Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/92be6a-92c5-4537-ac32-139536952896/1/pM-hdNadJuXlYc43r1eBWfjUkzc.roa
File: pM-hdNadJuXlYc43r1eBWfjUkzc.roa (raw, json)
Hash identifier: JQ9sczKNCpCsL7rV0ItwRtZyb+MnZ1dOfqEpTZv/tzM=
Subject key identifier: A4:CF:A1:74:D6:9D:26:E5:E5:61:CE:37:AF:57:81:59:F8:D4:93:37
Certificate issuer: /CN=4c3f428fd9834cd5ec9bb160f8b6dcf446ef5d93
Certificate serial: 015B9F8B
Authority key identifier: 4C:3F:42:8F:D9:83:4C:D5:EC:9B:B1:60:F8:B6:DC:F4:46:EF:5D:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TD9Cj9mDTNXsm7Fg-Lbc9EbvXZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/92be6a-92c5-4537-ac32-139536952896/1/pM-hdNadJuXlYc43r1eBWfjUkzc.roa
Signing time: Sat 01 Jan 2022 11:02:29 +0000
ROA not before: Sat 01 Jan 2022 11:02:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31711
IP address blocks: 193.28.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22781835 (0x15b9f8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3f428fd9834cd5ec9bb160f8b6dcf446ef5d93
Validity
Not Before: Jan 1 11:02:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4cfa174d69d26e5e561ce37af578159f8d49337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:46:d8:4a:e7:1c:7f:1f:cc:0c:f3:40:24:
66:14:fa:8c:59:67:4f:ed:ce:89:de:ba:69:4d:c1:
0a:66:2d:32:c0:88:9d:57:87:cd:6e:c9:f3:2d:c6:
98:47:36:7e:9c:f8:ae:71:71:e5:74:a8:67:61:fc:
23:f1:0d:a9:0b:1b:c0:ad:83:64:e7:bc:ac:63:2d:
96:0c:51:7b:1c:d3:f3:97:b2:b1:02:9e:95:02:70:
82:20:60:4c:6f:bd:e3:8a:3b:a0:bb:c7:a7:7a:a8:
7e:4d:9e:ae:6f:8b:61:ce:26:74:b2:47:92:f6:86:
f0:b8:da:77:16:ea:25:b7:b4:41:2a:fa:34:fc:57:
27:52:50:80:b7:86:f7:5d:c9:c1:73:f6:19:0c:30:
3c:80:1a:c4:37:fb:60:7a:87:7f:e5:8f:36:dd:0d:
2d:35:06:e0:e2:8d:4c:5f:03:50:0d:8d:c0:a2:e2:
00:91:68:a0:53:f3:c5:54:88:36:cd:18:77:b6:df:
77:33:11:bc:90:1b:94:a8:50:43:20:18:96:ff:9d:
a8:89:fb:70:96:ef:5d:42:11:76:48:82:87:49:2e:
6b:03:c6:71:83:f8:e4:00:2e:e3:ac:fc:1b:e5:95:
70:04:86:53:16:d2:b6:1d:bc:43:07:d7:57:66:fa:
d8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CF:A1:74:D6:9D:26:E5:E5:61:CE:37:AF:57:81:59:F8:D4:93:37
X509v3 Authority Key Identifier:
keyid:4C:3F:42:8F:D9:83:4C:D5:EC:9B:B1:60:F8:B6:DC:F4:46:EF:5D:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TD9Cj9mDTNXsm7Fg-Lbc9EbvXZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/92be6a-92c5-4537-ac32-139536952896/1/pM-hdNadJuXlYc43r1eBWfjUkzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/92be6a-92c5-4537-ac32-139536952896/1/TD9Cj9mDTNXsm7Fg-Lbc9EbvXZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.146.0/24
