Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/gWCDnntnGVOJv7a04YYHT-IqRn8.roa
File: gWCDnntnGVOJv7a04YYHT-IqRn8.roa (raw, json)
Hash identifier: OzFla/ob8Fl25e6N9Y3UyjwLSSmzD83wJoRfwI6S2ic=
Subject key identifier: 81:60:83:9E:7B:67:19:53:89:BF:B6:B4:E1:86:07:4F:E2:2A:46:7F
Certificate issuer: /CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Certificate serial: 01845CA00E1ED162E9A1A0BE32191C546219
Authority key identifier: 99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/gWCDnntnGVOJv7a04YYHT-IqRn8.roa
Signing time: Wed 09 Nov 2022 13:41:43 +0000
ROA not before: Wed 09 Nov 2022 13:41:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 195.184.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:a0:0e:1e:d1:62:e9:a1:a0:be:32:19:1c:54:62:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Validity
Not Before: Nov 9 13:41:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8160839e7b67195389bfb6b4e186074fe22a467f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4f:e0:f3:4e:02:70:4c:67:11:de:93:f5:4b:
7d:f2:db:55:86:27:45:e8:f5:2e:ab:9c:ef:34:38:
cc:84:bc:48:d2:bf:b8:5d:11:a1:27:54:68:67:f2:
45:2a:32:51:89:95:96:7b:55:50:ac:57:d1:ff:46:
c7:49:d5:94:43:7f:7e:a8:67:e3:ee:08:1b:c7:74:
4a:80:07:15:0b:27:8d:87:71:21:ad:1e:5b:46:08:
23:2a:6c:2d:7b:80:e8:51:2a:c3:56:bf:c7:4c:ce:
4d:76:67:9d:0f:69:b1:d5:b7:c3:e6:29:3a:63:e3:
43:3d:f5:c1:37:e4:fb:78:d8:43:f9:10:cc:92:a5:
4b:c7:e7:c8:ef:bc:4e:b7:86:d3:25:31:31:8e:1c:
17:e1:8c:89:73:36:6f:38:ae:a1:79:e0:20:29:86:
a1:21:13:3d:84:67:aa:f3:b9:67:30:40:c4:83:fb:
cd:ec:03:d2:fd:82:a3:48:23:6c:84:e9:54:b0:be:
f6:d4:fb:20:44:30:b2:5e:c8:e0:e5:46:4f:fe:84:
5a:2e:e2:b7:5c:64:3c:fd:6a:6f:73:04:e4:24:b4:
23:7c:33:03:9c:fa:ba:1d:1d:8c:07:04:dc:d4:01:
4a:49:ee:3f:48:3a:6b:99:ee:45:8b:43:3c:d2:cc:
06:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:60:83:9E:7B:67:19:53:89:BF:B6:B4:E1:86:07:4F:E2:2A:46:7F
X509v3 Authority Key Identifier:
keyid:99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/gWCDnntnGVOJv7a04YYHT-IqRn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/mfrSUn6vqVIVqP7Weif608-y038.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.184.76.0/24
Signature Algorithm: sha256WithRSAEncryption
36:51:92:7e:07:74:a6:55:4f:33:51:e9:ee:db:90:a7:5e:47:
e7:80:70:99:6b:a3:1d:b2:22:38:51:e4:fd:c5:75:5b:b1:7f:
96:74:10:e1:ba:a7:65:12:0a:5b:75:12:4d:e1:bc:ef:c5:37:
0f:10:6d:c6:1a:6c:d1:fe:8a:3f:23:55:b9:b9:be:c7:31:3c:
1e:15:10:5e:e4:f6:e6:d9:3a:82:6d:0e:b0:77:12:10:ad:26:
f8:61:6e:6a:e1:69:ab:0a:67:1e:50:21:74:36:9e:c8:8b:4b:
f9:04:99:01:d8:dc:7b:ed:b6:5f:de:f4:56:fd:e7:73:1d:43:
07:47:ec:7a:3a:69:9c:df:a3:12:73:fc:14:15:c3:d5:03:79:
0b:3b:c9:fa:5f:10:ca:d8:d1:0e:f7:56:7b:2e:00:6e:9c:fb:
4b:e8:02:0a:dc:9d:48:0e:35:18:8a:ad:dd:27:5b:11:07:a1:
ae:ad:9e:dc:2d:02:a6:3c:6a:28:9f:68:be:ec:da:5f:63:9c:
f0:f6:62:43:fc:42:aa:55:78:11:ac:41:46:2a:2a:47:8a:cb:
c1:2d:2a:a1:71:dd:35:02:31:31:58:31:3c:83:30:db:68:af:
cb:d6:df:dd:ff:0a:5a:d9:9f:5b:e8:d7:b4:f1:f2:15:f3:b8:
d1:35:39:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRcoA4e0WLpoaC+MhkcVGIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmFkMjUyN2VhZmE5NTIxNWE4ZmVkNjdhMjdmYWQzY2Zi
MmQzN2YwHhcNMjIxMTA5MTM0MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTYwODM5ZTdiNjcxOTUzODliZmI2YjRlMTg2MDc0ZmUyMmE0NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk/g804CcExnEd6T9Ut98ttVhidF
6PUuq5zvNDjMhLxI0r+4XRGhJ1RoZ/JFKjJRiZWWe1VQrFfR/0bHSdWUQ39+qGfj
7ggbx3RKgAcVCyeNh3EhrR5bRggjKmwte4DoUSrDVr/HTM5NdmedD2mx1bfD5ik6
Y+NDPfXBN+T7eNhD+RDMkqVLx+fI77xOt4bTJTExjhwX4YyJczZvOK6heeAgKYah
IRM9hGeq87lnMEDEg/vN7APS/YKjSCNshOlUsL721PsgRDCyXsjg5UZP/oRaLuK3
XGQ8/WpvcwTkJLQjfDMDnPq6HR2MBwTc1AFKSe4/SDprme5Fi0M80swGGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFgg557ZxlTib+2tOGGB0/iKkZ/MB8GA1UdIwQY
MBaAFJn60lJ+r6lSFaj+1non+tPPstN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMt
MDEwM2E4OTljMmRlLzEvZ1dDRG5udG5HVk9KdjdhMDRZWUhULUlxUm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMtMDEwM2E4OTljMmRl
LzEvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7hMMA0G
CSqGSIb3DQEBCwUAA4IBAQA2UZJ+B3SmVU8zUenu25CnXkfngHCZa6MdsiI4UeT9
xXVbsX+WdBDhuqdlEgpbdRJN4bzvxTcPEG3GGmzR/oo/I1W5ub7HMTweFRBe5Pbm
2TqCbQ6wdxIQrSb4YW5q4WmrCmceUCF0Np7Ii0v5BJkB2Nx77bZf3vRW/edzHUMH
R+x6Ommc36MSc/wUFcPVA3kLO8n6XxDK2NEO91Z7LgBunPtL6AIK3J1IDjUYiq3d
J1sRB6GurZ7cLQKmPGoon2i+7NpfY5zw9mJD/EKqVXgRrEFGKipHisvBLSqhcd01
AjExWDE8gzDbaK/L1t/d/wpa2Z9b6Ne08fIV87jRNTlv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org