Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cFCCg7VeGa1--Qaq_S9atxHcpS0.roa
File: cFCCg7VeGa1--Qaq_S9atxHcpS0.roa (raw, json)
Hash identifier: fMeddSgyjXYpWUDzxaIUPOG/b+HvBxDr/T6fkpFScY0=
Subject key identifier: 70:50:82:83:B5:5E:19:AD:7E:F9:06:AA:FD:2F:5A:B7:11:DC:A5:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01853468A4CA7A5D5ECE75ADBBF473D7ED77
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cFCCg7VeGa1--Qaq_S9atxHcpS0.roa
Signing time: Wed 21 Dec 2022 11:19:11 +0000
ROA not before: Wed 21 Dec 2022 11:19:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 195.133.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:68:a4:ca:7a:5d:5e:ce:75:ad:bb:f4:73:d7:ed:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 21 11:19:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70508283b55e19ad7ef906aafd2f5ab711dca52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:dc:55:b5:3f:21:61:af:b8:54:00:7e:15:
2f:10:9e:58:7f:64:bc:bf:bb:7b:87:f5:1b:41:45:
f2:19:5e:13:dd:34:5a:6b:a0:0b:be:bb:b9:81:b9:
63:cb:ec:b9:25:f8:70:71:05:d0:7e:3f:1d:58:bd:
0d:00:e3:c5:ae:ed:19:1d:c9:32:b4:cc:59:10:61:
08:11:b6:c2:50:be:eb:7e:61:2a:21:e3:a2:ce:58:
a7:d4:8a:41:3c:82:43:8d:52:bb:54:b3:e1:18:ab:
2e:b1:17:3b:a5:4a:36:b2:06:7c:d0:a4:da:54:ce:
bc:1a:d8:98:e8:d1:10:de:ee:2e:d3:cb:be:6e:60:
9f:5f:00:58:b0:fe:ec:dd:c3:50:f6:7f:22:5c:f0:
08:4b:9c:c4:4d:6c:30:d3:9f:9a:7f:89:da:20:11:
28:bc:82:4e:f5:f8:c5:d0:e5:0c:40:e0:5f:70:eb:
0e:da:40:b5:04:ad:76:4d:b7:ee:05:bb:34:2a:d6:
82:f3:20:89:a8:51:d2:c1:21:76:88:e2:7c:34:96:
7f:4f:70:50:bf:71:96:c2:95:6d:ee:b5:8a:37:fc:
c2:ce:3e:42:d5:44:12:07:51:34:8e:bc:07:ca:70:
44:2f:09:4e:22:a1:c6:c4:d5:d6:ca:91:4c:cf:ed:
8f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:50:82:83:B5:5E:19:AD:7E:F9:06:AA:FD:2F:5A:B7:11:DC:A5:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cFCCg7VeGa1--Qaq_S9atxHcpS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.193.0/24
Signature Algorithm: sha256WithRSAEncryption
93:f1:60:af:d1:90:bd:fe:7c:ed:d0:ae:c2:d4:a4:1f:10:1a:
b2:57:c6:9d:4b:61:bb:e4:06:ab:10:45:1d:66:39:b7:ae:fe:
aa:7a:be:03:52:2c:23:ac:09:85:78:01:84:78:a5:8c:fb:ce:
64:c4:41:36:28:bd:c4:7b:76:77:d4:3a:a9:5c:b4:fd:e8:ad:
f9:a9:bc:70:30:d8:32:50:6c:0c:8c:f1:a1:08:6b:d0:1f:e6:
c5:aa:fc:6f:d3:69:f1:4c:d9:85:01:42:e8:05:66:86:a2:61:
61:6e:0e:34:db:77:00:9f:0d:7b:d8:c0:27:84:c3:9d:c7:f4:
46:e2:d3:0e:f7:80:5c:c9:a0:4c:a9:f3:f1:41:ef:4a:0d:4d:
c3:84:6f:fa:35:08:fd:38:86:ce:d7:7e:29:91:3e:ca:4c:8f:
bc:0e:e6:9f:6a:de:0b:23:ef:53:30:cd:90:81:91:e0:4e:54:
7d:d3:cb:c2:e9:b0:93:b1:1b:9e:f8:ea:9c:ca:ac:c3:bb:1c:
c4:8e:d5:d8:98:8f:1f:67:82:6d:15:7d:76:0a:3d:1f:19:5b:
ab:69:60:09:09:0b:c2:4d:60:33:44:25:53:55:34:aa:ca:ab:
55:19:07:e8:ed:7f:d5:c3:48:14:a1:9b:d6:91:39:25:a2:ef:
3a:c1:a4:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU0aKTKel1eznWtu/Rz1+13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIxMTExOTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDUwODI4M2I1NWUxOWFkN2VmOTA2YWFmZDJmNWFiNzExZGNhNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsjcVbU/IWGvuFQAfhUvEJ5Yf2S8
v7t7h/UbQUXyGV4T3TRaa6ALvru5gbljy+y5JfhwcQXQfj8dWL0NAOPFru0ZHcky
tMxZEGEIEbbCUL7rfmEqIeOizlin1IpBPIJDjVK7VLPhGKsusRc7pUo2sgZ80KTa
VM68GtiY6NEQ3u4u08u+bmCfXwBYsP7s3cNQ9n8iXPAIS5zETWww05+af4naIBEo
vIJO9fjF0OUMQOBfcOsO2kC1BK12TbfuBbs0KtaC8yCJqFHSwSF2iOJ8NJZ/T3BQ
v3GWwpVt7rWKN/zCzj5C1UQSB1E0jrwHynBELwlOIqHGxNXWypFMz+2PHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBQgoO1XhmtfvkGqv0vWrcR3KUtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY0ZDQ2c3VmVHYTEtLVFhcV9TOWF0eEhjcFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4XBMA0G
CSqGSIb3DQEBCwUAA4IBAQCT8WCv0ZC9/nzt0K7C1KQfEBqyV8adS2G75AarEEUd
Zjm3rv6qer4DUiwjrAmFeAGEeKWM+85kxEE2KL3Ee3Z31DqpXLT96K35qbxwMNgy
UGwMjPGhCGvQH+bFqvxv02nxTNmFAULoBWaGomFhbg4023cAnw172MAnhMOdx/RG
4tMO94BcyaBMqfPxQe9KDU3DhG/6NQj9OIbO134pkT7KTI+8Duafat4LI+9TMM2Q
gZHgTlR908vC6bCTsRue+OqcyqzDuxzEjtXYmI8fZ4JtFX12Cj0fGVuraWAJCQvC
TWAzRCVTVTSqyqtVGQfo7X/Vw0gUoZvWkTklou86waQ6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:07 2023 by rpki-client on console-fra.rpki-client.org