Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/mu9E1XprvF92BO6zkWhjh2VahP0.roa
File: mu9E1XprvF92BO6zkWhjh2VahP0.roa (raw, json)
Hash identifier: 6PT7f3ynsKJsRP9gawoHGOKH7Fv20kYnaBUWzAeuHHw=
Subject key identifier: 9A:EF:44:D5:7A:6B:BC:5F:76:04:EE:B3:91:68:63:87:65:5A:84:FD
Certificate issuer: /CN=1dd9a94679ec9ab33e65e069c9aa440db273e14e
Certificate serial: 09CC94DE
Authority key identifier: 1D:D9:A9:46:79:EC:9A:B3:3E:65:E0:69:C9:AA:44:0D:B2:73:E1:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdmpRnnsmrM-ZeBpyapEDbJz4U4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/mu9E1XprvF92BO6zkWhjh2VahP0.roa
Signing time: Sat 01 Jan 2022 10:56:49 +0000
ROA not before: Sat 01 Jan 2022 10:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209803
IP address blocks: 193.32.156.0/22 maxlen: 22
2a09:880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164402398 (0x9cc94de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dd9a94679ec9ab33e65e069c9aa440db273e14e
Validity
Not Before: Jan 1 10:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9aef44d57a6bbc5f7604eeb391686387655a84fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:10:51:93:f2:94:11:f5:44:a7:eb:6b:4f:8f:
f0:54:25:2e:dc:fc:e4:6d:a0:62:5d:65:96:65:79:
13:89:2f:35:94:41:e4:61:01:4f:fb:d0:0a:62:0e:
b6:53:6a:2d:65:6b:d7:40:0d:9c:95:a9:c5:bc:82:
37:2b:76:6d:64:a4:23:28:e9:4b:05:92:da:62:97:
98:55:87:79:e7:b8:0f:79:4a:fc:72:00:14:44:c3:
36:83:ac:41:d5:5c:95:ba:4b:91:74:91:25:64:e8:
8b:98:4e:f6:2c:e9:0a:d3:a2:05:20:50:ba:16:65:
a9:81:bd:33:ef:04:cc:a2:62:3e:03:89:9b:8d:a0:
0d:bb:3e:50:71:d7:f5:c5:70:13:bd:0a:ae:64:7e:
f7:0d:14:51:52:0e:e1:58:a0:35:ce:5b:73:ca:e4:
7d:fd:1c:85:51:a5:1b:f3:8b:98:ae:05:fa:f2:e1:
6e:3b:88:dc:1c:86:c0:db:80:c8:a6:98:f7:43:f6:
d2:6a:c8:9f:3d:cf:00:40:31:cb:16:c0:7c:43:0e:
91:19:1f:07:f1:33:79:c6:d9:78:ba:cc:c8:fc:7e:
b4:3b:8d:2e:73:52:60:48:8a:e2:55:e6:b0:e6:8c:
4f:85:0c:fe:db:89:81:29:15:19:53:df:f3:7c:11:
f4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EF:44:D5:7A:6B:BC:5F:76:04:EE:B3:91:68:63:87:65:5A:84:FD
X509v3 Authority Key Identifier:
keyid:1D:D9:A9:46:79:EC:9A:B3:3E:65:E0:69:C9:AA:44:0D:B2:73:E1:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdmpRnnsmrM-ZeBpyapEDbJz4U4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/mu9E1XprvF92BO6zkWhjh2VahP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/HdmpRnnsmrM-ZeBpyapEDbJz4U4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.156.0/22
IPv6:
2a09:880::/29
Signature Algorithm: sha256WithRSAEncryption
