Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/iQqVp-EZ70hV2R27W1JaDzKqx50.roa
File: iQqVp-EZ70hV2R27W1JaDzKqx50.roa (raw, json)
Hash identifier: ZCqt10LyerQmPZ8Fys/ZXpT1SZCJhoYcHU9M8inZe9Q=
Subject key identifier: 89:0A:95:A7:E1:19:EF:48:55:D9:1D:BB:5B:52:5A:0F:32:AA:C7:9D
Certificate issuer: /CN=d9ec085baa8caa7b5b934eca29c17961fc88db1b
Certificate serial: 01D9B45C
Authority key identifier: D9:EC:08:5B:AA:8C:AA:7B:5B:93:4E:CA:29:C1:79:61:FC:88:DB:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ewIW6qMqntbk07KKcF5YfyI2xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/iQqVp-EZ70hV2R27W1JaDzKqx50.roa
Signing time: Sat 01 Jan 2022 15:00:59 +0000
ROA not before: Sat 01 Jan 2022 15:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202766
IP address blocks: 193.34.240.0/24 maxlen: 24
193.34.243.0/24 maxlen: 24
193.34.242.0/24 maxlen: 24
193.34.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31044700 (0x1d9b45c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ec085baa8caa7b5b934eca29c17961fc88db1b
Validity
Not Before: Jan 1 15:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=890a95a7e119ef4855d91dbb5b525a0f32aac79d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:9b:29:b4:7c:95:fe:f6:db:67:15:43:57:
73:3a:12:f3:48:5f:1e:77:a3:c8:e3:7e:20:27:7d:
6a:f6:51:9c:77:52:f1:0a:fb:92:4e:e6:35:2e:3e:
d2:0c:c3:2a:54:48:75:af:66:c2:c2:97:eb:9b:c3:
63:33:0f:ba:6d:3f:de:8d:5b:a8:ed:af:c6:78:70:
35:59:76:56:94:0c:16:62:68:5e:d6:ef:b9:99:d0:
76:2a:ee:49:1b:01:7b:2d:e8:71:57:f9:1d:8f:33:
ad:11:d6:45:4e:58:5f:f3:10:b6:a2:3b:75:18:0b:
76:80:04:8a:5a:3b:29:f1:53:d2:cb:c2:c2:64:df:
2a:40:cb:12:57:72:40:fa:a7:84:6a:52:59:ff:31:
24:b1:94:51:0c:e3:89:cb:71:4f:c2:62:d8:ee:7f:
30:80:1e:e2:64:fe:1f:45:35:40:6e:b3:02:b6:1b:
f3:f8:d4:f2:12:5c:17:1e:3c:07:84:f2:08:a3:49:
06:71:ac:df:da:bb:76:2b:fe:15:53:6b:df:60:f4:
e1:ef:84:53:36:b6:58:cd:97:fb:76:f3:79:34:c3:
7e:7f:52:12:ff:42:fe:91:15:1b:0b:02:3f:ca:41:
df:be:82:6e:2c:68:c9:6c:28:3a:da:82:d0:8f:91:
56:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0A:95:A7:E1:19:EF:48:55:D9:1D:BB:5B:52:5A:0F:32:AA:C7:9D
X509v3 Authority Key Identifier:
keyid:D9:EC:08:5B:AA:8C:AA:7B:5B:93:4E:CA:29:C1:79:61:FC:88:DB:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ewIW6qMqntbk07KKcF5YfyI2xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/iQqVp-EZ70hV2R27W1JaDzKqx50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/2ewIW6qMqntbk07KKcF5YfyI2xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.240.0/22
