Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/7tpXoDpMrJ8oKqXlQn8VRRx8xEU.roa
File: 7tpXoDpMrJ8oKqXlQn8VRRx8xEU.roa (raw, json)
Hash identifier: 72shmGxSZezxVYxo3/6Xvho2UeS7an+m0VKtT9X7gW0=
Subject key identifier: EE:DA:57:A0:3A:4C:AC:9F:28:2A:A5:E5:42:7F:15:45:1C:7C:C4:45
Certificate issuer: /CN=8693dfee1768739eb5976c245b5ad005b3258ec6
Certificate serial: 0936CACE
Authority key identifier: 86:93:DF:EE:17:68:73:9E:B5:97:6C:24:5B:5A:D0:05:B3:25:8E:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpPf7hdoc561l2wkW1rQBbMljsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/7tpXoDpMrJ8oKqXlQn8VRRx8xEU.roa
Signing time: Sat 01 Jan 2022 07:03:27 +0000
ROA not before: Sat 01 Jan 2022 07:03:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209475
IP address blocks: 217.64.156.0/22 maxlen: 22
217.64.156.0/24 maxlen: 24
217.64.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154585806 (0x936cace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8693dfee1768739eb5976c245b5ad005b3258ec6
Validity
Not Before: Jan 1 07:03:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eeda57a03a4cac9f282aa5e5427f15451c7cc445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9f:1d:ea:36:58:7c:84:72:2e:d8:e6:c5:53:
f1:1a:c4:9a:d4:96:20:7d:34:f1:1a:5f:b7:3b:4c:
c1:de:75:da:5d:ea:ba:79:df:df:73:e0:97:41:1d:
25:ed:f2:fc:fa:92:7f:f2:00:96:1b:e2:40:d0:b8:
e3:4d:ba:3d:93:e9:ec:7a:02:31:95:a5:a8:ad:e9:
53:1e:7b:4d:9a:bb:b2:f3:5c:41:d4:e9:84:49:37:
4d:45:9d:d6:19:e3:cf:dd:ea:89:3c:a2:ea:ef:b5:
4c:08:ac:94:f0:8b:9f:66:b0:58:e8:52:16:ee:71:
7c:4b:7f:fd:73:00:93:69:4c:9e:1e:48:5c:06:d9:
10:46:a8:eb:c4:38:19:c9:35:f6:8d:67:25:c9:bf:
64:22:44:fa:c3:51:1a:4b:5b:f3:d9:44:b0:2e:a6:
43:bb:ab:bd:87:15:40:a4:00:6b:aa:33:21:79:10:
c9:89:f0:ab:60:f9:ac:e3:64:46:04:f9:b0:ce:35:
9c:a8:c9:5e:61:2a:eb:2f:7b:25:e9:f9:a3:32:e9:
58:25:b7:aa:fc:d0:f0:36:08:3f:03:e2:45:3b:00:
bd:e0:c9:af:f0:69:44:8b:51:62:16:8e:4c:6e:02:
1e:97:b4:0d:a1:a3:c3:18:b2:2e:93:84:01:91:84:
2c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DA:57:A0:3A:4C:AC:9F:28:2A:A5:E5:42:7F:15:45:1C:7C:C4:45
X509v3 Authority Key Identifier:
keyid:86:93:DF:EE:17:68:73:9E:B5:97:6C:24:5B:5A:D0:05:B3:25:8E:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpPf7hdoc561l2wkW1rQBbMljsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/7tpXoDpMrJ8oKqXlQn8VRRx8xEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/hpPf7hdoc561l2wkW1rQBbMljsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.64.156.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:fb:0e:ce:39:be:dc:49:b8:09:19:0d:f2:f4:41:21:62:fd:
