Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/1-gJiKPiVeTEgVollFU8dSLjkMq0.roa
File: 1-gJiKPiVeTEgVollFU8dSLjkMq0.roa (raw, json)
Hash identifier: vKgpSbe0ElgFfUkJtBOxWElnP9HesnoZxPgjuc7vWqA=
Subject key identifier: FA:02:62:28:F8:95:79:31:20:56:89:65:15:4F:1D:48:B8:E4:32:AD
Certificate issuer: /CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Certificate serial: 01847B106A9DE1C2D23A336024DC9B369D4C
Authority key identifier: 49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/1-gJiKPiVeTEgVollFU8dSLjkMq0.roa
Signing time: Tue 15 Nov 2022 11:33:04 +0000
ROA not before: Tue 15 Nov 2022 11:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47292
IP address blocks: 217.23.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:10:6a:9d:e1:c2:d2:3a:33:60:24:dc:9b:36:9d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Validity
Not Before: Nov 15 11:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa026228f895793120568965154f1d48b8e432ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:33:88:6b:24:7a:b0:ee:55:fb:82:3b:6d:ed:
99:f7:4e:59:69:4e:fc:62:ef:7a:85:a5:c1:a7:25:
be:13:f8:45:a6:a7:43:c9:a9:73:43:ea:3c:66:a0:
a4:e4:a9:8c:81:79:6c:78:69:dc:9c:86:0a:02:7e:
91:9a:28:a9:69:d9:c6:a0:03:b3:3e:d7:bf:ed:a6:
95:47:a5:f0:84:f8:d8:c9:02:6b:41:5c:34:8c:b5:
03:f7:f8:bf:a0:d3:4f:75:2e:6c:f2:da:d4:97:30:
b9:61:86:23:b7:9d:c0:07:94:bd:d5:f6:07:c4:66:
55:1f:5d:1f:d0:9d:f0:77:da:14:52:a4:9b:01:4d:
2f:88:a0:cb:86:df:20:e5:de:5c:c8:20:ca:38:fa:
a6:a4:1f:cf:b1:60:98:46:4d:e4:eb:3f:67:81:e5:
2d:4b:73:ae:82:80:9d:55:c5:a9:43:15:b5:f0:df:
bf:73:62:10:7c:ec:bf:fd:78:b8:66:67:25:1c:58:
dd:11:a9:9c:43:15:35:15:13:0d:a7:69:0f:85:04:
23:25:00:95:47:40:ca:43:2a:fc:70:95:13:64:6c:
44:63:99:ab:e6:8d:99:e1:c2:22:9c:ac:9f:6f:fb:
c9:e1:a1:c8:db:cd:00:0f:67:84:a0:dc:87:02:9d:
88:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:02:62:28:F8:95:79:31:20:56:89:65:15:4F:1D:48:B8:E4:32:AD
X509v3 Authority Key Identifier:
keyid:49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/1-gJiKPiVeTEgVollFU8dSLjkMq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.96.0/20
Signature Algorithm: sha256WithRSAEncryption
71:aa:52:81:02:9f:26:de:c4:b3:f8:b0:18:58:21:a2:25:b0:
49:18:ed:0b:85:e0:48:c0:c8:07:50:2c:75:5d:62:92:da:1a:
79:48:a2:39:90:4a:02:ed:d5:7d:d2:39:a3:d5:7d:69:13:87:
b2:31:2e:99:ad:f9:9c:8d:45:ce:71:21:9b:53:b6:1a:ae:dc:
5a:e9:95:f2:d0:fb:c9:6b:f3:fd:01:ec:09:be:72:4f:7a:13:
28:4c:37:47:e5:49:a5:7f:f7:fa:d6:2c:13:9b:c3:06:65:0a:
aa:80:46:d9:28:85:d4:97:7d:83:09:7f:ac:81:6d:96:db:66:
01:0c:e1:bd:7d:51:63:92:80:37:ef:8a:01:5d:69:85:79:b8:
e2:f6:56:c3:30:2b:1e:50:aa:02:10:8e:f4:6a:0e:8f:6b:3a:
a0:86:9e:b2:a7:71:b2:1a:62:df:5a:f8:87:8c:b0:2c:b4:e9:
05:0f:3a:c1:ca:e2:ce:50:40:ec:d8:ac:d5:f5:c2:86:8f:14:
4d:e2:0f:b5:14:86:a2:ad:ee:71:0b:94:c9:a5:81:61:b6:70:
dd:3d:86:7d:d0:57:22:b8:63:01:8a:e9:d8:62:be:0b:a9:4c:
20:cb:bc:80:21:3c:68:14:bc:61:28:40:40:72:6c:c3:e9:40:
76:95:89:87
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYR7EGqd4cLSOjNgJNybNp1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODRkMGNjNjcwM2JmOTQyYzZkYWM4OWRmZjFhN2JmNjYz
MmVhOGIwHhcNMjIxMTE1MTEzMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTAyNjIyOGY4OTU3OTMxMjA1Njg5NjUxNTRmMWQ0OGI4ZTQzMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjOIayR6sO5V+4I7be2Z905ZaU78
Yu96haXBpyW+E/hFpqdDyalzQ+o8ZqCk5KmMgXlseGncnIYKAn6RmiipadnGoAOz
Pte/7aaVR6XwhPjYyQJrQVw0jLUD9/i/oNNPdS5s8trUlzC5YYYjt53AB5S91fYH
xGZVH10f0J3wd9oUUqSbAU0viKDLht8g5d5cyCDKOPqmpB/PsWCYRk3k6z9ngeUt
S3OugoCdVcWpQxW18N+/c2IQfOy//Xi4ZmclHFjdEamcQxU1FRMNp2kPhQQjJQCV
R0DKQyr8cJUTZGxEY5mr5o2Z4cIinKyfb/vJ4aHI280AD2eEoNyHAp2IOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoCYij4lXkxIFaJZRVPHUi45DKtMB8GA1UdIwQY
MBaAFEmE0MxnA7+ULG2sid/xp79mMuqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjIt
MTQ3MGJjY2VlYjFiLzEvMS1nSmlLUGlWZVRFZ1ZvbGxGVThkU0xqa01xMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWUvYTU4MzExLWU2NzQtNDA1Yy05OGYyLTE0NzBiY2NlZWIx
Yi8xL1NZVFF6R2NEdjVRc2JheUozX0dudjJZeTZvcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNkXYDAN
BgkqhkiG9w0BAQsFAAOCAQEAcapSgQKfJt7Es/iwGFghoiWwSRjtC4XgSMDIB1As
dV1iktoaeUiiOZBKAu3VfdI5o9V9aROHsjEuma35nI1FznEhm1O2Gq7cWumV8tD7
yWvz/QHsCb5yT3oTKEw3R+VJpX/3+tYsE5vDBmUKqoBG2SiF1Jd9gwl/rIFtlttm
AQzhvX1RY5KAN++KAV1phXm44vZWwzArHlCqAhCO9GoOj2s6oIaesqdxshpi31r4
h4ywLLTpBQ86wcrizlBA7Nis1fXCho8UTeIPtRSGoq3ucQuUyaWBYbZw3T2GfdBX
IrhjAYrp2GK+C6lMIMu8gCE8aBS8YShAQHJsw+lAdpWJhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:53 2024 by rpki-client on console-fra.rpki-client.org