Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/1-R9oyF2We4CwxWTv4VcXIvJx2KI.roa
File: 1-R9oyF2We4CwxWTv4VcXIvJx2KI.roa (raw, json)
Hash identifier: ybFX4FwPU4sPvE8v5OI4TGvyVw5TjRHT3gYdVF6cUjw=
Subject key identifier: F9:1F:68:C8:5D:96:7B:80:B0:C5:64:EF:E1:57:17:22:F2:71:D8:A2
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 0184CDC2BB868DEAC459B4E05B6A0AF6B867
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/1-R9oyF2We4CwxWTv4VcXIvJx2KI.roa
Signing time: Thu 01 Dec 2022 12:56:42 +0000
ROA not before: Thu 01 Dec 2022 12:56:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 92.118.68.0/22 maxlen: 22
2a0d:4941::/32 maxlen: 32
2a0d:4943::/32 maxlen: 32
2a0d:4947::/32 maxlen: 32
2a0d:4940::/29 maxlen: 29
2a0d:4944::/32 maxlen: 32
2a0d:1dc0::/29 maxlen: 29
2a0f:4780::/29 maxlen: 29
2a0d:4946::/32 maxlen: 32
2a0d:4945::/32 maxlen: 32
2a0d:4942::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:c2:bb:86:8d:ea:c4:59:b4:e0:5b:6a:0a:f6:b8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Dec 1 12:56:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f91f68c85d967b80b0c564efe1571722f271d8a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9d:8b:1f:bc:11:77:af:81:33:e0:1c:0d:ec:
99:8c:dd:c6:64:f9:fb:ef:75:99:08:87:b6:15:d8:
cd:80:3f:f2:62:ef:34:4f:0c:92:97:d0:fe:d0:c6:
3d:ca:37:db:2c:d6:ff:1c:d9:e5:74:09:e1:90:34:
d4:9d:67:90:d1:b0:57:94:62:07:a8:d7:72:15:5f:
12:6a:38:c5:89:fa:10:34:c7:f0:77:d9:2f:68:5a:
29:88:74:5e:a8:1a:2c:ca:44:ae:48:ae:93:87:71:
46:c7:94:ff:eb:5b:e9:1c:91:86:64:6a:19:a1:37:
5f:31:0c:d4:fc:b9:60:d5:9f:60:cc:3d:8c:d7:e5:
07:f5:f4:5d:12:27:4a:e7:d5:9c:3b:cf:12:14:ca:
b4:36:ac:5c:45:ce:10:7d:93:ad:67:fc:32:bc:1e:
6a:90:b6:e9:1c:f6:ed:6d:a5:67:64:6d:a8:25:04:
47:3b:67:60:8b:4d:6a:c1:ff:dd:6e:ba:9e:60:03:
57:8f:19:dc:cc:d0:c3:42:06:06:c3:cc:23:40:6c:
1e:5b:4f:c9:11:30:e3:5b:a3:9f:b9:f2:68:ee:c7:
b9:49:fe:37:c3:67:22:a3:f9:da:a6:ff:8a:db:f6:
88:64:49:a2:75:33:79:0a:7b:45:34:f4:43:a2:7a:
f2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1F:68:C8:5D:96:7B:80:B0:C5:64:EF:E1:57:17:22:F2:71:D8:A2
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/1-R9oyF2We4CwxWTv4VcXIvJx2KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.68.0/22
IPv6:
2a0d:1dc0::/29
2a0d:4940::/29
2a0f:4780::/29
Signature Algorithm: sha256WithRSAEncryption