28:2a:6b:a5:d5:d1:cb:2b:fa:6b:91:89:df:86:d5:dc:06:c7:
fa:16:a1:95:fe:39:0a:a9:37:b9:12:5c:04:1a:d9:89:c4:1a:
df:28:eb:de:c6:2a:f9:bd:c3:14:db:48:4c:e8:f0:21:6a:3d:
6a:3c:d5:68:7d:a6:03:96:45:13:97:62:a4:b5:3d:43:1f:c5:
95:05:7d:11:98:ad:59:80:67:3e:d6:db:8b:c6:42:3d:a8:e3:
60:8a:ba:c8:95:22:3c:a8:bc:0a:c9:94:00:2f:71:88:7b:af:
be:be:2f:a0:7f:c9:5b:21:64:bb:03:dd:d5:73:d5:7f:58:32:
35:9d:29:7a:c4:73:44:a0:f2:3f:65:c7:15:1a:f4:78:10:46:
89:fc:86:9d:83:b6:47:eb:cb:23:79:3e:22:06:42:7e:7c:19:
4f:7d:4d:88:a1:b3:73:45:33:e9:74:81:df:a3:31:52:96:79:
1e:f0:35:3d:27:c6:12:90:7d:2b:40:c6:ed:4c:8a:c0:f4:86:
b0:b3:85:75:b5:fb:6f:62:01:c7:dd:ac:39:20:03:4e:92:42:
12:95:29:3c:d3:96:52:3b:5a:f1:11:5b:3f:07:e7:de:ec:e8:
91:82:2b:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTbKzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjkzZGZlZTE3Njg3MzllYjU5NzZjMjQ1YjVhZDAwNWIzMjU4ZWM2MB4XDTIyMDEw
MTA3MDMyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWVkYTU3YTAzYTRj
YWM5ZjI4MmFhNWU1NDI3ZjE1NDUxYzdjYzQ0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqfHeo2WHyEci7Y5sVT8RrEmtSWIH008RpftztMwd512l3q
unnf33Pgl0EdJe3y/PqSf/IAlhviQNC44026PZPp7HoCMZWlqK3pUx57TZq7svNc
QdTphEk3TUWd1hnjz93qiTyi6u+1TAislPCLn2awWOhSFu5xfEt//XMAk2lMnh5I
XAbZEEao68Q4Gck19o1nJcm/ZCJE+sNRGktb89lEsC6mQ7urvYcVQKQAa6ozIXkQ
yYnwq2D5rONkRgT5sM41nKjJXmEq6y97Jen5ozLpWCW3qvzQ8DYIPwPiRTsAveDJ
r/BpRItRYhaOTG4CHpe0DaGjwxiyLpOEAZGELFECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTu2legOkysnygqpeVCfxVFHHzERTAfBgNVHSMEGDAWgBSGk9/uF2hznrWX
bCRbWtAFsyWOxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hwUGY3aGRvYzU2MWwyd2tXMXJRQmJNbGpzWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvZWIwNjNmLTRjM2MtNDk3MS1hZTUwLTY2NDgyMDcxYjgxOS8x
Lzd0cFhvRHBNcko4b0txWGxRbjhWUlJ4OHhFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
ZWIwNjNmLTRjM2MtNDk3MS1hZTUwLTY2NDgyMDcxYjgxOS8xL2hwUGY3aGRvYzU2
MWwyd2tXMXJRQmJNbGpzWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtlAnDANBgkqhkiG9w0BAQsFAAOC
AQEAK/sOzjm+3Em4CRkN8vRBIWL9KCprpdXRyyv6a5GJ34bV3AbH+hahlf45Cqk3
uRJcBBrZicQa3yjr3sYq+b3DFNtITOjwIWo9ajzVaH2mA5ZFE5dipLU9Qx/FlQV9
EZitWYBnPtbbi8ZCPajjYIq6yJUiPKi8CsmUAC9xiHuvvr4voH/JWyFkuwPd1XPV
f1gyNZ0pesRzRKDyP2XHFRr0eBBGifyGnYO2R+vLI3k+IgZCfnwZT31NiKGzc0Uz
6XSB36MxUpZ5HvA1PSfGEpB9K0DG7UyKwPSGsLOFdbX7b2IBx92sOSADTpJCEpUp
PNOWUjta8RFbPwfn3uzokYIr+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:07 2024 by rpki-client on console-fra.rpki-client.org