Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/XQDc8g34uv9NhntKZ9PJ49epE94.roa
File: XQDc8g34uv9NhntKZ9PJ49epE94.roa (raw, json)
Hash identifier: hoRWMVbArx9l0NKyP9CwRs14Okp1TZNZQbDDjFNFcMY=
Subject key identifier: 5D:00:DC:F2:0D:F8:BA:FF:4D:86:7B:4A:67:D3:C9:E3:D7:A9:13:DE
Certificate issuer: /CN=2fa8e657eeae0783da14a3da2ca74ddec15dd308
Certificate serial: 06FCE54C
Authority key identifier: 2F:A8:E6:57:EE:AE:07:83:DA:14:A3:DA:2C:A7:4D:DE:C1:5D:D3:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6jmV-6uB4PaFKPaLKdN3sFd0wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/XQDc8g34uv9NhntKZ9PJ49epE94.roa
Signing time: Sat 01 Jan 2022 06:54:59 +0000
ROA not before: Sat 01 Jan 2022 06:54:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43425
IP address blocks: 194.50.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117237068 (0x6fce54c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa8e657eeae0783da14a3da2ca74ddec15dd308
Validity
Not Before: Jan 1 06:54:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d00dcf20df8baff4d867b4a67d3c9e3d7a913de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:67:a6:95:6f:de:b2:13:6d:6d:69:d3:e2:db:
c8:c2:85:98:70:8f:ec:74:de:bc:0a:1b:a9:ce:f6:
8b:00:a3:ff:44:e5:5c:db:82:f0:ee:92:ca:62:a7:
b2:f7:e0:55:33:78:b9:eb:72:9a:66:68:32:90:95:
72:0d:7c:b4:10:1c:3b:05:40:7c:79:02:54:b7:18:
52:7b:3e:02:a0:1f:cb:c2:c2:8c:8b:26:ea:4e:e4:
df:6c:c9:ce:07:b2:7d:7b:ba:59:da:81:3e:31:e8:
e3:54:15:5b:f2:d5:ba:1d:2e:0e:92:dd:c6:6c:8a:
49:bb:c6:e6:8e:b1:e5:b1:b6:1f:e2:01:c5:f0:a0:
c9:cb:11:99:f2:e7:47:12:1f:bc:8d:f7:60:13:18:
82:23:70:b7:7a:61:c7:1f:7b:eb:d1:57:96:e6:38:
9e:30:c9:1f:e5:1b:14:10:75:c2:ad:60:48:f3:7f:
96:27:54:8b:3d:74:21:b8:08:03:65:db:eb:f4:a9:
0c:9c:34:04:59:12:11:d0:08:51:cd:cc:35:06:85:
f2:de:72:dc:84:e7:6e:b7:3c:34:6a:2a:b5:09:92:
68:84:6e:4d:2e:7d:e7:f5:a9:ed:88:4f:60:53:8d:
be:2d:7c:69:4b:0c:a6:08:ab:92:0c:95:89:55:51:
ff:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:00:DC:F2:0D:F8:BA:FF:4D:86:7B:4A:67:D3:C9:E3:D7:A9:13:DE
X509v3 Authority Key Identifier:
keyid:2F:A8:E6:57:EE:AE:07:83:DA:14:A3:DA:2C:A7:4D:DE:C1:5D:D3:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6jmV-6uB4PaFKPaLKdN3sFd0wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/XQDc8g34uv9NhntKZ9PJ49epE94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/L6jmV-6uB4PaFKPaLKdN3sFd0wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.179.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f4:b6:de:ed:f1:89:b7:eb:22:4f:27:cf:78:54:14:1d:dc:
