Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/psgKVjchW1d3ffcukMYvs-IcMD0.roa
File: psgKVjchW1d3ffcukMYvs-IcMD0.roa (raw, json)
Hash identifier: /kxQ1JNDUEiiNWHbNmah6LX2OZ2PbpDpygDa6xv+Qcw=
Subject key identifier: A6:C8:0A:56:37:21:5B:57:77:7D:F7:2E:90:C6:2F:B3:E2:1C:30:3D
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 2AF9C9BD
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/psgKVjchW1d3ffcukMYvs-IcMD0.roa
Signing time: Sat 01 Jan 2022 13:57:57 +0000
ROA not before: Sat 01 Jan 2022 13:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197887
IP address blocks: 85.31.250.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 721013181 (0x2af9c9bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 13:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6c80a5637215b57777df72e90c62fb3e21c303d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:88:1a:45:9b:69:95:7e:6c:3c:e3:1e:cf:05:
b3:64:24:f3:c6:69:9e:db:21:35:b7:44:1a:9a:ec:
6a:1b:92:11:27:02:ff:24:54:d6:eb:93:0c:db:ac:
6d:82:4d:28:41:2f:f0:fe:33:6c:c8:18:35:bd:c8:
c8:90:f6:eb:06:df:94:d1:4d:d1:50:7e:e9:21:eb:
df:a9:ce:2e:17:12:ef:c7:3c:de:e2:af:45:88:10:
1a:96:5c:f7:e5:0d:82:b7:50:81:16:3d:1f:77:8b:
e1:68:96:1f:27:a4:2f:29:46:c6:ad:a5:01:d6:fa:
6b:c7:25:eb:7a:92:02:ea:51:fa:79:ec:74:24:d5:
98:f8:02:a8:72:69:66:26:7e:ba:8e:8e:a7:c6:c6:
96:c1:9e:1b:95:0e:08:37:c7:9a:18:c2:05:df:00:
dd:b2:c1:37:22:4c:d4:43:0e:04:0b:d8:7d:63:29:
62:c1:0c:f0:00:d7:b4:8c:df:06:11:58:01:7d:57:
3a:28:35:14:3b:62:3e:47:ce:00:ad:d9:cc:99:6c:
59:5f:30:f8:45:b9:58:59:6b:e4:66:31:1d:71:5f:
ac:7a:09:6b:72:eb:7c:33:b3:5b:96:d2:06:24:ec:
15:6e:20:ad:a7:9b:b4:86:e1:be:b5:85:96:fa:75:
4e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C8:0A:56:37:21:5B:57:77:7D:F7:2E:90:C6:2F:B3:E2:1C:30:3D
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/psgKVjchW1d3ffcukMYvs-IcMD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.250.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:a0:ab:6a:ca:af:8c:1e:8d:26:8d:69:5c:80:18:5c:58:14:
c9:67:18:f9:62:d6:9f:04:e6:64:0e:f8:34:4a:3c:72:a7:99:
33:41:23:27:e8:fb:b5:69:86:5d:e3:46:51:71:58:84:ba:d1:
40:48:c8:04:85:a6:7d:a2:31:42:d9:c4:8d:5d:d9:27:b5:38:
87:fc:d4:64:5e:2f:63:45:7f:16:f7:88:3a:5f:17:10:3d:23:
2d:0b:af:11:b2:24:63:c9:ab:6d:55:53:ef:a2:0b:e3:6a:d3:
be:0a:97:0b:e5:09:ec:28:31:e3:9a:c5:16:2e:bc:f6:5d:49:
28:08:98:c8:fc:b6:03:53:d5:41:7d:1a:d2:1e:76:b9:a4:b2:
2c:00:90:a7:79:49:ca:26:b8:cb:17:62:a9:e8:c1:3f:6c:0d:
99:72:37:e5:00:b5:93:e1:81:3e:f2:3a:b1:7e:b7:3f:8b:e8:
0f:c6:03:0f:e8:15:47:47:e3:eb:30:ef:a2:f8:4e:d2:76:ff:
52:20:7a:a9:cd:3c:a2:9e:b4:43:ab:f6:16:2c:af:1d:f2:3b:
d8:01:ca:dc:51:48:90:61:1a:00:26:e4:72:ec:e7:d3:24:87:
31:07:10:bd:f8:aa:4c:b0:f7:65:f4:51:c1:87:bd:92:6b:a8:
f5:3a:a1:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKvnJvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZjODBhNTYzNzIx
NWI1Nzc3N2RmNzJlOTBjNjJmYjNlMjFjMzAzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmIGkWbaZV+bDzjHs8Fs2Qk88ZpntshNbdEGprsahuSEScC
/yRU1uuTDNusbYJNKEEv8P4zbMgYNb3IyJD26wbflNFN0VB+6SHr36nOLhcS78c8
3uKvRYgQGpZc9+UNgrdQgRY9H3eL4WiWHyekLylGxq2lAdb6a8cl63qSAupR+nns
dCTVmPgCqHJpZiZ+uo6Op8bGlsGeG5UOCDfHmhjCBd8A3bLBNyJM1EMOBAvYfWMp
YsEM8ADXtIzfBhFYAX1XOig1FDtiPkfOAK3ZzJlsWV8w+EW5WFlr5GYxHXFfrHoJ
a3LrfDOzW5bSBiTsFW4graebtIbhvrWFlvp1Tk0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmyApWNyFbV3d99y6Qxi+z4hwwPTAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L3BzZ0tWamNoVzFkM2ZmY3VrTVl2cy1JY01EMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVUf+jANBgkqhkiG9w0BAQsFAAOC
AQEAS6CrasqvjB6NJo1pXIAYXFgUyWcY+WLWnwTmZA74NEo8cqeZM0EjJ+j7tWmG
XeNGUXFYhLrRQEjIBIWmfaIxQtnEjV3ZJ7U4h/zUZF4vY0V/FveIOl8XED0jLQuv
EbIkY8mrbVVT76IL42rTvgqXC+UJ7Cgx45rFFi689l1JKAiYyPy2A1PVQX0a0h52
uaSyLACQp3lJyia4yxdiqejBP2wNmXI35QC1k+GBPvI6sX63P4voD8YDD+gVR0fj
6zDvovhO0nb/UiB6qc08op60Q6v2FiyvHfI72AHK3FFIkGEaACbkcuzn0ySHMQcQ
vfiqTLD3ZfRRwYe9kmuo9TqhUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org