Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CSjD9AeKihKF_5TDSfjoHXQi1dQ.roa
File: CSjD9AeKihKF_5TDSfjoHXQi1dQ.roa (raw, json)
Hash identifier: 6mbnL5v8sZgtjsazV5SQbFbzir5a/xDwnzZNr45U/oc=
Subject key identifier: 09:28:C3:F4:07:8A:8A:12:85:FF:94:C3:49:F8:E8:1D:74:22:D5:D4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1C7D544D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CSjD9AeKihKF_5TDSfjoHXQi1dQ.roa
Signing time: Sat 01 Jan 2022 01:02:44 +0000
ROA not before: Sat 01 Jan 2022 01:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198228
IP address blocks: 94.156.3.0/24 maxlen: 24
87.121.34.0/24 maxlen: 24
87.121.35.0/24 maxlen: 24
87.121.35.1/32 maxlen: 32
91.92.194.0/24 maxlen: 24
2a00:1728:24::/48 maxlen: 48
2a00:1728:d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 477975629 (0x1c7d544d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 01:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0928c3f4078a8a1285ff94c349f8e81d7422d5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c5:b9:b2:5b:2e:ac:17:3b:fa:56:34:07:77:
cf:08:ea:72:99:68:b2:d2:c8:4f:bf:6a:9c:a1:32:
f6:8b:1a:c9:20:ef:6b:55:20:f7:6b:77:b7:21:86:
ce:3f:f4:7e:43:c3:79:e1:5f:79:3d:87:21:c3:20:
79:61:fe:84:e0:39:f8:58:84:22:b5:4b:18:dc:23:
68:89:08:41:62:b2:e7:ca:52:2b:d8:18:bd:32:2b:
4e:b4:0f:99:ac:1e:a7:86:c6:e8:8e:a9:ed:a8:f3:
8f:64:9b:20:43:12:d8:b8:f7:85:8a:c7:b1:30:93:
c3:c9:51:a8:83:73:a8:aa:82:c2:04:96:7c:8c:f8:
2f:a0:fb:99:09:94:ea:46:34:ec:15:11:95:da:ef:
ab:cc:e3:e7:06:88:34:85:32:e4:40:1e:7b:1e:6d:
19:3e:8b:5d:31:e6:e5:d7:ec:41:c2:7c:42:f4:27:
69:50:84:5b:c6:e8:82:e8:3a:6c:82:a0:98:fc:b6:
2a:f7:57:3f:74:ee:bb:9f:2d:02:ca:58:2b:1a:0f:
de:ed:47:3c:60:51:e5:d9:b5:ca:05:f0:4a:60:3c:
bf:0b:6d:41:c8:bc:f1:f3:ec:10:c7:67:7d:15:18:
8d:09:f8:33:07:69:e1:6a:55:16:4e:6e:c6:0f:8e:
28:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:28:C3:F4:07:8A:8A:12:85:FF:94:C3:49:F8:E8:1D:74:22:D5:D4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CSjD9AeKihKF_5TDSfjoHXQi1dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.34.0/23
91.92.194.0/24
94.156.3.0/24
IPv6:
2a00:1728:d::/48
2a00:1728:24::/48
Signature Algorithm: sha256WithRSAEncryption
74:7c:00:ec:08:52:01:cd:bc:0d:11:17:f8:f7:ea:c4:2e:40:
85:6f:f6:93:d4:de:c8:f3:31:f5:75:25:2d:75:10:79:e8:c4:
3f:57:3a:b7:36:5b:1d:a7:12:7a:bf:4b:ff:0f:ba:39:18:1c:
84:ab:e9:68:b3:6f:44:71:7e:77:7a:92:f9:06:a4:9e:d3:2f:
aa:c9:e3:17:25:a8:05:e2:3e:25:e4:54:5a:31:90:9c:67:9f:
a9:80:bf:6e:12:ea:77:80:0a:61:f0:c4:90:53:e4:d1:6a:c0:
e0:11:b0:c1:8c:a1:af:bc:0a:ea:3f:1a:62:00:ac:c9:d6:dc:
2f:0a:5f:8d:06:59:e2:c5:7c:43:fc:80:11:7d:73:cc:20:9e:
90:c3:19:90:66:71:ab:34:e7:e9:26:1e:51:ce:31:d9:74:b2:
f7:bc:ad:af:01:73:ae:ac:bc:06:c2:64:f3:aa:33:91:37:ac:
c9:47:89:1b:f8:eb:1a:c4:73:18:f1:37:f2:92:8a:c9:aa:04:
a1:9f:6e:7b:c6:fa:4f:13:67:a9:02:11:bc:c5:bc:55:e1:3c:
c6:59:02:7c:a6:db:37:fb:f7:28:b2:97:a5:7f:9b:44:33:ef:
a3:75:af:a1:54:97:be:9b:08:0e:48:be:c0:ab:c8:ef:48:7e:
0f:73:c1:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEHH1UTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDkyOGMzZjQwNzhh
OGExMjg1ZmY5NGMzNDlmOGU4MWQ3NDIyZDVkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDFubJbLqwXO/pWNAd3zwjqcplostLIT79qnKEy9osaySDv
a1Ug92t3tyGGzj/0fkPDeeFfeT2HIcMgeWH+hOA5+FiEIrVLGNwjaIkIQWKy58pS
K9gYvTIrTrQPmawep4bG6I6p7ajzj2SbIEMS2Lj3hYrHsTCTw8lRqINzqKqCwgSW
fIz4L6D7mQmU6kY07BURldrvq8zj5waINIUy5EAeex5tGT6LXTHm5dfsQcJ8QvQn
aVCEW8bogug6bIKgmPy2KvdXP3Tuu58tAspYKxoP3u1HPGBR5dm1ygXwSmA8vwtt
Qci88fPsEMdnfRUYjQn4Mwdp4WpVFk5uxg+OKE8CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQJKMP0B4qKEoX/lMNJ+OgddCLV1DAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L0NTakQ5QWVLaWhLRl81VERTZmpvSFhRaTFkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEAVd5IgMEAFtcwgMEAF6cAzAYBAIA
AjASAwcAKgAXKAANAwcAKgAXKAAkMA0GCSqGSIb3DQEBCwUAA4IBAQB0fADsCFIB
zbwNERf49+rELkCFb/aT1N7I8zH1dSUtdRB56MQ/Vzq3NlsdpxJ6v0v/D7o5GByE
q+los29EcX53epL5BqSe0y+qyeMXJagF4j4l5FRaMZCcZ5+pgL9uEup3gAph8MSQ
U+TRasDgEbDBjKGvvArqPxpiAKzJ1twvCl+NBlnixXxD/IARfXPMIJ6QwxmQZnGr
NOfpJh5RzjHZdLL3vK2vAXOurLwGwmTzqjORN6zJR4kb+OsaxHMY8TfykorJqgSh
n257xvpPE2epAhG8xbxV4TzGWQJ8pts3+/cospelf5tEM++jda+hVJe+mwgOSL7A
q8jvSH4Pc8Gs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:39 2023 by rpki-client on console-fra.rpki-client.org