71:0b:db:42:a2:de:0b:d2:69:25:4d:47:81:79:f0:a5:30:74:
cb:fb:2c:08:9a:31:89:ab:ba:48:1f:79:b0:fd:ea:17:9c:b6:
46:44:b4:17:b0:22:2f:89:fd:f2:c5:92:7f:ff:19:08:3a:b6:
f2:75:a1:e7:c8:9f:35:c8:e0:ef:85:a5:ff:4d:64:d4:e1:ec:
03:f4:78:7b:40:f4:b8:5c:c3:18:24:06:11:79:f9:50:33:45:
55:3e:f2:b5:bb:70:6c:06:9a:48:78:6a:c4:63:22:cf:18:b0:
f1:fd:78:04:29:02:7c:c0:cb:a3:ab:f2:9f:2b:2b:d7:ef:f9:
2a:1a:ae:14:38:61:eb:65:07:67:37:85:d0:fa:55:dd:60:92:
22:68:84:d2:a3:5e:d1:35:92:ea:5e:27:e7:16:26:8a:10:cc:
6b:6c:79:c6:0b:e1:95:08:73:96:5f:cf:34:f1:3b:5f:39:5c:
57:aa:b2:a3:5b:42:0e:27:52:e2:29:9b:3f:00:a6:92:ea:2c:
fa:52:ff:e2:06:83:1d:b5:49:12:52:24:fa:42:69:50:47:dc:
32:ee:ba:69:42:24:d8:06:34:8c:02:ee:79:dc:ea:fd:6e:c1:
2d:a8:8c:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBvzlTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZmE4ZTY1N2VlYWUwNzgzZGExNGEzZGEyY2E3NGRkZWMxNWRkMzA4MB4XDTIyMDEw
MTA2NTQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQwMGRjZjIwZGY4
YmFmZjRkODY3YjRhNjdkM2M5ZTNkN2E5MTNkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPFnppVv3rITbW1p0+LbyMKFmHCP7HTevAobqc72iwCj/0Tl
XNuC8O6SymKnsvfgVTN4uetymmZoMpCVcg18tBAcOwVAfHkCVLcYUns+AqAfy8LC
jIsm6k7k32zJzgeyfXu6WdqBPjHo41QVW/LVuh0uDpLdxmyKSbvG5o6x5bG2H+IB
xfCgycsRmfLnRxIfvI33YBMYgiNwt3phxx9769FXluY4njDJH+UbFBB1wq1gSPN/
lidUiz10IbgIA2Xb6/SpDJw0BFkSEdAIUc3MNQaF8t5y3ITnbrc8NGoqtQmSaIRu
TS595/Wp7YhPYFONvi18aUsMpgirkgyViVVR/0cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdANzyDfi6/02Ge0pn08nj16kT3jAfBgNVHSMEGDAWgBQvqOZX7q4Hg9oU
o9osp03ewV3TCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w2am1WLTZ1QjRQYUZLUGFMS2ROM3NGZDB3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvYWE0YzNkLWYyNzItNDdmNi1hOWNmLTg0YTIzMzM2OTM4Ni8x
L1hRRGM4ZzM0dXY5TmhudEtaOVBKNDllcEU5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
YWE0YzNkLWYyNzItNDdmNi1hOWNmLTg0YTIzMzM2OTM4Ni8xL0w2am1WLTZ1QjRQ
YUZLUGFMS2ROM3NGZDB3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIyszANBgkqhkiG9w0BAQsFAAOC
AQEAjvS23u3xibfrIk8nz3hUFB3ccQvbQqLeC9JpJU1HgXnwpTB0y/ssCJoxiau6
SB95sP3qF5y2RkS0F7AiL4n98sWSf/8ZCDq28nWh58ifNcjg74Wl/01k1OHsA/R4
e0D0uFzDGCQGEXn5UDNFVT7ytbtwbAaaSHhqxGMizxiw8f14BCkCfMDLo6vynysr
1+/5KhquFDhh62UHZzeF0PpV3WCSImiE0qNe0TWS6l4n5xYmihDMa2x5xgvhlQhz
ll/PNPE7XzlcV6qyo1tCDidS4imbPwCmkuos+lL/4gaDHbVJElIk+kJpUEfcMu66
aUIk2AY0jALuedzq/W7BLaiMuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:12 2024 by rpki-client on console-ams.rpki-client.org