Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9zKWEwjlmPH7Zl65rcanXj6nXWk.roa
File: 9zKWEwjlmPH7Zl65rcanXj6nXWk.roa (raw, json)
Hash identifier: BFaZB2Y3vgbU3U9ZPaHFjZOdZ3iRafyru+UkE9q4HVQ=
Subject key identifier: F7:32:96:13:08:E5:98:F1:FB:66:5E:B9:AD:C6:A7:5E:3E:A7:5D:69
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0EA1C246
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9zKWEwjlmPH7Zl65rcanXj6nXWk.roa
Signing time: Sun 06 Feb 2022 16:52:46 +0000
ROA not before: Sun 06 Feb 2022 16:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49434
IP address blocks: 195.133.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245482054 (0xea1c246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 6 16:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f732961308e598f1fb665eb9adc6a75e3ea75d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f2:bb:52:2e:ea:54:34:a1:88:6f:c0:a2:6b:
ff:00:ba:cd:e6:e3:17:bf:f2:c5:ad:5a:61:27:53:
12:94:1d:71:07:96:aa:d9:23:a1:f9:36:46:04:ff:
1a:a9:80:cf:19:5a:d4:62:fb:40:2f:0e:6a:61:41:
a4:0d:17:7b:8f:5f:36:ee:f4:73:74:1c:25:01:9c:
36:4b:c8:04:94:7e:e4:eb:2d:25:20:9f:9f:cd:cd:
37:59:99:ed:4c:48:85:80:bc:cc:36:ff:c6:e1:88:
42:45:f1:c3:81:f1:65:75:de:9d:ca:19:a7:07:47:
bd:c6:a3:2f:eb:c4:e0:8b:29:24:1c:3d:b0:62:98:
b4:52:51:d0:2b:24:73:ba:4f:a8:2c:82:e1:12:ba:
ec:0a:5e:59:83:fc:f1:dc:fc:c5:a1:13:fe:27:5f:
a7:b6:b9:38:c0:55:4f:77:8e:7f:2c:6a:78:18:65:
30:44:1e:08:c3:e2:03:e3:69:74:a5:98:97:82:f7:
94:58:29:19:2d:7a:44:d6:ce:9e:c9:12:20:57:4e:
a4:23:7b:63:65:7f:9e:da:a9:2d:f9:f4:9e:07:e7:
a5:5f:48:2b:60:ac:1d:20:b6:0c:c1:18:6c:4f:d4:
19:4d:6b:df:0f:22:e0:6e:5f:37:5a:44:5e:bb:cf:
47:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:32:96:13:08:E5:98:F1:FB:66:5E:B9:AD:C6:A7:5E:3E:A7:5D:69
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9zKWEwjlmPH7Zl65rcanXj6nXWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.81.0/24
Signature Algorithm: sha256WithRSAEncryption
99:df:25:60:3f:fe:df:af:54:2a:b0:89:9e:92:ed:d6:01:b7:
5e:fb:92:3f:6e:26:48:7d:d1:25:95:99:b7:5d:e9:e8:91:4c:
07:a3:1d:f0:79:3b:b8:25:42:35:4a:65:5f:00:38:77:68:a2:
ce:9c:b5:8e:9a:3e:73:73:82:6b:97:3f:c7:6b:29:3d:27:32:
b2:0f:ea:3c:23:c8:d4:02:bd:24:88:03:c4:14:19:a2:0b:ae:
92:37:c7:a2:9a:18:06:e1:92:05:a2:c6:ba:cd:f7:04:0e:67:
6e:90:81:1c:cf:f7:7c:da:0f:51:b1:55:08:3a:ac:65:15:7f:
9c:c1:c2:c8:11:bb:69:0d:ca:c3:d1:bf:f3:9b:b9:60:5c:b7:
0c:1c:66:bc:62:3b:8d:d1:df:a5:7f:ca:91:2b:e0:9f:6b:d4:
12:f3:0c:41:42:2a:4c:fe:6e:15:1e:10:ec:d1:0e:1f:66:32:
bf:e4:02:e5:a9:6e:17:43:0b:9b:e0:0d:5d:44:60:a9:46:63:
47:62:9b:54:77:a0:37:ef:eb:a1:34:b8:0e:f1:c5:97:92:ad:
be:41:ce:0c:8e:ea:de:93:63:bb:b3:3d:ba:99:ac:31:cf:37:
a7:57:10:5f:48:89:8d:78:76:39:5a:44:81:e2:64:07:b6:3e:
52:51:6c:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDqHCRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDIw
NjE2NTI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjczMjk2MTMwOGU1
OThmMWZiNjY1ZWI5YWRjNmE3NWUzZWE3NWQ2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3yu1Iu6lQ0oYhvwKJr/wC6zebjF7/yxa1aYSdTEpQdcQeW
qtkjofk2RgT/GqmAzxla1GL7QC8OamFBpA0Xe49fNu70c3QcJQGcNkvIBJR+5Ost
JSCfn83NN1mZ7UxIhYC8zDb/xuGIQkXxw4HxZXXencoZpwdHvcajL+vE4IspJBw9
sGKYtFJR0Cskc7pPqCyC4RK67ApeWYP88dz8xaET/idfp7a5OMBVT3eOfyxqeBhl
MEQeCMPiA+NpdKWYl4L3lFgpGS16RNbOnskSIFdOpCN7Y2V/ntqpLfn0ngfnpV9I
K2CsHSC2DMEYbE/UGU1r3w8i4G5fN1pEXrvPR7MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT3MpYTCOWY8ftmXrmtxqdePqddaTAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
Lzl6S1dFd2psbVBIN1psNjVyY2FuWGo2blhXay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOFUTANBgkqhkiG9w0BAQsFAAOC
AQEAmd8lYD/+369UKrCJnpLt1gG3XvuSP24mSH3RJZWZt13p6JFMB6Md8Hk7uCVC
NUplXwA4d2iizpy1jpo+c3OCa5c/x2spPScysg/qPCPI1AK9JIgDxBQZoguukjfH
opoYBuGSBaLGus33BA5nbpCBHM/3fNoPUbFVCDqsZRV/nMHCyBG7aQ3Kw9G/85u5
YFy3DBxmvGI7jdHfpX/KkSvgn2vUEvMMQUIqTP5uFR4Q7NEOH2Yyv+QC5aluF0ML
m+ANXURgqUZjR2KbVHegN+/roTS4DvHFl5KtvkHODI7q3pNju7M9upmsMc83p1cQ
X0iJjXh2OVpEgeJkB7Y+UlFs4w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:57 2023 by rpki-client on console-fra.rpki-client.org