2d:e7:e7:75:8e:d3:1a:1b:95:3b:d1:59:3f:04:94:43:18:4f:
d0:77:fa:12:01:d0:83:f0:be:d2:c0:53:6c:f3:08:67:46:4e:
1b:17:32:43:d7:90:fb:71:ac:a3:07:a6:a8:22:e0:50:99:34:
e2:69:86:5f:f9:3e:05:06:e3:a5:6b:67:b0:a5:d2:81:8d:14:
29:a9:e1:23:5c:f0:05:8e:6e:13:1e:c0:83:c2:56:00:8c:15:
f6:85:fc:f5:09:36:e5:fb:87:97:d2:cd:a7:bb:1e:4f:cf:e8:
ee:17:38:58:7d:cf:a5:f2:08:4d:f2:f9:30:a1:a9:cb:bf:78:
92:f1:2f:d5:61:82:78:82:0b:bd:39:25:9b:9b:d9:75:eb:63:
74:c6:9a:cd:1e:04:f6:c0:cc:19:88:6e:88:21:08:88:e8:25:
42:58:75:c6:92:9a:56:05:32:8c:95:c4:d2:c9:cb:4a:4f:3a:
6e:ba:c0:66:fd:30:6d:cd:c8:6b:86:7d:a7:8e:7e:94:33:a6:
bd:0b:47:f8:ce:0d:bf:c9:4e:54:47:04:4f:e8:a9:c5:35:a4:
83:5a:fd:9d:b9:5c:ba:33:d5:d5:a7:df:99:47:88:70:45:8d:
aa:d6:2e:f8:9f:24:47:4a:64:19:b5:c4:40:7a:5c:c5:22:1d:
2a:71:6a:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECcyU3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGQ5YTk0Njc5ZWM5YWIzM2U2NWUwNjljOWFhNDQwZGIyNzNlMTRlMB4XDTIyMDEw
MTEwNTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFlZjQ0ZDU3YTZi
YmM1Zjc2MDRlZWIzOTE2ODYzODc2NTVhODRmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcQUZPylBH1RKfra0+P8FQlLtz85G2gYl1llmV5E4kvNZRB
5GEBT/vQCmIOtlNqLWVr10ANnJWpxbyCNyt2bWSkIyjpSwWS2mKXmFWHeee4D3lK
/HIAFETDNoOsQdVclbpLkXSRJWToi5hO9izpCtOiBSBQuhZlqYG9M+8EzKJiPgOJ
m42gDbs+UHHX9cVwE70KrmR+9w0UUVIO4VigNc5bc8rkff0chVGlG/OLmK4F+vLh
bjuI3ByGwNuAyKaY90P20mrInz3PAEAxyxbAfEMOkRkfB/EzecbZeLrMyPx+tDuN
LnNSYEiK4lXmsOaMT4UM/tuJgSkVGVPf83wR9MsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSa70TVemu8X3YE7rORaGOHZVqE/TAfBgNVHSMEGDAWgBQd2alGeeyasz5l
4GnJqkQNsnPhTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkbXBSbm5zbXJNLVplQnB5YXBFRGJKejRVNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvYTNiOWI5LTIxN2MtNDFjOS05NDc2LTI3ZGQwYWQyYWRmMy8x
L211OUUxWHBydkY5MkJPNnprV2hqaDJWYWhQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
YTNiOWI5LTIxN2MtNDFjOS05NDc2LTI3ZGQwYWQyYWRmMy8xL0hkbXBSbm5zbXJN
LVplQnB5YXBFRGJKejRVNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsEgnDANBAIAAjAHAwUDKgkIgDAN
BgkqhkiG9w0BAQsFAAOCAQEALefndY7TGhuVO9FZPwSUQxhP0Hf6EgHQg/C+0sBT
bPMIZ0ZOGxcyQ9eQ+3GsowemqCLgUJk04mmGX/k+BQbjpWtnsKXSgY0UKanhI1zw
BY5uEx7Ag8JWAIwV9oX89Qk25fuHl9LNp7seT8/o7hc4WH3PpfIITfL5MKGpy794
kvEv1WGCeIILvTklm5vZdetjdMaazR4E9sDMGYhuiCEIiOglQlh1xpKaVgUyjJXE
0snLSk86brrAZv0wbc3Ia4Z9p45+lDOmvQtH+M4Nv8lOVEcET+ipxTWkg1r9nblc
ujPV1affmUeIcEWNqtYu+J8kR0pkGbXEQHpcxSIdKnFq/Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:23 2023 by rpki-client on console-ams.rpki-client.org