Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/CmXfhfS0zQZ5Whfa0oWYqdI63KU.roa
File: CmXfhfS0zQZ5Whfa0oWYqdI63KU.roa (raw, json)
Hash identifier: D9FNeTQdzUKmPxk1qRQAgeaNzbV5r6T498lcOJJNSsA=
Subject key identifier: 0A:65:DF:85:F4:B4:CD:06:79:5A:17:DA:D2:85:98:A9:D2:3A:DC:A5
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 36962904
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/CmXfhfS0zQZ5Whfa0oWYqdI63KU.roa
Signing time: Sat 01 Jan 2022 01:01:07 +0000
ROA not before: Sat 01 Jan 2022 01:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43123
IP address blocks: 195.219.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 915810564 (0x36962904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 1 01:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a65df85f4b4cd06795a17dad28598a9d23adca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:2a:8d:94:cd:0b:39:7c:da:ef:6d:7d:60:
c5:b9:24:d7:88:cf:22:38:b1:e7:e0:b2:f1:ce:b2:
57:b4:3a:0a:3b:28:45:33:e9:1a:f5:ce:1a:04:7d:
56:1b:a8:5f:95:bf:b7:3c:2c:3d:3a:ba:d4:30:5c:
a3:7c:e0:a1:ad:ed:44:86:00:3a:e6:c0:1d:19:c8:
79:f6:fd:01:b8:10:dd:ba:ac:a1:11:1a:f1:79:5a:
3e:1c:58:c8:ba:4e:c3:8b:b5:8c:f3:7a:92:6a:d4:
08:70:1c:12:ff:b8:09:48:48:5b:d4:bb:02:78:d1:
53:36:cb:7a:cd:3e:f0:51:f4:f3:9a:0b:47:56:50:
bc:58:c6:a8:5d:78:a9:e0:0d:05:f2:ee:5d:25:2e:
af:7e:00:c4:da:aa:a8:4e:ea:29:c6:6a:0b:6a:7b:
95:b5:1e:07:79:47:8a:05:e0:ae:b6:a5:5f:2d:3c:
3d:95:2c:bf:5f:c3:fd:2b:6b:64:5d:7e:aa:65:11:
b6:47:2e:df:dd:bd:ee:d7:68:f0:76:a1:a3:b5:a3:
64:c7:a8:44:71:77:b3:67:a6:aa:97:3e:8d:2c:f3:
d8:08:c8:8c:14:06:62:91:19:db:ef:f1:66:3d:9d:
24:d6:00:3e:b8:79:43:0e:9f:48:87:17:c4:5c:8d:
97:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:65:DF:85:F4:B4:CD:06:79:5A:17:DA:D2:85:98:A9:D2:3A:DC:A5
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/CmXfhfS0zQZ5Whfa0oWYqdI63KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.219.39.0/24
Signature Algorithm: sha256WithRSAEncryption
af:f0:6c:5f:c9:b6:a8:2a:fd:1b:9b:d0:7c:e8:37:f3:25:6a:
c9:ba:12:33:49:a1:64:9f:2f:e0:ad:c3:11:64:74:2e:f8:85:
89:0d:db:6b:07:99:0a:0d:1c:ec:b8:fa:d5:8a:03:8e:82:8b:
0e:ab:20:f4:92:b9:9b:cd:09:49:c2:fa:cc:e3:e2:68:53:85:
b5:9b:61:8f:fe:19:65:39:2c:2a:f7:6b:a2:5a:4f:77:6b:81:
24:3a:ec:9a:0d:11:f6:49:5d:f4:f0:49:6c:ef:50:05:b6:ce:
86:a6:94:03:89:07:96:8a:bf:b6:19:25:1d:73:e3:df:1b:92:
a2:3d:ed:3c:d6:47:53:9a:45:a2:d8:fa:21:33:58:77:56:d5:
ee:4d:d2:3e:13:2d:06:a4:41:b3:88:db:da:47:82:3c:10:35:
70:a8:fe:1a:80:17:60:75:84:47:46:8b:a0:a8:f9:b9:8f:bf:
0e:48:dc:e5:55:10:8a:22:0a:7d:49:45:b6:ab:dc:53:67:75:
fb:d1:8d:93:06:52:c3:3f:f4:42:1d:9e:17:ba:3b:1b:8f:66:
fb:83:4d:92:f3:85:ec:d3:08:15:71:02:7c:d0:29:be:29:16:
c7:6c:13:da:3c:26:d7:0f:f3:e4:d5:e2:88:2a:40:4e:f6:b0:
07:1f:fc:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENpYpBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGQxYjI1ODc0OTBhZDA2MWNiMjA3MTc2YmRlZWM4MWE1MzE1ODhjMB4XDTIyMDEw
MTAxMDEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE2NWRmODVmNGI0
Y2QwNjc5NWExN2RhZDI4NTk4YTlkMjNhZGNhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG6Ko2UzQs5fNrvbX1gxbkk14jPIjix5+Cy8c6yV7Q6Cjso
RTPpGvXOGgR9VhuoX5W/tzwsPTq61DBco3zgoa3tRIYAOubAHRnIefb9AbgQ3bqs
oREa8XlaPhxYyLpOw4u1jPN6kmrUCHAcEv+4CUhIW9S7AnjRUzbLes0+8FH085oL
R1ZQvFjGqF14qeANBfLuXSUur34AxNqqqE7qKcZqC2p7lbUeB3lHigXgrralXy08
PZUsv1/D/StrZF1+qmURtkcu39297tdo8Haho7WjZMeoRHF3s2emqpc+jSzz2AjI
jBQGYpEZ2+/xZj2dJNYAPrh5Qw6fSIcXxFyNl7ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKZd+F9LTNBnlaF9rShZip0jrcpTAfBgNVHSMEGDAWgBRN0bJYdJCtBhyy
Bxdr3uyBpTFYjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RkR3lXSFNRclFZY3NnY1hhOTdzZ2FVeFdJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMDFkMmFmLTFmMjEtNGI4MC1iNjY1LWRiNDYzYzVmYjBiNC8x
L0NtWGZoZlMwelFaNVdoZmEwb1dZcWRJNjNLVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MDFkMmFmLTFmMjEtNGI4MC1iNjY1LWRiNDYzYzVmYjBiNC8xL1RkR3lXSFNRclFZ
Y3NnY1hhOTdzZ2FVeFdJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPbJzANBgkqhkiG9w0BAQsFAAOC
AQEAr/BsX8m2qCr9G5vQfOg38yVqyboSM0mhZJ8v4K3DEWR0LviFiQ3baweZCg0c
7Lj61YoDjoKLDqsg9JK5m80JScL6zOPiaFOFtZthj/4ZZTksKvdrolpPd2uBJDrs
mg0R9kld9PBJbO9QBbbOhqaUA4kHloq/thklHXPj3xuSoj3tPNZHU5pFotj6ITNY
d1bV7k3SPhMtBqRBs4jb2keCPBA1cKj+GoAXYHWER0aLoKj5uY+/Dkjc5VUQiiIK
fUlFtqvcU2d1+9GNkwZSwz/0Qh2eF7o7G49m+4NNkvOF7NMIFXECfNApvikWx2wT
2jwm1w/z5NXiiCpATvawBx/8Dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:30 2024 by rpki-client on console-fra.rpki-client.org