Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/1G4IQ6kGpO2S1pN14svRsWzOC2A.roa
File: 1G4IQ6kGpO2S1pN14svRsWzOC2A.roa (raw, json)
Hash identifier: fHDN7bEjRSnKTbjwGpHT6dhgnvZhOB+gi+jnPgpz8gU=
Subject key identifier: D4:6E:08:43:A9:06:A4:ED:92:D6:93:75:E2:CB:D1:B1:6C:CE:0B:60
Certificate issuer: /CN=d9ff9e17b9b41988a92599cbcaba0391ffb61a20
Certificate serial: 01845635B1C2DC6C3C3DBA47EA2E32A177FC
Authority key identifier: D9:FF:9E:17:B9:B4:19:88:A9:25:99:CB:CA:BA:03:91:FF:B6:1A:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-eF7m0GYipJZnLyroDkf-2GiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/1G4IQ6kGpO2S1pN14svRsWzOC2A.roa
Signing time: Tue 08 Nov 2022 07:47:50 +0000
ROA not before: Tue 08 Nov 2022 07:47:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24951
IP address blocks: 195.234.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:35:b1:c2:dc:6c:3c:3d:ba:47:ea:2e:32:a1:77:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff9e17b9b41988a92599cbcaba0391ffb61a20
Validity
Not Before: Nov 8 07:47:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d46e0843a906a4ed92d69375e2cbd1b16cce0b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ea:f9:ca:01:96:64:8d:1d:f4:2f:39:99:32:
58:3e:4f:bf:c3:66:fb:f9:d7:1b:ef:fb:86:5a:c7:
25:50:58:af:b6:7f:b4:32:27:9f:dd:a8:c1:70:51:
a5:9a:d4:f9:fb:5e:eb:ce:bd:51:2a:1c:6e:8b:c2:
ae:0a:e0:45:80:21:0f:52:83:f3:fb:06:33:70:c6:
35:4b:58:d3:6a:3f:a4:bc:80:99:e7:ec:7a:57:f2:
c2:0d:a5:f1:ca:ee:ad:95:59:c6:2f:46:02:6e:ea:
93:f2:1a:c9:89:c7:75:a1:81:21:47:79:71:30:ec:
73:8f:c8:18:e5:fa:68:c3:11:fe:a6:c2:a4:28:ab:
55:57:4c:67:dc:d1:47:ae:b7:f2:ce:2b:1b:3b:38:
40:5c:27:85:98:c5:ab:ce:ea:a2:96:7a:6e:ae:12:
a9:8d:7c:48:c9:13:fc:7c:36:f2:99:1b:43:89:85:
79:fe:0a:3d:0e:c4:00:54:db:3b:b0:47:ad:d2:dd:
70:bb:30:8f:9c:5e:87:c1:03:c7:86:9e:bb:17:70:
d2:74:63:0f:07:a2:ce:c1:84:d5:22:46:c7:ff:d9:
2a:c5:24:6b:48:e7:60:ce:4b:65:48:e7:38:db:da:
fd:b7:8f:94:8c:7c:59:25:68:4e:1d:de:56:4f:a4:
83:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6E:08:43:A9:06:A4:ED:92:D6:93:75:E2:CB:D1:B1:6C:CE:0B:60
X509v3 Authority Key Identifier:
keyid:D9:FF:9E:17:B9:B4:19:88:A9:25:99:CB:CA:BA:03:91:FF:B6:1A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-eF7m0GYipJZnLyroDkf-2GiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/1G4IQ6kGpO2S1pN14svRsWzOC2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/49d859-610a-4242-8ddf-37a0e474ab15/1/2f-eF7m0GYipJZnLyroDkf-2GiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.64.0/22