96:f1:f9:01:00:50:57:7d:9f:5f:10:7e:1f:14:f2:fa:78:99:
4e:fe:d5:56:00:7e:fe:9f:05:59:da:99:7e:26:ac:0e:e6:8f:
83:0b:9f:00:f3:f8:05:5a:2f:c7:a0:ce:23:71:c4:ee:85:37:
ab:ad:54:16:4a:c0:53:76:b4:d7:c4:4c:af:24:bc:0e:d8:80:
dd:d3:d8:51:fd:07:cf:e5:d1:9f:3b:cf:40:9f:98:bd:2d:cb:
86:b3:c7:51:19:cb:b2:f8:59:64:e7:1a:55:14:fa:28:ef:f8:
f4:3c:a6:d2:7c:51:31:60:ee:c8:3f:e9:45:b1:e5:03:f3:a2:
44:24:63:24:d2:46:68:fa:62:2f:4e:7a:e9:d8:1f:7a:80:90:
19:d3:61:28:2a:72:67:b2:25:f2:a8:a0:84:59:c5:06:65:e6:
54:60:c1:56:6c:3c:1b:22:fb:7e:a1:a4:02:9e:65:08:81:86:
27:37:b5:21:ab:e6:7c:88:7c:53:11:6f:c1:6e:4a:38:42:d0:
f4:ed:fb:09:f6:5d:e7:1c:6a:83:14:a7:ac:f6:cf:6f:c0:b7:
f4:a6:21:5a:ef:71:79:60:b5:39:fb:df:a2:48:b3:19:1c:58:
97:18:be:1a:dc:7c:89:cc:58:f4:44:62:f5:cd:51:a8:04:ec:
e7:c7:96:12
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTNwruGjerEWbTgW2oK9rhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjIxMjAxMTI1NjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFmNjhjODVkOTY3YjgwYjBjNTY0ZWZlMTU3MTcyMmYyNzFkOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp2LH7wRd6+BM+AcDeyZjN3GZPn7
73WZCIe2FdjNgD/yYu80TwySl9D+0MY9yjfbLNb/HNnldAnhkDTUnWeQ0bBXlGIH
qNdyFV8SajjFifoQNMfwd9kvaFopiHReqBosykSuSK6Th3FGx5T/61vpHJGGZGoZ
oTdfMQzU/Llg1Z9gzD2M1+UH9fRdEidK59WcO88SFMq0NqxcRc4QfZOtZ/wyvB5q
kLbpHPbtbaVnZG2oJQRHO2dgi01qwf/dbrqeYANXjxnczNDDQgYGw8wjQGweW0/J
ETDjW6OfufJo7se5Sf43w2cio/napv+K2/aIZEmidTN5CntFNPRDonryyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPkfaMhdlnuAsMVk7+FXFyLycdiiMB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvMS1SOW95RjJXZTRDd3hXVHY0VmNYSXZKeDJLSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvMGQ4YmU4LWI0YjQtNDM2ZS04NmUyLWJhNGM1NmQ4YzBj
ZS8xLzRibWp6ZzlaT1JDQm5ESng0ZWpRdlJOeHByNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA8BggrBgEFBQcBBwEB/wQtMCswDAQCAAEwBgMEAlx2RDAb
BAIAAjAVAwUDKg0dwAMFAyoNSUADBQMqD0eAMA0GCSqGSIb3DQEBCwUAA4IBAQCW
8fkBAFBXfZ9fEH4fFPL6eJlO/tVWAH7+nwVZ2pl+JqwO5o+DC58A8/gFWi/HoM4j
ccTuhTerrVQWSsBTdrTXxEyvJLwO2IDd09hR/QfP5dGfO89An5i9LcuGs8dRGcuy
+Flk5xpVFPoo7/j0PKbSfFExYO7IP+lFseUD86JEJGMk0kZo+mIvTnrp2B96gJAZ
02EoKnJnsiXyqKCEWcUGZeZUYMFWbDwbIvt+oaQCnmUIgYYnN7Uhq+Z8iHxTEW/B
bko4QtD07fsJ9l3nHGqDFKes9s9vwLf0piFa73F5YLU5+9+iSLMZHFiXGL4a3HyJ
zFj0RGL1zVGoBOznx5YS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:15 2024 by rpki-client on console-ams.rpki-client.org