d:f0:ba:9d:1f:58:ba:3c:0a:9d:
77:a3:ac:69:b9:23:da:8c:a9:7a:01:09:41:fe:66:89:a7:ee:
cb:94:3b:4a:fc:90:00:2f:8b:46:e9:b6:fd:99:c8:38:d5:6d:
c2:a1:c8:6e:4c:ae:aa:20:ee:f9:ee:a5:e2:19:df:9c:2c:70:
6d:cc:d7:65:92:8d:69:0e:6a:b8:92:50:16:c4:9e:2a:0f:2d:
53:08:69:82:52:d4:c7:05:42:e3:b8:6e:90:e9:f2:0d:97:cb:
9e:c7:e1:91:4c:32:ad:6b:f4:98:5c:aa:06:a6:c6:3c:40:58:
9d:de:da:92:22:5d:fe:ec:c7:f9:23:69:08:66:70:7a:06:c3:
06:2d:eb:17:5a:e5:23:29:fb:e2:05:4a:79:0d:bc:60:04:cb:
ee:01:02:e4:ea:f3:7c:6f:8e:1f:8e:cf:e3:67:2f:a4:13:95:
28:f6:64:76:20:bc:7c:3a:e3:f9:41:d8:c5:63:b3:d8:27:07:
a7:5f:0d:ac:6d:4e:02:5f:5b:8a:e2:29:0c:38:56:ec:a5:41:
7c:0e:00:ef:a1:c7:7e:2d:f5:7d:4d:b3:da:c1:f4:ef:fc:5a:
1e:e1:71:a1:26:21:fc:73:e1:ea:72:41:2c:d2:91:e4:2b:06:
20:a6:a3:9d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChBRMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTFhYzM2OWM5NDU2OTE0YTEyZTAyZGZmYzhkZDc5OTc0ZWIxZWY4MB4XDTIyMDYw
MTA1MzMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU0N2RjMTI1NTdh
MTQ2YWE3NTk0YjlkNjkyYWVlYWFmY2EyZDg1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFjaLSsB0yxlpsiYT+rdtJ0GbwiThk/rl9z5yQ+1IultnOO
61gJlz8C3foqF3O4FHQGLxbdNfi+MQlKitMnogP1BFwn8uEFKuM+ZsWiPFnA/LVV
iIGE3jrRfCO8275MgDw27RRUguGxY5o4hWxdypy92M59mhg2DDdNd+b+Z5O2bAlX
+fiWQVwb9kbbASwG221ZG7TSfNxh54NuO0LdAzdam8kqZF+OeuURw6bI8ma+M3g0
4qmP9utp1tH+sm/W2MDKsuA6+9p04ZWgdS9Jw0wYY1rqLEUPZ1eiLr5xysv7jhs4
KhT6aGoI+PDJax87pKASgbYpPXfcCqzhYTccNGMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1R9wSVXoUaqdZS51pKu6q/KLYUjAfBgNVHSMEGDAWgBSeGsNpyUVpFKEu
At/8jdeZdOse+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25ockRhY2xGYVJTaExnTGZfSTNYbVhUckh2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvMDkxYmQwLTJmNjctNDdjZS1hZTE3LWQ2OGM1N2RiNGNhZS8x
LzlVZmNFbFY2RkdxbldVdWRhU3J1cXZ5aTJGSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
MDkxYmQwLTJmNjctNDdjZS1hZTE3LWQ2OGM1N2RiNGNhZS8xL25ockRhY2xGYVJT
aExnTGZfSTNYbVhUckh2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJxDkDANBgkqhkiG9w0BAQsFAAOC
AQEAoXQyuOZW8Z098LqdH1i6PAqdd6Osabkj2oypegEJQf5miafuy5Q7SvyQAC+L
Rum2/ZnIONVtwqHIbkyuqiDu+e6l4hnfnCxwbczXZZKNaQ5quJJQFsSeKg8tUwhp
glLUxwVC47hukOnyDZfLnsfhkUwyrWv0mFyqBqbGPEBYnd7akiJd/uzH+SNpCGZw
egbDBi3rF1rlIyn74gVKeQ28YATL7gEC5OrzfG+OH47P42cvpBOVKPZkdiC8fDrj
+UHYxWOz2CcHp18NrG1OAl9biuIpDDhW7KVBfA4A76HHfi31fU2z2sH07/xaHuFx
oSYh/HPh6nJBLNKR5CsGIKajnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:30 2024 by rpki-client on console-fra.rpki-client.org