Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/4HDZbrnKAc4zQcMqRlTDAJvrdJc.roa
File: 4HDZbrnKAc4zQcMqRlTDAJvrdJc.roa (raw, json)
Hash identifier: Xt5e5Rtkw2/iw2JG/f7EBtd+MTW3VI6vpaCZeNn865M=
Subject key identifier: E0:70:D9:6E:B9:CA:01:CE:33:41:C3:2A:46:54:C3:00:9B:EB:74:97
Certificate issuer: /CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Certificate serial: 0184754ABCD565D68A7ACDFC22500AB4974B
Authority key identifier: A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/4HDZbrnKAc4zQcMqRlTDAJvrdJc.roa
Signing time: Mon 14 Nov 2022 08:39:02 +0000
ROA not before: Mon 14 Nov 2022 08:39:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202373
IP address blocks: 194.34.159.0/24 maxlen: 24
194.34.156.0/22 maxlen: 22
194.34.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:4a:bc:d5:65:d6:8a:7a:cd:fc:22:50:0a:b4:97:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Validity
Not Before: Nov 14 08:39:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e070d96eb9ca01ce3341c32a4654c3009beb7497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9d:75:cd:4b:da:60:8d:1a:32:8a:96:ab:2b:
f1:73:cc:da:77:30:ac:0f:23:3d:21:f0:a2:dd:91:
e1:31:ea:80:a7:d8:e2:0c:56:c1:e5:7c:92:4d:e5:
0e:bb:8e:c3:23:10:1b:be:82:d6:d2:ec:d1:01:40:
56:22:1f:32:3c:8b:69:a3:1d:c8:ac:d0:74:01:2f:
f4:14:53:c5:e0:6e:0e:ad:98:29:2e:53:5f:d1:7a:
ee:cd:98:4a:bf:07:06:63:37:19:9b:03:89:f1:cf:
86:8d:02:ed:1b:e7:4e:54:e3:c4:25:64:a9:d0:ac:
fc:88:66:c1:f8:b9:25:06:7c:0e:27:9c:7e:f9:90:
d9:9b:f9:88:73:3f:ed:ef:1a:9f:5d:f2:fc:08:91:
d5:80:7d:d3:f6:e5:52:91:cf:b3:dc:bf:97:46:52:
0a:98:03:64:d9:8b:a9:22:76:ff:1c:2e:79:ba:17:
04:47:bd:83:9c:72:99:45:54:9c:47:7f:58:5f:8a:
49:d5:ce:21:2c:82:53:aa:ca:a1:52:1e:59:01:d0:
c5:79:25:87:1a:02:d9:c8:31:40:51:10:79:7c:d4:
f6:da:9d:11:71:e4:df:70:ab:82:30:c1:d3:10:3f:
cb:16:da:c7:e5:72:df:9e:21:8b:9b:3d:79:ef:38:
f5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:70:D9:6E:B9:CA:01:CE:33:41:C3:2A:46:54:C3:00:9B:EB:74:97
X509v3 Authority Key Identifier:
keyid:A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/4HDZbrnKAc4zQcMqRlTDAJvrdJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.156.0/22
Signature Algorithm: sha256WithRSAEncryption
00:8f:3e:3c:bd:c2:54:2d:7f:f2:3c:fc:6c:c9:f5:b2:27:c2:
ca:ce:55:be:49:59:08:71:53:cb:8c:b4:18:8c:8f:d1:33:70:
e6:d5:e8:6a:c9:2b:44:b2:74:a6:ba:fb:1d:77:c4:73:0a:d2:
b0:12:1f:d5:77:06:de:fb:ac:d9:9f:93:a5:21:72:f8:5a:bb:
93:72:0d:0a:02:9c:db:e8:05:fa:f9:10:1e:e9:10:40:52:97:
a4:7a:b6:d7:bb:28:55:67:d1:8f:f9:1d:ee:c9:db:c0:9e:c0:
22:4e:af:24:5a:77:31:0a:3e:09:23:5d:97:7d:99:6a:27:c7:
10:28:5b:a9:3d:fe:03:74:4a:6b:e2:a6:e6:74:61:62:fa:7a:
69:c3:53:4e:71:e1:54:b5:7e:8a:2d:55:4f:06:5f:99:e6:6a:
2c:39:95:ec:8e:7d:53:11:db:2a:80:33:31:eb:d2:83:0e:6a:
c4:9a:f2:6e:8b:41:e3:90:6c:a7:ed:2a:42:4d:6d:56:f3:e6:
d3:a9:c8:a1:4d:84:be:dd:db:8e:c9:d3:cf:ec:db:7c:43:cb:
0a:80:60:e1:e7:0e:b7:b4:66:30:52:76:7a:30:7d:b8:ff:a1:
9f:7c:63:10:3f:fb:8c:17:ec:8a:6d:cd:ed:22:e0:24:2c:dc:
9d:8d:7d:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR1SrzVZdaKes38IlAKtJdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWNhYTJhNzM2ODA2OThiMmM5ZTFhNmM5NjQxYTc0ZjNj
ZTc2ZTgwHhcNMjIxMTE0MDgzOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDcwZDk2ZWI5Y2EwMWNlMzM0MWMzMmE0NjU0YzMwMDliZWI3NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J11zUvaYI0aMoqWqyvxc8zadzCs
DyM9IfCi3ZHhMeqAp9jiDFbB5XySTeUOu47DIxAbvoLW0uzRAUBWIh8yPItpox3I
rNB0AS/0FFPF4G4OrZgpLlNf0XruzZhKvwcGYzcZmwOJ8c+GjQLtG+dOVOPEJWSp
0Kz8iGbB+LklBnwOJ5x++ZDZm/mIcz/t7xqfXfL8CJHVgH3T9uVSkc+z3L+XRlIK
mANk2YupInb/HC55uhcER72DnHKZRVScR39YX4pJ1c4hLIJTqsqhUh5ZAdDFeSWH
GgLZyDFAURB5fNT22p0RceTfcKuCMMHTED/LFtrH5XLfniGLmz157zj1hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBw2W65ygHOM0HDKkZUwwCb63SXMB8GA1UdIwQY
MBaAFKWcqipzaAaYssnhpslkGnTzznboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYt
YWU5MWFiMzQyYmUxLzEvNEhEWmJybktBYzR6UWNNcVJsVERBSnZyZEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYtYWU5MWFiMzQyYmUx
LzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiKcMA0G
CSqGSIb3DQEBCwUAA4IBAQAAjz48vcJULX/yPPxsyfWyJ8LKzlW+SVkIcVPLjLQY
jI/RM3Dm1ehqyStEsnSmuvsdd8RzCtKwEh/Vdwbe+6zZn5OlIXL4WruTcg0KApzb
6AX6+RAe6RBAUpekerbXuyhVZ9GP+R3uydvAnsAiTq8kWncxCj4JI12XfZlqJ8cQ
KFupPf4DdEpr4qbmdGFi+nppw1NOceFUtX6KLVVPBl+Z5mosOZXsjn1TEdsqgDMx
69KDDmrEmvJui0HjkGyn7SpCTW1W8+bTqcihTYS+3duOydPP7Nt8Q8sKgGDh5w63
tGYwUnZ6MH24/6GffGMQP/uMF+yKbc3tIuAkLNydjX2A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org