Signature Algorithm: sha256WithRSAEncryption
28:d9:ab:1f:08:a1:e2:2d:65:cc:2f:c5:0c:e7:38:92:f5:7d:
12:0d:4e:53:b2:f7:a1:95:1c:46:62:6c:cb:e9:07:d6:4a:d4:
50:43:12:10:32:8d:e6:67:95:bf:85:4a:09:07:a4:14:19:f7:
8d:0b:bd:fd:42:61:16:9c:1f:e0:09:01:b6:c8:80:f2:74:a0:
28:08:51:58:8a:44:10:69:fb:7f:c4:b0:ff:6d:ff:dc:5f:9f:
09:f6:e1:1b:02:f8:f0:a6:66:2f:e8:5a:dc:e3:d9:90:fe:3b:
30:29:5a:ac:c7:1c:62:ea:d8:75:63:c6:a3:81:7f:50:33:66:
22:5a:19:70:96:d4:34:57:d0:70:66:4f:df:a7:65:c5:ac:58:
6d:96:8d:9a:fe:ac:92:b9:4e:76:c3:56:36:fd:7b:00:38:27:
74:46:f2:18:c2:ff:44:e2:2b:fe:38:50:50:24:35:df:04:0a:
89:7f:be:be:84:6a:9a:84:97:0b:4f:0b:9a:a9:3a:6b:a9:18:
bf:40:1d:eb:59:cc:9f:ee:5b:4b:72:ea:25:1c:15:f2:7f:2b:
f3:b9:95:14:a8:f1:17:cf:52:af:28:cc:43:8d:27:52:5a:5b:
f9:71:a9:dc:a7:c5:74:5a:72:4e:25:31:12:4d:bf:4d:7d:6a:
0e:a0:fe:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAdm0XDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWVjMDg1YmFhOGNhYTdiNWI5MzRlY2EyOWMxNzk2MWZjODhkYjFiMB4XDTIyMDEw
MTE1MDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkwYTk1YTdlMTE5
ZWY0ODU1ZDkxZGJiNWI1MjVhMGYzMmFhYzc5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDHmym0fJX+9ttnFUNXczoS80hfHnejyON+ICd9avZRnHdS
8Qr7kk7mNS4+0gzDKlRIda9mwsKX65vDYzMPum0/3o1bqO2vxnhwNVl2VpQMFmJo
XtbvuZnQdiruSRsBey3ocVf5HY8zrRHWRU5YX/MQtqI7dRgLdoAEilo7KfFT0svC
wmTfKkDLEldyQPqnhGpSWf8xJLGUUQzjictxT8Ji2O5/MIAe4mT+H0U1QG6zArYb
8/jU8hJcFx48B4TyCKNJBnGs39q7div+FVNr32D04e+EUza2WM2X+3bzeTTDfn9S
Ev9C/pEVGwsCP8pB376CbixoyWwoOtqC0I+RVgMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSJCpWn4RnvSFXZHbtbUloPMqrHnTAfBgNVHSMEGDAWgBTZ7Ahbqoyqe1uT
TsopwXlh/IjbGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJld0lXNnFNcW50YmswN0tLY0Y1WWZ5STJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMmYwMzRjLTIzZDQtNDY5YS1hMDA2LWNiZWQwMTc4MWZjZS8x
L2lRcVZwLUVaNzBoVjJSMjdXMUphRHpLcXg1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MmYwMzRjLTIzZDQtNDY5YS1hMDA2LWNiZWQwMTc4MWZjZS8xLzJld0lXNnFNcW50
YmswN0tLY0Y1WWZ5STJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsEi8DANBgkqhkiG9w0BAQsFAAOC
AQEAKNmrHwih4i1lzC/FDOc4kvV9Eg1OU7L3oZUcRmJsy+kH1krUUEMSEDKN5meV
v4VKCQekFBn3jQu9/UJhFpwf4AkBtsiA8nSgKAhRWIpEEGn7f8Sw/23/3F+fCfbh
GwL48KZmL+ha3OPZkP47MClarMccYurYdWPGo4F/UDNmIloZcJbUNFfQcGZP36dl
xaxYbZaNmv6skrlOdsNWNv17ADgndEbyGML/ROIr/jhQUCQ13wQKiX++voRqmoSX
C08Lmqk6a6kYv0Ad61nMn+5bS3LqJRwV8n8r87mVFKjxF89SryjMQ40nUlpb+XGp
3KfFdFpyTiUxEk2/TX1qDqD++g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:30 2023 by rpki-client on console-fra.rpki-client.org