Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/ejjYTB-iFwwfjTtMK_dmodKRw_c.roa
File: ejjYTB-iFwwfjTtMK_dmodKRw_c.roa (raw, json)
Hash identifier: gCyGXKV9BbM2e6rT0IUX6p6Yrvzf8KEywW8M3dZiiwY=
Subject key identifier: 7A:38:D8:4C:1F:A2:17:0C:1F:8D:3B:4C:2B:F7:66:A1:D2:91:C3:F7
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 0183335BB00D3978272FA24D7E035C5374F5
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/ejjYTB-iFwwfjTtMK_dmodKRw_c.roa
Signing time: Mon 12 Sep 2022 20:19:50 +0000
ROA not before: Mon 12 Sep 2022 20:19:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207990
IP address blocks: 171.22.248.0/23 maxlen: 24
194.116.248.0/22 maxlen: 24
193.42.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:33:5b:b0:0d:39:78:27:2f:a2:4d:7e:03:5c:53:74:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Sep 12 20:19:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a38d84c1fa2170c1f8d3b4c2bf766a1d291c3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ae:c4:2b:b9:a4:82:0c:f6:63:56:b0:ff:53:
54:de:40:71:f2:4f:2e:2e:8e:b4:7a:95:b5:e2:69:
1f:ab:c4:b0:a9:ae:0a:6e:49:ee:89:ab:d4:89:0c:
e3:f8:7a:c2:15:3e:d0:a5:67:88:d4:9f:2c:b7:57:
a0:dd:70:93:87:db:bb:5d:1a:d7:b0:7c:21:b4:0e:
29:53:de:d7:54:73:d0:65:19:f2:fd:2f:e2:b3:6a:
de:39:cc:30:e9:c6:6b:d8:d2:00:84:06:e9:26:87:
61:2b:e7:e8:7f:38:2a:01:7f:24:c7:5c:a4:d1:41:
a6:da:a4:c1:f9:f9:11:48:ec:ea:c2:74:4c:a7:c8:
86:66:22:6f:93:a3:4f:03:f8:bd:96:af:4b:96:b6:
4a:9c:5a:35:8b:ef:16:ac:10:34:f1:97:e3:d4:47:
24:1d:f3:64:77:df:18:a7:c9:33:c2:3a:29:25:6e:
20:8b:31:73:e6:00:1b:81:11:11:01:f7:33:32:f4:
b8:2d:12:da:d8:97:3b:29:8b:32:1f:4a:ca:b6:a3:
df:2e:b7:71:d8:81:11:b1:9c:e0:69:c1:cd:91:05:
76:68:0a:0b:0e:80:ca:9c:15:ea:a9:18:34:43:7e:
2c:82:40:86:e1:55:3b:0a:77:1d:97:e7:67:fc:41:
f3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:38:D8:4C:1F:A2:17:0C:1F:8D:3B:4C:2B:F7:66:A1:D2:91:C3:F7
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/ejjYTB-iFwwfjTtMK_dmodKRw_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.248.0/23
193.42.224.0/22
194.116.248.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:66:1b:e4:57:5d:c3:93:1f:f9:bd:c5:1c:b2:38:45:98:de:
7e:48:60:4d:97:11:57:93:f7:27:5a:63:4f:19:9f:9a:5e:ff:
6e:e2:ea:4b:8e:1f:d9:2e:7d:77:2b:50:e2:ee:b3:89:48:87:
ed:56:6f:7f:8d:cb:f4:64:68:4f:ba:97:a2:79:a4:f6:2b:b8:
1c:bd:a4:4b:97:cf:1b:8a:0a:a9:76:50:9f:2e:01:e5:9c:30:
97:08:86:78:8a:ac:83:0e:66:c4:60:70:8a:93:69:5b:c6:69:
e6:63:21:6d:91:7d:6b:69:07:82:95:20:50:6e:fe:ec:9b:1c:
00:99:77:83:07:2e:38:53:20:af:8c:cc:98:4d:cf:4d:38:10:
02:c9:1f:bb:82:a5:13:a6:20:86:29:7d:ef:ad:5b:c8:e6:c0:
6e:84:b6:57:3a:aa:68:fb:62:a3:d1:60:28:8e:35:89:53:7a:
3d:f8:d5:34:27:d6:78:c8:66:e6:3e:e8:78:11:b6:e9:e7:2c:
cb:10:26:72:d8:11:73:4a:c1:48:c7:24:fa:f8:f2:cd:1a:ac:
77:3a:ef:f6:eb:f5:d6:d1:00:65:a5:10:b9:44:e9:1d:38:d8:
c7:7f:14:4d:30:64:52:74:d5:23:f7:87:d8:f2:84:5e:f5:87:
ba:2d:41:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMzW7ANOXgnL6JNfgNcU3T1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjIwOTEyMjAxOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM4ZDg0YzFmYTIxNzBjMWY4ZDNiNGMyYmY3NjZhMWQyOTFjM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia7EK7mkggz2Y1aw/1NU3kBx8k8u
Lo60epW14mkfq8Swqa4KbknuiavUiQzj+HrCFT7QpWeI1J8st1eg3XCTh9u7XRrX
sHwhtA4pU97XVHPQZRny/S/is2reOcww6cZr2NIAhAbpJodhK+fofzgqAX8kx1yk
0UGm2qTB+fkRSOzqwnRMp8iGZiJvk6NPA/i9lq9LlrZKnFo1i+8WrBA08Zfj1Eck
HfNkd98Yp8kzwjopJW4gizFz5gAbgRERAfczMvS4LRLa2Jc7KYsyH0rKtqPfLrdx
2IERsZzgacHNkQV2aAoLDoDKnBXqqRg0Q34sgkCG4VU7Cncdl+dn/EHzzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHo42EwfohcMH407TCv3ZqHSkcP3MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvZWpqWVRCLWlGd3dmalR0TUtfZG1vZEtSd19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBqxb4AwQC
wSrgAwQCwnT4MA0GCSqGSIb3DQEBCwUAA4IBAQDKZhvkV13Dkx/5vcUcsjhFmN5+
SGBNlxFXk/cnWmNPGZ+aXv9u4upLjh/ZLn13K1Di7rOJSIftVm9/jcv0ZGhPupei
eaT2K7gcvaRLl88bigqpdlCfLgHlnDCXCIZ4iqyDDmbEYHCKk2lbxmnmYyFtkX1r
aQeClSBQbv7smxwAmXeDBy44UyCvjMyYTc9NOBACyR+7gqUTpiCGKX3vrVvI5sBu
hLZXOqpo+2Kj0WAojjWJU3o9+NU0J9Z4yGbmPuh4Ebbp5yzLECZy2BFzSsFIxyT6
+PLNGqx3Ou/26/XW0QBlpRC5ROkdONjHfxRNMGRSdNUj94fY8oRe9Ye6LUHP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:19 2023 by rpki-client on console-fra.rpki-client.org