Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/h5IlTRJ3fatOdltMFG2STRE_bPY.roa
File: h5IlTRJ3fatOdltMFG2STRE_bPY.roa (raw, json)
Hash identifier: LA3Fmt1Newfpl9kwixliBLRgDhB4H1TqwlsH+gZz6C8=
Subject key identifier: 87:92:25:4D:12:77:7D:AB:4E:76:5B:4C:14:6D:92:4D:11:3F:6C:F6
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 03E9DA83
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/h5IlTRJ3fatOdltMFG2STRE_bPY.roa
Signing time: Sat 01 Jan 2022 03:56:00 +0000
ROA not before: Sat 01 Jan 2022 03:56:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212071
IP address blocks: 195.230.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65657475 (0x3e9da83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 03:56:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8792254d12777dab4e765b4c146d924d113f6cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:c8:11:27:5f:23:04:d4:b4:c2:3d:b4:53:
9c:07:a8:27:b0:cc:31:8f:46:af:80:e3:82:68:69:
51:73:5a:e1:8a:5c:68:ee:be:de:4f:0c:bc:b5:14:
a9:48:2a:a3:68:37:b9:9c:6a:53:54:4d:39:fb:1b:
30:9d:41:59:ec:1f:21:19:3c:88:9f:8e:d5:0d:4a:
33:16:fe:c2:00:49:16:e3:5c:37:cf:08:a3:18:46:
86:5e:be:c0:79:df:68:73:de:1e:85:03:7a:67:a1:
0c:40:e5:d9:01:40:e7:b4:6a:d0:1b:73:76:fd:88:
13:ea:67:ae:8d:da:e4:40:1f:fd:32:c7:2a:16:66:
e1:de:0d:ae:c9:e8:4f:34:41:cf:04:97:1d:cb:88:
a1:ac:09:7c:87:25:8e:57:d0:1b:61:c5:20:bf:1d:
a9:6a:2f:c2:c3:8d:08:cc:56:06:62:c9:e9:df:d4:
c9:4d:ed:8c:59:ce:22:4b:bf:7a:87:bc:f4:fb:a5:
12:cc:cb:05:da:a8:8e:dc:32:13:61:ef:e5:75:b0:
e8:af:29:88:d8:f4:aa:5e:97:d6:0f:80:8e:97:16:
89:56:ca:be:0f:bf:68:4c:56:b0:af:08:aa:e3:94:
c0:e3:69:4d:6a:81:92:b8:49:cf:76:9b:6f:0e:c3:
da:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:92:25:4D:12:77:7D:AB:4E:76:5B:4C:14:6D:92:4D:11:3F:6C:F6
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/h5IlTRJ3fatOdltMFG2STRE_bPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.143.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:bf:10:04:18:99:40:60:9d:47:fc:92:ed:47:80:2e:cb:a8:
d9:59:8e:0c:51:d8:cf:f3:20:da:a2:49:4f:5c:fa:82:35:95:
96:5e:f1:fb:52:38:6a:19:75:0c:4d:22:64:35:33:83:e9:53:
1d:da:0c:93:b8:74:82:94:4a:26:15:2d:e5:0a:f4:1e:5a:b6:
c2:b7:d3:e6:d2:da:af:b9:25:d7:5c:76:3f:2f:ec:84:dc:00:
9a:ef:e7:dd:87:3e:5a:ef:2c:f8:5b:b0:2e:ab:dc:0b:15:3f:
79:f2:30:fc:dc:a7:a7:e2:c5:36:e2:64:90:2a:e9:1a:71:c2:
aa:53:7d:e8:fa:8e:97:48:13:20:4a:fd:a2:6c:a6:88:3d:17:
3b:a9:d2:d2:6a:f4:60:22:68:8f:34:b4:65:66:23:28:3a:e8:
b0:9c:67:77:6a:dc:4e:70:07:d6:8b:a2:aa:e6:a8:27:74:9c:
ea:53:12:27:db:d8:e6:87:5b:ae:61:9e:a1:ff:b7:9e:06:64:
03:88:4e:9c:62:62:ec:2d:a1:63:32:02:ca:2d:b1:fc:4b:30:
04:79:eb:98:f0:d9:5c:37:3c:8a:ce:ae:45:1f:24:46:b2:b8:
e1:5c:c6:3e:24:c2:8a:26:58:f1:7c:1e:38:f8:33:1f:e2:fd:
37:62:73:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+nagzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Mzc4YTRhOWM1MjMyNWE4NTkyMDgwOWJhMWE0ZDg5ZTIxYzAyZjE3MB4XDTIyMDEw
MTAzNTYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc5MjI1NGQxMjc3
N2RhYjRlNzY1YjRjMTQ2ZDkyNGQxMTNmNmNmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyKyBEnXyME1LTCPbRTnAeoJ7DMMY9Gr4DjgmhpUXNa4Ypc
aO6+3k8MvLUUqUgqo2g3uZxqU1RNOfsbMJ1BWewfIRk8iJ+O1Q1KMxb+wgBJFuNc
N88IoxhGhl6+wHnfaHPeHoUDemehDEDl2QFA57Rq0Btzdv2IE+pnro3a5EAf/TLH
KhZm4d4NrsnoTzRBzwSXHcuIoawJfIcljlfQG2HFIL8dqWovwsONCMxWBmLJ6d/U
yU3tjFnOIku/eoe89PulEszLBdqojtwyE2Hv5XWw6K8piNj0ql6X1g+AjpcWiVbK
vg+/aExWsK8IquOUwONpTWqBkrhJz3abbw7D2jECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHkiVNEnd9q052W0wUbZJNET9s9jAfBgNVHSMEGDAWgBQjeKSpxSMlqFkg
gJuhpNieIcAvFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzaWtxY1VqSmFoWklJQ2JvYVRZbmlIQUx4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8x
L2g1SWxUUkozZmF0T2RsdE1GRzJTVFJFX2JQWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8xL0kzaWtxY1VqSmFo
WklJQ2JvYVRZbmlIQUx4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPmjzANBgkqhkiG9w0BAQsFAAOC
AQEAXb8QBBiZQGCdR/yS7UeALsuo2VmODFHYz/Mg2qJJT1z6gjWVll7x+1I4ahl1
DE0iZDUzg+lTHdoMk7h0gpRKJhUt5Qr0Hlq2wrfT5tLar7kl11x2Py/shNwAmu/n
3Yc+Wu8s+FuwLqvcCxU/efIw/Nynp+LFNuJkkCrpGnHCqlN96PqOl0gTIEr9omym
iD0XO6nS0mr0YCJojzS0ZWYjKDrosJxnd2rcTnAH1ouiquaoJ3Sc6lMSJ9vY5odb
rmGeof+3ngZkA4hOnGJi7C2hYzICyi2x/EswBHnrmPDZXDc8is6uRR8kRrK44VzG
PiTCiiZY8XweOPgzH+L9N2JzYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:12 2024 by rpki-client on console-ams.rpki-client.org