Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/p9mzQ4haNTqRJnFr7rEm35zMAVg.roa
File: p9mzQ4haNTqRJnFr7rEm35zMAVg.roa (raw, json)
Hash identifier: DccrxEdoodCvffYzEEfbMJTmLENojsIdtxDME2Y41Ng=
Subject key identifier: A7:D9:B3:43:88:5A:35:3A:91:26:71:6B:EE:B1:26:DF:9C:CC:01:58
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01823EB3234415244CC19294BA00FD9F291B
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/p9mzQ4haNTqRJnFr7rEm35zMAVg.roa
Signing time: Wed 27 Jul 2022 08:08:23 +0000
ROA not before: Wed 27 Jul 2022 08:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 92.51.40.0/22 maxlen: 24
92.51.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:b3:23:44:15:24:4c:c1:92:94:ba:00:fd:9f:29:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jul 27 08:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7d9b343885a353a9126716beeb126df9ccc0158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:53:cb:98:c4:bb:0b:65:f4:17:19:53:7d:e1:
0a:3d:eb:85:c6:74:e1:5b:40:16:29:27:06:cc:9c:
50:97:f8:47:2a:cb:b5:f0:6b:d1:ea:7f:e9:16:5d:
b3:84:54:63:17:81:74:69:d0:ca:4c:6d:3c:a4:fa:
4a:b9:85:60:d5:2f:59:7d:ae:ae:6b:36:cb:b2:66:
57:92:12:e9:73:22:65:1c:50:51:74:a6:00:98:c6:
3e:aa:c4:dc:87:0e:1d:1b:64:31:a9:d1:6a:04:70:
e1:c2:ec:aa:ea:80:3f:42:ff:f6:20:2c:7b:23:62:
ac:a1:cf:d7:a7:9b:34:b3:11:cf:52:c9:5c:ca:a0:
f0:0a:df:25:97:42:0a:ff:d3:86:81:b8:33:16:82:
28:34:fb:67:24:22:8c:a4:d2:cb:48:66:08:dc:29:
65:b0:14:21:c8:56:c1:3e:e8:fe:c3:4c:67:1e:79:
1c:52:df:a0:92:54:2f:86:5e:a6:1a:d6:d7:ea:a9:
e1:25:48:f9:01:16:f3:9d:44:89:73:d3:15:ba:76:
61:3d:c1:1a:c7:92:f1:32:cc:32:f3:e1:3c:fb:42:
42:3f:f4:f8:4d:af:ce:21:a7:c0:b9:50:f0:e3:8c:
dd:48:f0:e6:62:9a:e3:ff:66:62:1e:21:9f:ef:56:
5c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D9:B3:43:88:5A:35:3A:91:26:71:6B:EE:B1:26:DF:9C:CC:01:58
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/p9mzQ4haNTqRJnFr7rEm35zMAVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.32.0/22
92.51.40.0/22
Signature Algorithm: sha256WithRSAEncryption
96:2f:ad:6f:30:71:fc:6e:e7:c9:e6:68:24:aa:0a:f9:9a:23:
ac:6d:40:80:00:d7:2a:ef:a1:08:fb:ac:f8:41:2d:de:07:64:
67:4e:86:33:e5:1d:93:8c:05:dd:d1:c3:28:78:98:42:c3:0b:
f7:7b:38:97:df:a8:28:d5:75:cd:50:eb:49:ed:34:0b:a1:ad:
a3:6d:a0:05:7e:41:ba:9d:b3:f3:49:5e:88:5c:07:26:4e:fd:
4c:07:cc:bf:11:91:88:9e:f6:ce:80:64:c0:78:76:2e:a5:bf:
0f:ab:cd:72:e1:45:b9:33:dc:4c:64:46:d9:8e:be:56:a6:3b:
da:09:1c:3c:b6:7b:93:da:56:f8:46:37:c0:3d:49:79:80:2f:
3b:a7:3e:db:aa:e6:df:de:f9:fa:56:d2:e9:f6:aa:9b:23:d4:
8e:8c:77:ea:63:c8:f3:88:11:f6:72:13:0c:ac:de:3a:49:37:
2f:af:33:a9:d1:ca:46:cf:90:34:73:ec:1a:56:71:73:56:3d:
f5:e5:40:42:13:22:91:7f:cd:fa:78:93:71:f4:eb:32:9a:29:
05:df:1a:a2:66:41:28:cf:1a:e2:48:0c:5b:fa:f8:5b:d7:d3:
2a:e8:d8:ef:7c:6d:ad:53:93:8d:7c:b2:54:aa:44:ce:4e:74:
34:78:89:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI+syNEFSRMwZKUugD9nykbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjIwNzI3MDgwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Q5YjM0Mzg4NWEzNTNhOTEyNjcxNmJlZWIxMjZkZjljY2MwMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FPLmMS7C2X0FxlTfeEKPeuFxnTh
W0AWKScGzJxQl/hHKsu18GvR6n/pFl2zhFRjF4F0adDKTG08pPpKuYVg1S9Zfa6u
azbLsmZXkhLpcyJlHFBRdKYAmMY+qsTchw4dG2QxqdFqBHDhwuyq6oA/Qv/2ICx7
I2Ksoc/Xp5s0sxHPUslcyqDwCt8ll0IK/9OGgbgzFoIoNPtnJCKMpNLLSGYI3Cll
sBQhyFbBPuj+w0xnHnkcUt+gklQvhl6mGtbX6qnhJUj5ARbznUSJc9MVunZhPcEa
x5LxMswy8+E8+0JCP/T4Ta/OIafAuVDw44zdSPDmYprj/2ZiHiGf71ZcsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKfZs0OIWjU6kSZxa+6xJt+czAFYMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvcDltelE0aGFOVHFSSm5GcjdyRW0zNXpNQVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDMgAwQC
XDMoMA0GCSqGSIb3DQEBCwUAA4IBAQCWL61vMHH8bufJ5mgkqgr5miOsbUCAANcq
76EI+6z4QS3eB2RnToYz5R2TjAXd0cMoeJhCwwv3eziX36go1XXNUOtJ7TQLoa2j
baAFfkG6nbPzSV6IXAcmTv1MB8y/EZGInvbOgGTAeHYupb8Pq81y4UW5M9xMZEbZ
jr5WpjvaCRw8tnuT2lb4RjfAPUl5gC87pz7bqubf3vn6VtLp9qqbI9SOjHfqY8jz
iBH2chMMrN46STcvrzOp0cpGz5A0c+waVnFzVj315UBCEyKRf836eJNx9OsymikF
3xqiZkEozxriSAxb+vhb19Mq6NjvfG2tU5ONfLJUqkTOTnQ0eIn9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org