Signature Algorithm: sha256WithRSAEncryption
69:4b:20:32:9e:f0:b4:3e:eb:48:12:97:2a:9b:1c:42:5d:bc:
ac:8d:47:e9:a4:7e:87:a0:97:36:c8:1b:e0:38:5c:aa:37:8f:
9e:d4:93:82:78:08:31:f4:12:18:d1:8a:ca:a6:9e:04:8d:90:
d1:b9:60:42:45:39:d7:f6:ae:50:33:48:42:93:29:97:04:79:
89:6a:61:6f:5f:9a:3e:00:f0:73:4d:84:91:1b:9f:e8:ac:73:
c4:91:6f:cb:cd:d3:10:84:ca:a8:58:2c:7c:fa:84:65:32:80:
12:57:09:53:fe:63:24:a0:e9:6c:fe:3a:77:98:20:f0:7d:e4:
da:df:a1:b3:0c:a9:e0:32:81:ce:65:f3:ae:18:df:1d:d0:a7:
bd:00:37:ab:5a:7a:5a:89:63:9a:d0:53:91:0c:cf:24:1c:f2:
5d:78:34:62:2b:ea:82:a9:78:fa:ca:4d:ab:f0:04:88:69:b9:
1b:d6:b3:f1:58:83:87:f6:e2:29:75:3d:4a:18:72:fe:73:90:
7e:45:5e:0a:21:9a:74:ec:5e:ce:03:d2:4d:30:f0:d8:c1:f4:
2a:88:c9:3a:74:b5:4e:91:e1:07:13:b6:b8:4f:a2:e7:e1:30:
9f:f9:1a:82:d8:8c:63:d9:73:e7:78:37:e6:55:63:06:24:d5:
db:f9:ba:95
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVufizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzNmNDI4ZmQ5ODM0Y2Q1ZWM5YmIxNjBmOGI2ZGNmNDQ2ZWY1ZDkzMB4XDTIyMDEw
MTExMDIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRjZmExNzRkNjlk
MjZlNWU1NjFjZTM3YWY1NzgxNTlmOGQ0OTMzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKa0RthK5xx/H8wM80AkZhT6jFlnT+3Oid66aU3BCmYtMsCI
nVeHzW7J8y3GmEc2fpz4rnFx5XSoZ2H8I/ENqQsbwK2DZOe8rGMtlgxRexzT85ey
sQKelQJwgiBgTG+944o7oLvHp3qofk2erm+LYc4mdLJHkvaG8LjadxbqJbe0QSr6
NPxXJ1JQgLeG913JwXP2GQwwPIAaxDf7YHqHf+WPNt0NLTUG4OKNTF8DUA2NwKLi
AJFooFPzxVSINs0Yd7bfdzMRvJAblKhQQyAYlv+dqIn7cJbvXUIRdkiCh0kuawPG
cYP45AAu46z8G+WVcASGUxbSth28QwfXV2b62I8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkz6F01p0m5eVhzjevV4FZ+NSTNzAfBgNVHSMEGDAWgBRMP0KP2YNM1eyb
sWD4ttz0Ru9dkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1REOUNqOW1EVE5Yc203RmctTGJjOUVidlhaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvOTJiZTZhLTkyYzUtNDUzNy1hYzMyLTEzOTUzNjk1Mjg5Ni8x
L3BNLWhkTmFkSnVYbFljNDNyMWVCV2ZqVWt6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
OTJiZTZhLTkyYzUtNDUzNy1hYzMyLTEzOTUzNjk1Mjg5Ni8xL1REOUNqOW1EVE5Y
c203RmctTGJjOUVidlhaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEckjANBgkqhkiG9w0BAQsFAAOC
AQEAaUsgMp7wtD7rSBKXKpscQl28rI1H6aR+h6CXNsgb4DhcqjePntSTgngIMfQS
GNGKyqaeBI2Q0blgQkU51/auUDNIQpMplwR5iWphb1+aPgDwc02EkRuf6KxzxJFv
y83TEITKqFgsfPqEZTKAElcJU/5jJKDpbP46d5gg8H3k2t+hswyp4DKBzmXzrhjf
HdCnvQA3q1p6WoljmtBTkQzPJBzyXXg0Yivqgql4+spNq/AEiGm5G9az8ViDh/bi
KXU9Shhy/nOQfkVeCiGadOxezgPSTTDw2MH0KojJOnS1TpHhBxO2uE+i5+Ewn/ka
gtiMY9lz53g35lVjBiTV2/m6lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:03 2024 by rpki-client on console-fra.rpki-client.org