Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/okGcG3XiZrSfTWqHLJbmbHKkYkQ.roa
File: okGcG3XiZrSfTWqHLJbmbHKkYkQ.roa (raw, json)
Hash identifier: aTi+T9nI/xvMIWokFTsiI8Sar/NDBorrhphi8W0OzPs=
Subject key identifier: A2:41:9C:1B:75:E2:66:B4:9F:4D:6A:87:2C:96:E6:6C:72:A4:62:44
Certificate issuer: /CN=be722a99732c9c3cbc20b0a47292a823782603ac
Certificate serial: 090386D7
Authority key identifier: BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/okGcG3XiZrSfTWqHLJbmbHKkYkQ.roa
Signing time: Sat 01 Jan 2022 08:56:29 +0000
ROA not before: Sat 01 Jan 2022 08:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12843
IP address blocks: 195.66.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151226071 (0x90386d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be722a99732c9c3cbc20b0a47292a823782603ac
Validity
Not Before: Jan 1 08:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2419c1b75e266b49f4d6a872c96e66c72a46244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b2:89:17:ec:76:02:d3:1b:16:d0:43:08:72:
9e:6e:1e:07:f7:b3:50:03:8f:6a:81:30:70:33:2c:
59:2c:d4:b5:42:f7:7d:dd:f8:9e:9e:0f:51:c6:28:
d8:ee:f4:94:95:ce:34:50:f6:18:bf:65:13:3e:48:
e7:55:37:c1:a6:40:cd:53:f0:77:e7:76:04:87:28:
72:6d:41:40:2c:1c:fb:89:72:19:cc:7c:2d:ed:b8:
0d:a7:97:e9:91:5d:34:e9:73:55:dc:6d:07:f4:3b:
20:b7:87:a3:ba:7a:bd:ac:c6:7b:03:d6:2e:33:66:
a8:17:35:c0:cd:e3:b9:11:c3:53:cd:17:67:a5:a8:
09:e8:d3:49:5e:a4:44:3e:4a:e4:8e:89:fe:b6:9b:
e4:1e:14:05:be:23:53:ad:01:ce:39:b3:36:28:d7:
8e:c6:8a:36:2c:81:da:bb:87:5c:15:7f:14:52:11:
ab:aa:75:dc:6c:de:dc:b5:33:5b:f0:c8:74:b1:8f:
dd:1a:a8:ba:24:30:ba:9a:e6:de:2e:83:9a:d1:41:
5d:85:ea:66:3d:6d:a8:33:62:82:d8:bb:ad:a9:36:
b5:f4:15:9b:2d:94:8d:b1:fd:cf:bf:7f:cd:dd:46:
ca:fb:e0:7c:91:d7:e0:46:39:b5:8c:3b:3e:16:51:
9a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:41:9C:1B:75:E2:66:B4:9F:4D:6A:87:2C:96:E6:6C:72:A4:62:44
X509v3 Authority Key Identifier:
keyid:BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/okGcG3XiZrSfTWqHLJbmbHKkYkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.74.0/24
Signature Algorithm: sha256WithRSAEncryption
91:01:af:64:e9:e8:f7:d5:8d:83:58:d4:53:d1:2a:4f:9e:cf:
05:11:94:6e:dd:53:4b:99:08:05:17:b0:14:2a:11:57:17:0b:
8b:4c:03:b8:f7:71:cc:d5:61:69:9f:2c:1a:04:26:80:0b:46:
58:fe:87:52:31:8a:ad:ed:b0:20:5c:07:eb:50:5c:60:63:f5:
7f:af:6c:a5:6b:a5:bf:37:0c:be:59:af:ca:b3:47:68:4f:4b:
30:e9:aa:ec:4a:a7:70:fd:ed:a7:25:26:1a:4b:0c:0f:5b:0d:
d5:2a:63:20:de:62:51:9b:4d:cf:11:5e:38:c6:7b:9b:0e:66:
3b:76:3e:1f:e8:d2:03:38:1f:13:e4:db:2a:f1:b2:e0:c3:3c:
09:00:53:dd:2e:4d:db:58:5c:cb:6a:21:b1:8c:fb:ec:f2:36:
64:bf:f7:99:64:47:b4:ce:f5:20:aa:22:9a:ed:c1:7e:19:aa:
2f:6e:62:f3:eb:6d:fb:f2:07:dc:64:f0:43:d0:d3:cc:7c:11:
0e:ad:53:ca:96:f4:f5:8a:ef:df:53:20:b1:c3:d0:9b:c5:e8:
74:f4:a5:b8:c4:ab:16:9a:ab:e0:b9:e6:bd:c4:98:7e:b6:4a:
7f:7d:0e:07:42:30:79:2d:c0:33:22:27:b7:b1:b1:f7:b6:bf:
9c:28:7b:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQOG1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTcyMmE5OTczMmM5YzNjYmMyMGIwYTQ3MjkyYTgyMzc4MjYwM2FjMB4XDTIyMDEw
MTA4NTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI0MTljMWI3NWUy
NjZiNDlmNGQ2YTg3MmM5NmU2NmM3MmE0NjI0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOyiRfsdgLTGxbQQwhynm4eB/ezUAOPaoEwcDMsWSzUtUL3
fd34np4PUcYo2O70lJXONFD2GL9lEz5I51U3waZAzVPwd+d2BIcocm1BQCwc+4ly
Gcx8Le24DaeX6ZFdNOlzVdxtB/Q7ILeHo7p6vazGewPWLjNmqBc1wM3juRHDU80X
Z6WoCejTSV6kRD5K5I6J/rab5B4UBb4jU60BzjmzNijXjsaKNiyB2ruHXBV/FFIR
q6p13Gze3LUzW/DIdLGP3RqouiQwuprm3i6DmtFBXYXqZj1tqDNigti7rak2tfQV
my2UjbH9z79/zd1GyvvgfJHX4EY5tYw7PhZRmnsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiQZwbdeJmtJ9NaocsluZscqRiRDAfBgNVHSMEGDAWgBS+ciqZcyycPLwg
sKRykqgjeCYDrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZuSXFtWE1zbkR5OElMQ2tjcEtvSTNnbUE2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvMDQxYjlmLTFhMDctNDJlNS1iNDg3LTI5Yjk3YTE4NzdmYi8x
L29rR2NHM1hpWnJTZlRXcUhMSmJtYkhLa1lrUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
MDQxYjlmLTFhMDctNDJlNS1iNDg3LTI5Yjk3YTE4NzdmYi8xL3ZuSXFtWE1zbkR5
OElMQ2tjcEtvSTNnbUE2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNCSjANBgkqhkiG9w0BAQsFAAOC
AQEAkQGvZOno99WNg1jUU9EqT57PBRGUbt1TS5kIBRewFCoRVxcLi0wDuPdxzNVh
aZ8sGgQmgAtGWP6HUjGKre2wIFwH61BcYGP1f69spWulvzcMvlmvyrNHaE9LMOmq
7EqncP3tpyUmGksMD1sN1SpjIN5iUZtNzxFeOMZ7mw5mO3Y+H+jSAzgfE+TbKvGy
4MM8CQBT3S5N21hcy2ohsYz77PI2ZL/3mWRHtM71IKoimu3BfhmqL25i8+tt+/IH
3GTwQ9DTzHwRDq1Typb09Yrv31MgscPQm8XodPSluMSrFpqr4LnmvcSYfrZKf30O
B0IweS3AMyInt7Gx97a/nCh7tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:12 2024 by rpki-client on console-fra.rpki-client.org