Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0GJHAhKixbpiSTe8JH2i8bIq2uA.roa
File: 0GJHAhKixbpiSTe8JH2i8bIq2uA.roa (raw, json)
Hash identifier: AZGrYQLbqYgF9CyRPEYNTFIJsSSkB6dOA+O7NZCbMts=
Subject key identifier: D0:62:47:02:12:A2:C5:BA:62:49:37:BC:24:7D:A2:F1:B2:2A:DA:E0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01823A6DFF339A683CC5011C19500DABF2F1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0GJHAhKixbpiSTe8JH2i8bIq2uA.roa
Signing time: Tue 26 Jul 2022 12:14:23 +0000
ROA not before: Tue 26 Jul 2022 12:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 193.222.99.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:6d:ff:33:9a:68:3c:c5:01:1c:19:50:0d:ab:f2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 26 12:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d062470212a2c5ba624937bc247da2f1b22adae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:de:6e:19:e9:f2:5e:02:b8:d2:23:e3:d1:8b:
d6:2e:d3:08:d4:a8:36:c0:d7:83:6c:d1:06:da:93:
0e:df:b8:0a:d9:e7:ac:47:7d:78:45:e2:81:e3:c2:
44:bb:9d:b5:50:83:ca:67:e6:49:85:02:58:10:73:
df:47:74:ff:80:cb:00:fc:2e:2e:b4:3f:b1:f5:4a:
f5:0e:3b:04:74:8f:24:c4:4c:e1:85:f8:68:33:81:
b7:86:83:b7:a8:9e:bd:b1:70:fb:bb:3b:37:df:8b:
42:a5:a6:52:51:e7:5b:ad:22:92:cf:f3:10:33:76:
4f:94:b4:12:29:2a:c0:83:d7:c7:02:24:03:b2:2a:
4f:32:42:80:ae:5f:39:d0:c5:6b:02:14:ad:61:31:
58:d2:16:8b:d7:a3:0b:49:cd:35:86:1b:d5:70:82:
77:98:82:f9:90:a3:b2:48:06:a1:1c:cf:f5:d7:3d:
bc:2c:94:95:86:57:63:23:86:1d:af:79:35:81:c2:
24:aa:5b:d6:e2:01:78:f9:1c:b4:49:b3:c2:85:c9:
d2:a2:fb:50:a8:7a:41:82:5e:cd:9b:86:dd:ed:d3:
55:53:ec:43:81:91:2f:5c:2a:f6:54:b2:69:82:a1:
84:1f:6c:c4:f4:8d:7e:83:9b:9c:29:2f:b6:d0:71:
5c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:62:47:02:12:A2:C5:BA:62:49:37:BC:24:7D:A2:F1:B2:2A:DA:E0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0GJHAhKixbpiSTe8JH2i8bIq2uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.44.0/24
193.47.60.0/24
193.222.99.0/24
Signature Algorithm: sha256WithRSAEncryption
48:8b:08:bc:53:7b:e2:d2:cd:cb:a4:30:71:f0:e9:b4:0f:f3:
ef:c0:1e:f6:f2:76:38:a9:68:c5:33:9d:ad:d9:f0:2d:15:b8:
f1:05:19:55:b3:ff:ff:b8:55:89:27:b5:56:7e:fc:17:b0:3f:
cc:eb:51:7f:53:0a:f7:7d:bd:b7:33:c5:d5:47:b8:2c:6b:f4:
c7:1f:df:07:fc:ec:71:9b:14:c8:75:18:a6:84:61:fd:c8:ed:
07:df:a8:74:4b:23:d7:33:4e:53:21:99:8b:06:86:8b:9c:0f:
d4:b6:77:ed:e7:7f:ce:37:bc:05:68:4b:71:6c:e6:48:52:c7:
3e:3d:50:49:46:5d:c7:8c:60:42:b0:b3:90:8e:d0:e7:29:46:
1d:22:1a:46:bd:93:b4:8f:76:b2:c2:c0:a9:0c:79:1e:d5:ae:
4f:78:46:10:85:25:5a:7d:38:3e:e5:60:47:7e:d5:67:ea:0e:
de:9f:85:26:07:cd:48:80:a1:fc:5a:cd:ac:52:e0:5f:4d:15:
32:f9:e2:b2:49:57:10:d2:f0:21:20:e6:15:7b:35:6d:30:e2:
e6:f9:eb:4d:5e:ed:50:08:19:9e:d5:03:fb:66:d8:f5:c4:08:
65:82:41:27:04:72:b0:cf:f5:51:1f:e8:b6:f2:31:74:da:af:
61:fb:3c:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYI6bf8zmmg8xQEcGVANq/LxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzI2MTIxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDYyNDcwMjEyYTJjNWJhNjI0OTM3YmMyNDdkYTJmMWIyMmFkYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN5uGenyXgK40iPj0YvWLtMI1Kg2
wNeDbNEG2pMO37gK2eesR314ReKB48JEu521UIPKZ+ZJhQJYEHPfR3T/gMsA/C4u
tD+x9Ur1DjsEdI8kxEzhhfhoM4G3hoO3qJ69sXD7uzs334tCpaZSUedbrSKSz/MQ
M3ZPlLQSKSrAg9fHAiQDsipPMkKArl850MVrAhStYTFY0haL16MLSc01hhvVcIJ3
mIL5kKOySAahHM/11z28LJSVhldjI4Ydr3k1gcIkqlvW4gF4+Ry0SbPChcnSovtQ
qHpBgl7Nm4bd7dNVU+xDgZEvXCr2VLJpgqGEH2zE9I1+g5ucKS+20HFc1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNBiRwISosW6Ykk3vCR9ovGyKtrgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMEdKSEFoS2l4YnBpU1RlOEpIMmk4YklxMnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwSUsAwQA
wS88AwQAwd5jMA0GCSqGSIb3DQEBCwUAA4IBAQBIiwi8U3vi0s3LpDBx8Om0D/Pv
wB728nY4qWjFM52t2fAtFbjxBRlVs///uFWJJ7VWfvwXsD/M61F/Uwr3fb23M8XV
R7gsa/THH98H/OxxmxTIdRimhGH9yO0H36h0SyPXM05TIZmLBoaLnA/Utnft53/O
N7wFaEtxbOZIUsc+PVBJRl3HjGBCsLOQjtDnKUYdIhpGvZO0j3aywsCpDHke1a5P
eEYQhSVafTg+5WBHftVn6g7en4UmB81IgKH8Ws2sUuBfTRUy+eKySVcQ0vAhIOYV
ezVtMOLm+etNXu1QCBme1QP7Ztj1xAhlgkEnBHKwz/VRH+i28jF02q9h+zzH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org