Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/l0U-ApF8JN6bkShurqRRnmf0bGE.roa
File: l0U-ApF8JN6bkShurqRRnmf0bGE.roa (raw, json)
Hash identifier: aJNS6r8I0WH1Jb7+cL41mnwcXWpky/kzD63rP7jLVdY=
Subject key identifier: 97:45:3E:02:91:7C:24:DE:9B:91:28:6E:AE:A4:51:9E:67:F4:6C:61
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01852AA30D4D26A5A0B768A64DE58F4B0B52
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/l0U-ApF8JN6bkShurqRRnmf0bGE.roa
Signing time: Mon 19 Dec 2022 13:46:46 +0000
ROA not before: Mon 19 Dec 2022 13:46:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29137
IP address blocks: 195.234.250.0/23 maxlen: 23
195.234.248.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:a3:0d:4d:26:a5:a0:b7:68:a6:4d:e5:8f:4b:0b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Dec 19 13:46:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97453e02917c24de9b91286eaea4519e67f46c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3b:ac:8e:d5:37:db:d2:16:ff:77:aa:71:6f:
70:29:25:25:9c:84:a4:7d:d4:64:43:0e:fb:b3:3e:
0c:9a:be:eb:bc:f8:de:bc:41:91:8b:23:10:cc:54:
ef:a6:7d:e5:96:91:16:37:f9:09:8e:b5:6a:7d:5f:
60:85:45:fc:05:ca:30:89:84:e4:43:67:77:62:aa:
b8:ac:15:58:59:9e:20:39:af:ad:ab:21:ec:83:57:
fd:7d:ce:5b:13:f2:3e:ec:45:00:a2:60:9c:27:c3:
84:cb:38:06:8c:99:2f:2d:1b:0f:84:ef:88:60:c9:
52:96:f8:71:47:1f:51:58:d9:60:e5:fd:f0:80:5f:
53:a1:5f:88:46:07:e9:a2:f9:22:30:23:ec:d1:45:
22:7d:44:01:bb:58:f3:00:cd:c7:a7:46:57:66:d6:
d8:fa:4c:e3:9a:85:42:b5:d7:9b:77:6a:37:83:dd:
0d:d9:d6:f0:28:9d:e2:c3:8a:4d:ee:18:46:4b:b9:
f4:2c:30:89:e5:99:10:49:15:be:30:e5:8b:13:12:
87:68:98:b9:97:36:08:a8:27:31:72:11:50:cd:b1:
a2:e1:c3:08:59:93:47:c8:df:46:89:cc:e0:eb:c0:
10:d5:bb:49:d0:5b:c6:0e:98:c0:38:a5:ec:42:bb:
d2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:45:3E:02:91:7C:24:DE:9B:91:28:6E:AE:A4:51:9E:67:F4:6C:61
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/l0U-ApF8JN6bkShurqRRnmf0bGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.248.0/22
Signature Algorithm: sha256WithRSAEncryption
70:52:ef:02:80:89:28:62:b0:88:5d:3c:24:27:60:41:7f:f4:
db:db:d1:78:b5:8a:67:97:c2:68:24:c8:de:79:eb:eb:7d:91:
ae:d7:fa:c2:03:16:2b:98:b6:f8:e0:93:76:ea:1a:f0:c7:59:
ce:17:b1:2f:fb:28:a9:0d:91:8c:20:e0:ab:a4:53:7a:78:c1:
9e:33:fd:cc:d4:93:87:88:a4:ec:ee:eb:58:eb:e5:69:d7:01:
48:07:53:cf:e7:4a:89:e1:65:2c:0b:8a:21:f2:d1:3a:28:68:
c2:02:ad:8c:52:96:2d:5b:ed:f5:c2:b3:0a:58:c0:28:f5:fc:
d8:eb:3e:4f:a4:e6:33:8c:1f:d8:33:ca:6a:8c:3b:97:52:0e:
63:28:d6:bb:3d:38:bb:c4:0b:7c:d7:15:d3:f7:e7:a5:b4:0b:
80:b5:dd:b8:b4:58:4a:53:0c:23:ed:a3:d2:06:f7:69:c4:96:
2a:f7:3a:cf:81:4b:2f:3f:b0:7a:0c:dd:bb:c7:8a:38:2e:31:
ba:68:e1:ba:f5:94:3c:6f:2c:93:bf:77:70:db:8a:e6:37:df:
fb:e5:a8:e4:97:70:f7:99:7a:63:16:fd:1e:64:8d:70:ae:69:
65:72:3d:e9:b8:56:5a:7e:45:82:06:bb:22:84:61:9c:2f:3a:
7c:f4:71:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUqow1NJqWgt2imTeWPSwtSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjIxMjE5MTM0NjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQ1M2UwMjkxN2MyNGRlOWI5MTI4NmVhZWE0NTE5ZTY3ZjQ2YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTusjtU329IW/3eqcW9wKSUlnISk
fdRkQw77sz4Mmr7rvPjevEGRiyMQzFTvpn3llpEWN/kJjrVqfV9ghUX8BcowiYTk
Q2d3Yqq4rBVYWZ4gOa+tqyHsg1f9fc5bE/I+7EUAomCcJ8OEyzgGjJkvLRsPhO+I
YMlSlvhxRx9RWNlg5f3wgF9ToV+IRgfpovkiMCPs0UUifUQBu1jzAM3Hp0ZXZtbY
+kzjmoVCtdebd2o3g90N2dbwKJ3iw4pN7hhGS7n0LDCJ5ZkQSRW+MOWLExKHaJi5
lzYIqCcxchFQzbGi4cMIWZNHyN9Giczg68AQ1btJ0FvGDpjAOKXsQrvSSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdFPgKRfCTem5Eobq6kUZ5n9GxhMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvbDBVLUFwRjhKTjZia1NodXJxUlJubWYwYkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+r4MA0G
CSqGSIb3DQEBCwUAA4IBAQBwUu8CgIkoYrCIXTwkJ2BBf/Tb29F4tYpnl8JoJMje
eevrfZGu1/rCAxYrmLb44JN26hrwx1nOF7Ev+yipDZGMIOCrpFN6eMGeM/3M1JOH
iKTs7utY6+Vp1wFIB1PP50qJ4WUsC4oh8tE6KGjCAq2MUpYtW+31wrMKWMAo9fzY
6z5PpOYzjB/YM8pqjDuXUg5jKNa7PTi7xAt81xXT9+eltAuAtd24tFhKUwwj7aPS
BvdpxJYq9zrPgUsvP7B6DN27x4o4LjG6aOG69ZQ8byyTv3dw24rmN9/75ajkl3D3
mXpjFv0eZI1wrmllcj3puFZafkWCBrsihGGcLzp89HFg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:47 2024 by rpki-client on console-fra.rpki-client.org