Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/I5nfLvtlhyorCclDWc_2PohY-OI.roa
File: I5nfLvtlhyorCclDWc_2PohY-OI.roa (raw, json)
Hash identifier: QCorfv/5Y6z31p+5HFFTwI2PZxHtqxjLF9AiqlwmOk0=
Subject key identifier: 23:99:DF:2E:FB:65:87:2A:2B:09:C9:43:59:CF:F6:3E:88:58:F8:E2
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 02165A31
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/I5nfLvtlhyorCclDWc_2PohY-OI.roa
Signing time: Sat 01 Jan 2022 13:55:58 +0000
ROA not before: Sat 01 Jan 2022 13:55:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 185.11.217.0/24 maxlen: 24
2a03:69c0:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35019313 (0x2165a31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Jan 1 13:55:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2399df2efb65872a2b09c94359cff63e8858f8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f9:0e:b8:ba:91:75:da:1b:96:28:80:07:e5:
a2:07:29:b3:5b:8d:38:3b:14:da:12:58:54:b5:9b:
ec:59:bf:41:1b:44:2d:1c:21:5b:91:7a:03:3b:20:
77:b4:92:0c:84:79:27:aa:d3:aa:5f:83:81:94:5d:
cd:98:3d:f3:97:9a:0f:50:b4:65:36:68:18:8c:54:
f6:7f:8c:83:ed:6e:cb:86:a7:78:73:24:77:11:14:
f7:a5:e3:e3:37:d6:83:99:2e:d1:05:df:8e:f6:c4:
42:bd:ed:ca:ab:a7:d0:3f:0c:54:5e:46:f1:02:e5:
fd:0e:19:4b:4a:aa:5c:17:13:e2:05:75:a0:ab:82:
bd:a8:3c:93:f4:3e:f3:5f:df:ad:a1:7e:f4:f7:84:
3c:5c:08:87:2b:1b:72:ee:f4:c1:38:b6:22:bf:d6:
6e:d8:11:a6:2a:d5:70:9e:99:ed:65:a9:98:14:ae:
1d:89:d5:f7:38:aa:68:b3:42:35:4b:a0:47:5e:e8:
2c:a7:b0:1f:6f:9f:38:8c:fe:1b:78:39:0e:23:87:
a7:86:64:04:d2:8c:f8:cf:c1:41:92:77:ee:11:4e:
77:78:27:95:ef:ba:ef:3b:65:84:6d:85:98:a7:b5:
9b:d2:63:1e:42:78:9a:2e:29:ab:64:17:79:bf:80:
c9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:99:DF:2E:FB:65:87:2A:2B:09:C9:43:59:CF:F6:3E:88:58:F8:E2
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/I5nfLvtlhyorCclDWc_2PohY-OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.217.0/24
IPv6:
2a03:69c0:100::/40
Signature Algorithm: sha256WithRSAEncryption
b6:ea:06:46:a0:42:a1:3b:02:71:3d:a2:da:1e:fe:fd:3c:fc:
fe:d6:a6:59:fc:bf:78:67:b1:11:f3:57:48:14:a7:a8:74:42:
4b:b4:9d:de:9d:3e:96:21:bd:f1:21:2f:17:0d:e1:95:72:f8:
02:69:af:c4:67:5e:76:24:c9:9f:21:12:63:28:5e:72:69:50:
16:e6:d4:85:7c:e0:15:86:67:2c:fd:8a:89:9c:29:0e:21:2d:
2a:dd:43:3a:9c:47:87:9b:98:f8:39:72:3a:58:1b:cd:f7:e5:
20:51:37:9f:7c:18:21:0d:e3:1e:a0:7f:9f:6b:86:cc:84:c5:
79:df:6f:5a:2c:1d:28:20:16:8a:57:32:e0:de:04:61:1b:b8:
f9:8f:2f:09:df:5e:77:63:c3:1b:d1:66:d1:16:a0:10:d7:66:
b8:0d:1b:21:d7:4e:a6:e4:f5:61:34:8b:d9:e5:d0:46:88:1d:
fa:a6:c8:87:cc:2f:a1:e1:39:3e:be:7c:cd:e9:f6:af:34:d4:
84:b6:24:09:56:26:94:5d:fe:13:f0:18:95:48:3f:75:b4:8b:
f7:68:32:4b:02:85:57:93:a5:2d:cb:b3:bf:38:6a:79:39:3e:
01:c6:f2:7a:1c:3c:04:d2:9f:6c:da:53:f8:70:37:2d:cf:31:
d8:d3:95:da
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEAhZaMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTAyMTRhMWJmMWQzYWZkMmRkNjZiMjNhOTk3MzEwNmI1ZDMxNmNhMB4XDTIyMDEw
MTEzNTU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM5OWRmMmVmYjY1
ODcyYTJiMDljOTQzNTljZmY2M2U4ODU4ZjhlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALT5Dri6kXXaG5YogAflogcps1uNODsU2hJYVLWb7Fm/QRtE
LRwhW5F6Azsgd7SSDIR5J6rTql+DgZRdzZg985eaD1C0ZTZoGIxU9n+Mg+1uy4an
eHMkdxEU96Xj4zfWg5ku0QXfjvbEQr3tyqun0D8MVF5G8QLl/Q4ZS0qqXBcT4gV1
oKuCvag8k/Q+81/fraF+9PeEPFwIhysbcu70wTi2Ir/WbtgRpirVcJ6Z7WWpmBSu
HYnV9ziqaLNCNUugR17oLKewH2+fOIz+G3g5DiOHp4ZkBNKM+M/BQZJ37hFOd3gn
le+67ztlhG2FmKe1m9JjHkJ4mi4pq2QXeb+AybkCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQjmd8u+2WHKisJyUNZz/Y+iFj44jAfBgNVHSMEGDAWgBQKAhShvx06/S3W
ayOplzEGtdMWyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NnSVVvYjhkT3YwdDFtc2pxWmN4QnJYVEZzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvMDRlY2MwLTY2M2MtNDYwZS05MjBkLTMzMmVlNTQyNWM3YS8x
L0k1bmZMdnRsaHlvckNjbERXY18yUG9oWS1PSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
MDRlY2MwLTY2M2MtNDYwZS05MjBkLTMzMmVlNTQyNWM3YS8xL0NnSVVvYjhkT3Yw
dDFtc2pxWmN4QnJYVEZzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEALkL2TAOBAIAAjAIAwYAKgNpwAEw
DQYJKoZIhvcNAQELBQADggEBALbqBkagQqE7AnE9otoe/v08/P7Wpln8v3hnsRHz
V0gUp6h0Qku0nd6dPpYhvfEhLxcN4ZVy+AJpr8RnXnYkyZ8hEmMoXnJpUBbm1IV8
4BWGZyz9iomcKQ4hLSrdQzqcR4ebmPg5cjpYG8335SBRN598GCEN4x6gf59rhsyE
xXnfb1osHSggFopXMuDeBGEbuPmPLwnfXndjwxvRZtEWoBDXZrgNGyHXTqbk9WE0
i9nl0EaIHfqmyIfML6HhOT6+fM3p9q801IS2JAlWJpRd/hPwGJVIP3W0i/doMksC
hVeTpS3Ls784ank5PgHG8nocPATSn2zaU/hwNy3PMdjTldo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:55 2023 by rpki-client on console-fra.rpki-client.org