Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/498a6b-8512-493b-86c3-40f8a8cd1bdd/1/4rMMXqAWTdftj3-J8c5Yi5K74-4.roa
File: 4rMMXqAWTdftj3-J8c5Yi5K74-4.roa (raw, json)
Hash identifier: zQgoujGMwN2jO5lBIDTvIqhuqLHtk1T4IAhjtSq3ysU=
Subject key identifier: E2:B3:0C:5E:A0:16:4D:D7:ED:8F:7F:89:F1:CE:58:8B:92:BB:E3:EE
Certificate issuer: /CN=8ed98c0570afe9f1aaebd0d9ea2fc28c1dfd9889
Certificate serial: 013F3E7D
Authority key identifier: 8E:D9:8C:05:70:AF:E9:F1:AA:EB:D0:D9:EA:2F:C2:8C:1D:FD:98:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jtmMBXCv6fGq69DZ6i_CjB39mIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/498a6b-8512-493b-86c3-40f8a8cd1bdd/1/4rMMXqAWTdftj3-J8c5Yi5K74-4.roa
Signing time: Sat 01 Jan 2022 08:56:48 +0000
ROA not before: Sat 01 Jan 2022 08:56:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211028
IP address blocks: 194.39.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20921981 (0x13f3e7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ed98c0570afe9f1aaebd0d9ea2fc28c1dfd9889
Validity
Not Before: Jan 1 08:56:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2b30c5ea0164dd7ed8f7f89f1ce588b92bbe3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f9:37:c2:90:70:82:1a:97:9a:5e:eb:e3:d9:
da:a9:e4:00:b8:2c:e1:52:7e:cc:bd:ed:de:9c:60:
26:37:d0:11:71:58:83:6b:c1:d5:85:01:3f:f5:e0:
08:b6:49:dc:3a:e8:c2:b3:2e:4a:8b:30:a8:ca:41:
71:88:e3:f9:c5:88:3a:66:2c:18:e1:02:27:28:c4:
58:34:42:9c:8a:5f:26:1d:95:8b:ea:dc:4a:b3:81:
ee:29:14:73:97:ea:63:a8:51:a1:83:18:fa:71:f0:
72:ea:1e:0e:b2:6f:18:63:d3:72:98:4a:6b:66:e8:
a5:bc:e3:0d:cb:14:e3:d4:00:26:5b:42:87:c2:c3:
9d:72:b4:a2:87:55:a8:e4:a7:e7:5e:41:56:42:d0:
77:52:b7:ec:81:2e:75:1a:45:03:1a:66:98:b8:b1:
99:98:0d:23:bd:07:df:c6:a9:7d:1a:89:55:6b:67:
31:d2:22:13:6d:94:39:6c:c4:6a:d7:d3:29:64:a9:
f2:25:1d:5d:f4:1f:03:5d:4b:cd:a6:82:f0:b4:38:
74:0d:30:d8:02:00:94:6c:dc:3a:fe:3d:53:15:df:
65:34:f1:1c:68:cb:6b:a0:d9:0c:9b:17:72:31:48:
2f:05:b0:4e:76:a4:c8:ee:ec:ce:ea:85:df:34:73:
c2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B3:0C:5E:A0:16:4D:D7:ED:8F:7F:89:F1:CE:58:8B:92:BB:E3:EE
X509v3 Authority Key Identifier:
keyid:8E:D9:8C:05:70:AF:E9:F1:AA:EB:D0:D9:EA:2F:C2:8C:1D:FD:98:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jtmMBXCv6fGq69DZ6i_CjB39mIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/498a6b-8512-493b-86c3-40f8a8cd1bdd/1/4rMMXqAWTdftj3-J8c5Yi5K74-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/498a6b-8512-493b-86c3-40f8a8cd1bdd/1/jtmMBXCv6fGq69DZ6i_CjB39mIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.108.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:95:41:19:b5:48:9e:bc:95:a5:8a:f1:6d:62:0c:1b:15:2a:
2a:f9:de:9d:8c:fd:4d:f6:0c:0b:c4:b0:67:df:97:65:b7:dd:
23:ca:35:c9:22:a8:32:02:fd:18:a5:30:30:f8:e0:28:5f:b5:
02:8e:28:36:94:c5:12:55:51:d7:b4:ef:ee:dc:73:14:0f:67:
d2:3c:a6:d0:49:8a:2d:c2:53:13:00:fe:40:23:07:db:ab:e5:
1d:f4:8e:c8:dc:ad:9c:f5:9c:2d:63:aa:17:73:6c:4c:6e:e4:
d2:b5:2f:da:f5:59:47:ac:cf:c0:43:8b:ae:7e:e4:2e:28:1c:
aa:a3:23:43:6b:47:be:cc:88:fb:94:4a:be:2f:24:df:3c:98:
1f:1f:dd:50:f1:f3:a8:a5:45:41:10:4f:cd:53:f6:f3:48:45:
a5:7d:ee:0b:50:18:2b:3a:19:e1:51:47:dd:09:62:87:06:41:
f1:69:ff:34:02:1e:8c:84:74:66:4a:d4:a6:0e:f5:2e:a7:4d:
a9:ae:11:b8:44:7e:4c:93:40:3c:b9:7c:a5:23:d2:0f:bf:45:
8b:d4:d0:dc:9f:a0:aa:91:98:15:7e:d9:4f:9c:89:f1:b8:63:
73:d1:5a:3a:da:64:b1:2b:66:49:1d:2d:07:c4:80:34:8a:f2:
88:2b:35:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAT8+fTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZWQ5OGMwNTcwYWZlOWYxYWFlYmQwZDllYTJmYzI4YzFkZmQ5ODg5MB4XDTIyMDEw
MTA4NTY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJiMzBjNWVhMDE2
NGRkN2VkOGY3Zjg5ZjFjZTU4OGI5MmJiZTNlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM35N8KQcIIal5pe6+PZ2qnkALgs4VJ+zL3t3pxgJjfQEXFY
g2vB1YUBP/XgCLZJ3DrowrMuSoswqMpBcYjj+cWIOmYsGOECJyjEWDRCnIpfJh2V
i+rcSrOB7ikUc5fqY6hRoYMY+nHwcuoeDrJvGGPTcphKa2bopbzjDcsU49QAJltC
h8LDnXK0oodVqOSn515BVkLQd1K37IEudRpFAxpmmLixmZgNI70H38apfRqJVWtn
MdIiE22UOWzEatfTKWSp8iUdXfQfA11LzaaC8LQ4dA0w2AIAlGzcOv49UxXfZTTx
HGjLa6DZDJsXcjFILwWwTnakyO7szuqF3zRzwvECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTiswxeoBZN1+2Pf4nxzliLkrvj7jAfBgNVHSMEGDAWgBSO2YwFcK/p8arr
0NnqL8KMHf2YiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p0bU1CWEN2NmZHcTY5RFo2aV9DakIzOW1Jay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNDk4YTZiLTg1MTItNDkzYi04NmMzLTQwZjhhOGNkMWJkZC8x
LzRyTU1YcUFXVGRmdGozLUo4YzVZaTVLNzQtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NDk4YTZiLTg1MTItNDkzYi04NmMzLTQwZjhhOGNkMWJkZC8xL2p0bU1CWEN2NmZH
cTY5RFo2aV9DakIzOW1Jay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMInbDANBgkqhkiG9w0BAQsFAAOC
AQEAKpVBGbVInryVpYrxbWIMGxUqKvnenYz9TfYMC8SwZ9+XZbfdI8o1ySKoMgL9
GKUwMPjgKF+1Ao4oNpTFElVR17Tv7txzFA9n0jym0EmKLcJTEwD+QCMH26vlHfSO
yNytnPWcLWOqF3NsTG7k0rUv2vVZR6zPwEOLrn7kLigcqqMjQ2tHvsyI+5RKvi8k
3zyYHx/dUPHzqKVFQRBPzVP280hFpX3uC1AYKzoZ4VFH3QlihwZB8Wn/NAIejIR0
ZkrUpg71LqdNqa4RuER+TJNAPLl8pSPSD79Fi9TQ3J+gqpGYFX7ZT5yJ8bhjc9Fa
OtpksStmSR0tB8SANIryiCs1Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:33 2024 by rpki-client on console-ams.rpki-client.org