Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/8onH5N4oxVVW2gbCKCRgoFGt7DE.roa
File: 8onH5N4oxVVW2gbCKCRgoFGt7DE.roa (raw, json)
Hash identifier: MV0bxUH1ZNGnET80Xv5BNbIT2uQwwSgjPpA2VZQJcak=
Subject key identifier: F2:89:C7:E4:DE:28:C5:55:56:DA:06:C2:28:24:60:A0:51:AD:EC:31
Certificate issuer: /CN=64aec8024caa103a8412696c7e72f77803cd8695
Certificate serial: 0185BE25
Authority key identifier: 64:AE:C8:02:4C:AA:10:3A:84:12:69:6C:7E:72:F7:78:03:CD:86:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/8onH5N4oxVVW2gbCKCRgoFGt7DE.roa
Signing time: Sat 01 Jan 2022 00:52:23 +0000
ROA not before: Sat 01 Jan 2022 00:52:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211273
IP address blocks: 193.43.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25542181 (0x185be25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64aec8024caa103a8412696c7e72f77803cd8695
Validity
Not Before: Jan 1 00:52:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f289c7e4de28c55556da06c2282460a051adec31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2d:8d:8c:d7:17:bf:88:86:b6:13:2c:e6:5e:
bd:47:83:6f:90:84:9d:68:01:c1:8c:c2:d8:e3:e7:
c3:6c:cf:82:a8:bc:a0:18:8c:1f:a5:65:8c:9c:ca:
57:77:b0:ff:59:90:96:c6:55:82:8a:ba:32:9d:c1:
70:ea:ff:8a:68:46:46:e6:b2:a8:a0:09:fa:8d:e9:
60:c2:c2:f7:01:ae:a8:ff:74:3b:03:14:54:89:b2:
38:d8:f5:24:0b:95:74:fc:56:ff:d5:cd:dd:6f:0f:
67:7b:28:fb:85:19:e6:f4:94:4f:1c:6e:4a:e8:64:
47:69:7e:0e:0f:22:72:b4:5c:10:e9:6b:cc:6e:52:
34:20:9d:6d:9b:0a:57:28:7f:17:da:8f:10:eb:c6:
e0:7a:82:9b:e0:b1:31:77:63:f7:a9:cf:46:b7:94:
da:ae:45:1e:d3:31:66:fe:cd:77:50:53:84:62:85:
6b:22:c8:f0:7d:8b:cf:9d:bd:84:60:f4:95:07:fa:
e8:c3:3d:53:b0:96:68:2b:07:61:64:54:0f:db:c1:
40:84:3b:7a:6a:49:bc:7a:ec:fc:58:8f:7c:bf:50:
63:75:1d:ad:a1:6c:b1:60:d2:b9:19:71:de:49:c1:
1c:a1:f6:fe:7d:8d:8b:d8:de:59:18:9a:01:03:d2:
75:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:89:C7:E4:DE:28:C5:55:56:DA:06:C2:28:24:60:A0:51:AD:EC:31
X509v3 Authority Key Identifier:
keyid:64:AE:C8:02:4C:AA:10:3A:84:12:69:6C:7E:72:F7:78:03:CD:86:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/8onH5N4oxVVW2gbCKCRgoFGt7DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.40.0/24
Signature Algorithm: sha256WithRSAEncryption
22:25:7c:2d:3e:e9:4f:77:54:7a:48:40:06:8f:56:e3:6e:b5:
3f:9d:d9:5c:32:b9:d8:85:8a:ec:90:c0:4f:59:ab:0d:f1:a5:
0b:c0:06:74:db:e6:a0:1f:fe:29:60:dd:d3:bc:48:c9:f9:b5:
b4:56:10:63:c4:17:bd:ab:10:ee:30:7b:59:d7:4c:e1:5d:36:
ff:cf:65:3a:b0:2f:bc:a1:db:be:a3:0d:87:11:a6:4c:b1:d1:
1c:5a:e1:7b:01:57:de:5b:53:d0:83:d7:99:ab:24:8d:8d:0d:
db:34:a8:ad:87:14:da:e0:cb:6b:b4:95:53:0e:d2:4a:6d:df:
f2:32:df:5b:e9:5c:6f:17:ed:4a:5e:b0:bb:c8:3b:a7:bd:3b:
b9:53:2c:66:e5:72:0f:28:87:d7:83:68:d9:ee:50:8d:be:18:
c8:2b:f0:18:0c:43:fd:06:64:9c:8a:5d:c4:74:62:f0:6b:5b:
ea:47:c4:3f:c9:74:24:f6:44:d4:ca:eb:2c:67:83:c0:0a:a9:
96:b3:c0:09:5e:c0:be:bf:cc:b9:30:f5:1d:18:b1:d7:c8:af:
3b:68:4a:cd:26:32:9c:ce:9d:11:66:ab:6f:5e:92:d8:0b:be:
f1:7a:f8:0c:4b:0d:fe:3b:7b:08:83:b8:a0:57:52:d6:de:23:
ca:3c:9d:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYW+JTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGFlYzgwMjRjYWExMDNhODQxMjY5NmM3ZTcyZjc3ODAzY2Q4Njk1MB4XDTIyMDEw
MTAwNTIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI4OWM3ZTRkZTI4
YzU1NTU2ZGEwNmMyMjgyNDYwYTA1MWFkZWMzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIUtjYzXF7+IhrYTLOZevUeDb5CEnWgBwYzC2OPnw2zPgqi8
oBiMH6VljJzKV3ew/1mQlsZVgoq6Mp3BcOr/imhGRuayqKAJ+o3pYMLC9wGuqP90
OwMUVImyONj1JAuVdPxW/9XN3W8PZ3so+4UZ5vSUTxxuSuhkR2l+Dg8icrRcEOlr
zG5SNCCdbZsKVyh/F9qPEOvG4HqCm+CxMXdj96nPRreU2q5FHtMxZv7Nd1BThGKF
ayLI8H2Lz529hGD0lQf66MM9U7CWaCsHYWRUD9vBQIQ7empJvHrs/FiPfL9QY3Ud
raFssWDSuRlx3knBHKH2/n2Ni9jeWRiaAQPSdW8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyicfk3ijFVVbaBsIoJGCgUa3sMTAfBgNVHSMEGDAWgBRkrsgCTKoQOoQS
aWx+cvd4A82GlTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pLN0lBa3lxRURxRUVtbHNmbkwzZUFQTmhwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvMGYyNGRkLWVmNGEtNGRiZi1iMjBkLWIwMzljMjRiOTljYS8x
Lzhvbkg1TjRveFZWVzJnYkNLQ1Jnb0ZHdDdERS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
MGYyNGRkLWVmNGEtNGRiZi1iMjBkLWIwMzljMjRiOTljYS8xL1pLN0lBa3lxRURx
RUVtbHNmbkwzZUFQTmhwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMErKDANBgkqhkiG9w0BAQsFAAOC
AQEAIiV8LT7pT3dUekhABo9W4261P53ZXDK52IWK7JDAT1mrDfGlC8AGdNvmoB/+
KWDd07xIyfm1tFYQY8QXvasQ7jB7WddM4V02/89lOrAvvKHbvqMNhxGmTLHRHFrh
ewFX3ltT0IPXmaskjY0N2zSorYcU2uDLa7SVUw7SSm3f8jLfW+lcbxftSl6wu8g7
p707uVMsZuVyDyiH14No2e5Qjb4YyCvwGAxD/QZknIpdxHRi8Gtb6kfEP8l0JPZE
1MrrLGeDwAqplrPACV7Avr/MuTD1HRix18ivO2hKzSYynM6dEWarb16S2Au+8Xr4
DEsN/jt7CIO4oFdS1t4jyjyd5w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:11 2023 by rpki-client on console-fra.rpki-client.org