Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-bNxKdJlphpjnTjgjQ9quBGwlKQ.roa
File: 1-bNxKdJlphpjnTjgjQ9quBGwlKQ.roa (raw, json)
Hash identifier: 0HjXqA0JnJZxMI3glPj93ie9tkxsvUYSpykUCUgWbDk=
Subject key identifier: F9:B3:71:29:D2:65:A6:1A:63:9D:38:E0:8D:0F:6A:B8:11:B0:94:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42579F9C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-bNxKdJlphpjnTjgjQ9quBGwlKQ.roa
Signing time: Sat 01 Jan 2022 14:03:00 +0000
ROA not before: Sat 01 Jan 2022 14:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12381
IP address blocks: 192.121.121.0/24 maxlen: 24
192.121.86.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1113038748 (0x42579f9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9b37129d265a61a639d38e08d0f6ab811b094a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:99:b0:8e:fa:e5:12:33:74:07:f4:b8:7c:ee:
49:52:89:e1:d9:56:0f:d5:71:80:11:65:9c:8e:f7:
b7:b0:04:48:af:ea:0c:8e:b9:f7:40:35:fb:07:18:
9f:3f:89:d8:f1:e2:fc:5a:bf:5b:76:71:2b:a2:1d:
3d:e5:4f:83:6d:3e:2a:c1:70:94:35:ba:eb:b0:2e:
ee:01:79:73:ab:5f:15:f8:cc:e5:35:b1:60:f1:fb:
e2:36:0c:d8:e1:38:79:f6:ac:bf:2c:ab:cd:e9:82:
ae:05:5e:9d:84:dd:b8:a0:80:79:40:88:7b:e7:5e:
1f:ce:7e:b3:bb:68:95:e5:ea:82:14:e7:a7:25:82:
cf:38:da:3e:cd:ff:27:0f:73:90:79:04:66:56:2d:
cf:24:96:c4:28:db:0a:97:d6:67:fb:7c:c0:a6:84:
e2:2e:98:d3:19:15:20:9e:f9:4a:79:0f:85:de:7b:
d5:8e:33:ee:b1:6c:48:e2:8e:21:9e:78:61:51:24:
6c:08:47:6d:f3:84:56:88:f5:c6:4b:96:5a:e2:f3:
7a:e8:7f:ab:7f:71:d0:d0:f3:39:2f:f2:2a:00:01:
72:8f:f2:da:2f:8c:e2:6a:5d:79:c7:22:15:ea:da:
47:ad:52:91:72:a7:98:0f:ad:a6:12:e2:1f:79:35:
92:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B3:71:29:D2:65:A6:1A:63:9D:38:E0:8D:0F:6A:B8:11:B0:94:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-bNxKdJlphpjnTjgjQ9quBGwlKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.84.0/24
192.121.86.0/24
192.121.121.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b9:92:7e:95:56:25:4c:74:0e:5d:81:d0:7e:bb:37:3f:da:
bf:92:31:63:7e:0f:5b:f4:b0:6f:1f:9e:d9:18:e9:e2:71:20:
da:e3:8a:7e:1a:a3:36:28:1f:c9:4c:b1:f7:4f:1f:87:fc:f5:
24:8f:49:ab:fa:bf:55:83:71:fa:28:82:2d:f1:e3:82:1b:09:
e3:d4:cc:26:7d:9a:1f:59:cb:dd:29:68:ad:de:6e:6f:2b:76:
ef:71:4c:92:5a:85:de:5b:89:62:7f:ef:6d:5d:78:15:47:c3:
7c:0d:1e:06:0e:2c:78:ee:44:41:6a:5c:59:2c:4b:98:56:e6:
f2:5b:16:22:4f:82:e2:c6:0b:47:39:bf:a0:ac:93:f2:73:e3:
15:85:d2:81:17:3d:b1:cb:60:4d:49:94:6b:b4:0e:49:5f:b8:
11:ce:b3:37:af:51:89:d0:7b:37:93:73:be:c6:c9:06:a7:25:
f2:94:dd:ea:57:23:c9:e1:47:93:e3:e6:78:e0:ed:dd:85:e8:
b0:f9:9b:3a:85:7f:6e:0a:80:06:c7:66:e6:98:2f:21:54:90:
0f:c5:d6:e0:35:0c:07:43:8a:ac:a0:57:67:fc:76:1b:29:f9:
22:a4:66:89:db:12:f5:43:75:d8:65:dc:cc:e6:6e:c3:1c:35:
62:32:ca:e7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEQlefnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjliMzcxMjlkMjY1
YTYxYTYzOWQzOGUwOGQwZjZhYjgxMWIwOTRhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWZsI765RIzdAf0uHzuSVKJ4dlWD9VxgBFlnI73t7AESK/q
DI6590A1+wcYnz+J2PHi/Fq/W3ZxK6IdPeVPg20+KsFwlDW667Au7gF5c6tfFfjM
5TWxYPH74jYM2OE4efasvyyrzemCrgVenYTduKCAeUCIe+deH85+s7toleXqghTn
pyWCzzjaPs3/Jw9zkHkEZlYtzySWxCjbCpfWZ/t8wKaE4i6Y0xkVIJ75SnkPhd57
1Y4z7rFsSOKOIZ54YVEkbAhHbfOEVoj1xkuWWuLzeuh/q39x0NDzOS/yKgABco/y
2i+M4mpdecciFeraR61SkXKnmA+tphLiH3k1khECAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBT5s3Ep0mWmGmOdOOCND2q4EbCUpDAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
LzEtYk54S2RKbHBocGpuVGpnalE5cXVCR3dsS1Eucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q5
LzY4MGI3OC05NmFmLTRhODUtYWMwMi05NDNkMDMzMjEzMjYvMS9JVFhIOVhIdV9y
WjBCS3RzUmYxSFZWR3RyeHMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
KwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBADAR1QDBADAeVYDBADAeXkwDQYJ
KoZIhvcNAQELBQADggEBAH65kn6VViVMdA5dgdB+uzc/2r+SMWN+D1v0sG8fntkY
6eJxINrjin4aozYoH8lMsfdPH4f89SSPSav6v1WDcfoogi3x44IbCePUzCZ9mh9Z
y90paK3ebm8rdu9xTJJahd5biWJ/721deBVHw3wNHgYOLHjuREFqXFksS5hW5vJb
FiJPguLGC0c5v6Csk/Jz4xWF0oEXPbHLYE1JlGu0DklfuBHOszevUYnQezeTc77G
yQanJfKU3epXI8nhR5Pj5njg7d2F6LD5mzqFf24KgAbHZuaYLyFUkA/F1uA1DAdD
iqygV2f8dhsp+SKkZonbEvVDddhl3MzmbsMcNWIyyuc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org