Signature Algorithm: sha256WithRSAEncryption
47:e5:ab:47:af:f4:e2:61:97:61:41:33:d5:09:e4:92:c1:6e:
45:00:4d:14:ae:8c:f7:3d:94:87:83:49:ea:4f:08:a2:18:1c:
97:9f:6a:4e:e7:80:1e:b6:dc:78:20:ee:da:37:51:95:b0:ec:
89:1d:cc:80:45:f1:29:6b:29:41:86:57:9b:fe:72:a8:c2:6e:
67:14:65:ee:00:0c:d7:f5:c2:28:87:ca:07:12:11:3d:09:d7:
bf:71:26:48:80:42:c4:6e:77:61:a3:68:b6:10:b2:75:20:e0:
7c:52:64:58:fb:21:8f:09:d2:2d:06:34:57:48:bb:6f:2e:6b:
cf:1a:9c:69:96:fc:da:e9:b4:51:14:14:5a:09:fa:9b:56:10:
47:46:e4:42:6e:fc:3c:ff:3c:9a:1a:06:7b:12:98:78:8b:49:
36:34:3f:67:02:83:b4:2d:9b:89:ce:89:53:dc:7b:72:dd:37:
47:88:91:34:09:14:a0:b7:f5:ed:46:1a:49:36:af:b1:c0:64:
e7:9d:3b:e9:09:08:2c:07:27:a4:31:e7:00:a5:13:6a:46:8f:
af:b4:ed:93:e0:c3:77:89:ba:63:c3:1b:11:68:5b:b8:9f:fa:
3a:a3:3b:a1:a6:b2:64:85:fb:07:66:86:2e:40:d9:89:84:0e:
3b:3b:0a:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRWNbHC3Gw8PbpH6i4yoXf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmY5ZTE3YjliNDE5ODhhOTI1OTljYmNhYmEwMzkxZmZi
NjFhMjAwHhcNMjIxMTA4MDc0NzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZlMDg0M2E5MDZhNGVkOTJkNjkzNzVlMmNiZDFiMTZjY2UwYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+r5ygGWZI0d9C85mTJYPk+/w2b7
+dcb7/uGWsclUFivtn+0Mief3ajBcFGlmtT5+17rzr1RKhxui8KuCuBFgCEPUoPz
+wYzcMY1S1jTaj+kvICZ5+x6V/LCDaXxyu6tlVnGL0YCbuqT8hrJicd1oYEhR3lx
MOxzj8gY5fpowxH+psKkKKtVV0xn3NFHrrfyzisbOzhAXCeFmMWrzuqilnpurhKp
jXxIyRP8fDbymRtDiYV5/go9DsQAVNs7sEet0t1wuzCPnF6HwQPHhp67F3DSdGMP
B6LOwYTVIkbH/9kqxSRrSOdgzktlSOc429r9t4+UjHxZJWhOHd5WT6SDIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRuCEOpBqTtktaTdeLL0bFszgtgMB8GA1UdIwQY
MBaAFNn/nhe5tBmIqSWZy8q6A5H/thogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmYtZUY3bTBHWWlwSlpuTHlyb0RrZi0yR2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80OWQ4NTktNjEwYS00MjQyLThkZGYt
MzdhMGU0NzRhYjE1LzEvMUc0SVE2a0dwTzJTMXBOMTRzdlJzV3pPQzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80OWQ4NTktNjEwYS00MjQyLThkZGYtMzdhMGU0NzRhYjE1
LzEvMmYtZUY3bTBHWWlwSlpuTHlyb0RrZi0yR2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+pAMA0G
CSqGSIb3DQEBCwUAA4IBAQBH5atHr/TiYZdhQTPVCeSSwW5FAE0Uroz3PZSHg0nq
TwiiGByXn2pO54Aettx4IO7aN1GVsOyJHcyARfEpaylBhleb/nKowm5nFGXuAAzX
9cIoh8oHEhE9Cde/cSZIgELEbndho2i2ELJ1IOB8UmRY+yGPCdItBjRXSLtvLmvP
Gpxplvza6bRRFBRaCfqbVhBHRuRCbvw8/zyaGgZ7Eph4i0k2ND9nAoO0LZuJzolT
3Hty3TdHiJE0CRSgt/XtRhpJNq+xwGTnnTvpCQgsByekMecApRNqRo+vtO2T4MN3
ibpjwxsRaFu4n/o6ozuhprJkhfsHZoYuQNmJhA47Owqx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:58 2023 by rpki-client on console-ams.rpki-client.org