Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/UlXEsEj9RRjQHKVyNP7-beSF8Rs.roa
File: UlXEsEj9RRjQHKVyNP7-beSF8Rs.roa (raw, json)
Hash identifier: AFD/0dtU62LDCTRd/gWPjZqC53FjgT9hcPEFgRIwl3Q=
Subject key identifier: 52:55:C4:B0:48:FD:45:18:D0:1C:A5:72:34:FE:FE:6D:E4:85:F1:1B
Certificate issuer: /CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Certificate serial: 021DEC94
Authority key identifier: 7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/UlXEsEj9RRjQHKVyNP7-beSF8Rs.roa
Signing time: Sat 01 Jan 2022 13:05:26 +0000
ROA not before: Sat 01 Jan 2022 13:05:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32787
IP address blocks: 195.225.135.0/24 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35515540 (0x21dec94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Validity
Not Before: Jan 1 13:05:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5255c4b048fd4518d01ca57234fefe6de485f11b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b5:75:24:5f:4e:90:ae:92:aa:6c:4f:9c:5a:
81:13:ee:2e:f2:d7:b3:1c:68:9f:a4:13:e6:6e:55:
e7:49:b1:d7:58:44:71:50:14:96:77:ed:65:ac:13:
a9:09:d6:96:a3:c5:f9:4b:22:dc:24:9a:be:f0:aa:
98:cb:06:81:83:25:ca:f3:ce:5b:eb:5d:f7:24:e2:
7e:aa:a3:11:a2:27:82:df:23:c2:03:da:74:f8:5c:
c3:a8:b4:ee:fd:f1:b3:7d:18:37:12:e4:52:47:e9:
58:e0:d4:3c:08:62:5f:7c:a9:65:3e:f4:c2:05:27:
cf:ff:59:04:67:5e:e4:a7:b0:26:da:45:7a:21:9e:
f6:af:45:65:97:a0:44:e6:5d:53:fa:e5:1c:db:af:
f7:0b:4d:43:1e:f2:e9:ae:72:19:37:80:88:30:05:
7c:89:df:de:2c:0e:2f:96:07:52:05:52:1f:f1:46:
b1:46:8e:c4:ed:04:58:a6:2a:fb:cc:0e:45:d3:be:
03:a0:1d:1b:93:58:19:b4:36:2d:c7:be:b2:66:0a:
85:57:5c:2e:d5:bd:f5:91:8f:96:af:61:f5:10:47:
c4:45:1b:2f:00:14:5e:7c:98:63:23:99:31:ca:28:
5f:09:fc:69:d8:db:aa:34:66:4a:30:0a:d9:51:9d:
4b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:55:C4:B0:48:FD:45:18:D0:1C:A5:72:34:FE:FE:6D:E4:85:F1:1B
X509v3 Authority Key Identifier:
keyid:7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/UlXEsEj9RRjQHKVyNP7-beSF8Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.135.0/24
Signature Algorithm: sha256WithRSAEncryption
48:af:80:d3:47:00:37:44:ea:d0:5a:e5:2f:21:9b:bb:91:8e:
c3:bf:82:74:2e:5d:aa:91:c4:f7:30:48:3b:2c:65:bd:e4:58:
4d:66:db:52:47:13:14:90:a6:0e:24:e0:b8:e3:c2:1b:2b:70:
10:3f:06:94:9d:9d:46:3f:06:4d:49:fb:bf:7a:15:a9:5a:c9:
73:39:d2:cf:19:4e:e5:23:5b:e8:6e:70:fb:23:1a:5e:64:ce:
dc:b1:18:bf:7b:a2:de:d2:67:53:0f:30:7b:f9:c3:6c:d0:6c:
a4:55:17:01:03:6a:e1:d2:ec:a5:ea:9b:48:aa:f9:de:a2:bd:
3e:e6:0c:f3:5f:fc:ad:82:77:b1:6b:0f:db:36:c8:ce:09:b4:
38:71:00:b6:03:e9:7f:18:11:e9:2a:8f:f1:55:0e:1a:66:78:
97:bb:07:d7:c8:2b:70:22:31:8d:31:f9:1e:27:5e:17:d1:b2:
22:96:e9:c0:73:c4:12:2c:a3:fd:36:a5:e1:44:59:a1:e1:a6:
88:33:3e:4d:78:63:a5:aa:d4:f9:18:11:6d:d6:2e:2d:a0:da:
49:e7:d3:f9:51:42:61:dd:07:df:51:57:78:4c:25:b1:df:31:
ca:d5:d7:35:14:31:6f:0d:f1:70:b2:88:5c:c6:cf:45:eb:4c:
06:ac:66:c1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAh3slDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGM4OTExNjgyYmM1Y2E3MWNlY2UxZWZlM2FjMTM1YmZkYjU5ZGQ2MB4XDTIyMDEw
MTEzMDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI1NWM0YjA0OGZk
NDUxOGQwMWNhNTcyMzRmZWZlNmRlNDg1ZjExYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANy1dSRfTpCukqpsT5xagRPuLvLXsxxon6QT5m5V50mx11hE
cVAUlnftZawTqQnWlqPF+Usi3CSavvCqmMsGgYMlyvPOW+td9yTifqqjEaIngt8j
wgPadPhcw6i07v3xs30YNxLkUkfpWODUPAhiX3ypZT70wgUnz/9ZBGde5KewJtpF
eiGe9q9FZZegROZdU/rlHNuv9wtNQx7y6a5yGTeAiDAFfInf3iwOL5YHUgVSH/FG
sUaOxO0EWKYq+8wORdO+A6AdG5NYGbQ2Lce+smYKhVdcLtW99ZGPlq9h9RBHxEUb
LwAUXnyYYyOZMcooXwn8adjbqjRmSjAK2VGdS78CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSVcSwSP1FGNAcpXI0/v5t5IXxGzAfBgNVHSMEGDAWgBR9yJEWgrxcpxzs
4e/jrBNb/bWd1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZjaVJGb0s4WEtjYzdPSHY0NndUV18yMW5kWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMDgzMWJmLTExOGMtNGVjZS05MzRkLTc1Mjk1MjUxYjFlOC8x
L1VsWEVzRWo5UlJqUUhLVnlOUDctYmVTRjhScy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MDgzMWJmLTExOGMtNGVjZS05MzRkLTc1Mjk1MjUxYjFlOC8xL2ZjaVJGb0s4WEtj
YzdPSHY0NndUV18yMW5kWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPhhzANBgkqhkiG9w0BAQsFAAOC
AQEASK+A00cAN0Tq0FrlLyGbu5GOw7+CdC5dqpHE9zBIOyxlveRYTWbbUkcTFJCm
DiTguOPCGytwED8GlJ2dRj8GTUn7v3oVqVrJcznSzxlO5SNb6G5w+yMaXmTO3LEY
v3ui3tJnUw8we/nDbNBspFUXAQNq4dLspeqbSKr53qK9PuYM81/8rYJ3sWsP2zbI
zgm0OHEAtgPpfxgR6SqP8VUOGmZ4l7sH18grcCIxjTH5HideF9GyIpbpwHPEEiyj
/Tal4URZoeGmiDM+TXhjparU+RgRbdYuLaDaSefT+VFCYd0H31FXeEwlsd8xytXX
NRQxbw3xcLKIXMbPRetMBqxmwQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:14 2023 by rpki-client on console-fra.rpki-client.org