Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MYFuRgBsDTQMBF1Yza30rOc-uYk.roa
File: MYFuRgBsDTQMBF1Yza30rOc-uYk.roa (raw, json)
Hash identifier: b5eCU/ou5eM7vwppJ7xT0me8X+vMdeuYA1Qi4MTMY5A=
Subject key identifier: 31:81:6E:46:00:6C:0D:34:0C:04:5D:58:CD:AD:F4:AC:E7:3E:B9:89
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0184E314E783BDC2A46B55888EBCE6E4947E
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MYFuRgBsDTQMBF1Yza30rOc-uYk.roa
Signing time: Mon 05 Dec 2022 16:18:28 +0000
ROA not before: Mon 05 Dec 2022 16:18:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5638
IP address blocks: 194.50.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:14:e7:83:bd:c2:a4:6b:55:88:8e:bc:e6:e4:94:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Dec 5 16:18:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31816e46006c0d340c045d58cdadf4ace73eb989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:60:ca:a2:62:44:d2:79:cf:33:24:ef:7a:93:
54:ec:ed:e4:fd:9e:65:65:32:a4:3f:92:cc:4a:7a:
5e:db:71:23:ef:09:6e:6a:10:18:ee:eb:1c:82:15:
ea:21:5d:7c:34:74:99:78:7b:b3:fc:af:e5:60:d0:
47:57:29:1a:a2:e0:85:cb:3b:2d:2c:51:fa:97:c1:
7a:91:3b:7c:f5:a6:69:a5:c0:54:50:89:4e:aa:20:
79:1d:a0:03:e7:6c:4a:9a:27:c9:5c:e6:8e:b9:cc:
a0:70:b4:7d:7f:0b:92:cb:61:f2:08:14:28:9d:7e:
1b:b5:a5:12:2e:04:22:0f:97:85:f2:a8:3d:1f:fb:
7a:9e:2e:ec:f7:4c:9a:be:7c:50:0b:15:2a:22:13:
45:6c:dc:d6:84:c5:6e:62:de:33:4e:94:ce:5c:b6:
c1:f2:53:ec:f7:16:f3:23:07:cc:cc:9e:63:3b:b0:
f8:b7:00:c2:ee:94:33:ea:af:3e:12:15:3a:41:44:
bb:47:4c:fa:23:a0:05:13:9d:9f:fa:0d:5d:56:19:
91:02:e9:e5:b2:41:6b:74:b3:41:87:bc:8b:51:25:
5a:88:9f:73:9a:19:7a:60:a8:7a:e0:68:02:a0:63:
3a:89:64:65:85:06:63:82:21:6a:e7:f6:f6:b0:43:
85:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:81:6E:46:00:6C:0D:34:0C:04:5D:58:CD:AD:F4:AC:E7:3E:B9:89
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MYFuRgBsDTQMBF1Yza30rOc-uYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.19.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:88:f4:f8:dd:eb:49:79:0c:89:d1:a3:2d:d8:77:7a:d4:90:
f5:1d:db:86:d0:fa:ea:3e:45:b7:8e:2e:a0:91:f1:cf:d0:c0:
b1:31:20:32:68:5d:25:30:d6:64:0a:0c:d0:25:68:45:d5:a9:
14:89:80:f4:0f:02:33:d5:fd:93:7e:46:31:db:95:5e:0a:c5:
d3:7c:9c:e3:8f:98:6f:20:32:f4:f8:73:7b:00:a2:ba:cd:4d:
f4:db:e9:8e:12:bd:69:0d:ab:74:9b:f8:67:a9:25:8c:b0:08:
9a:0e:1e:69:40:50:08:4e:e3:b6:ff:01:0b:e1:62:e8:8e:13:
0a:85:e4:89:08:80:12:25:69:98:09:c4:0a:18:79:7b:f0:e6:
12:40:94:ea:29:5d:3b:7e:30:5c:42:dc:6d:92:22:53:d0:d6:
98:65:aa:02:04:ba:74:d8:26:ee:98:9b:0d:49:76:06:46:8c:
88:47:b0:ad:9c:6e:68:c6:36:fd:08:23:f3:35:d3:cd:7e:6a:
59:b1:ac:0b:4d:c6:59:3d:a6:1b:5d:03:fc:d7:c1:c9:5a:94:
48:8f:5d:b0:43:af:34:3b:4a:9d:65:ca:5c:ed:e5:1e:d8:ef:
ca:f6:87:29:a5:93:65:32:67:0a:47:52:9f:2b:7a:1c:a8:b3:
73:fa:24:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTjFOeDvcKka1WIjrzm5JR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMjA1MTYxODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTgxNmU0NjAwNmMwZDM0MGMwNDVkNThjZGFkZjRhY2U3M2ViOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGDKomJE0nnPMyTvepNU7O3k/Z5l
ZTKkP5LMSnpe23Ej7wluahAY7uscghXqIV18NHSZeHuz/K/lYNBHVykaouCFyzst
LFH6l8F6kTt89aZppcBUUIlOqiB5HaAD52xKmifJXOaOucygcLR9fwuSy2HyCBQo
nX4btaUSLgQiD5eF8qg9H/t6ni7s90yavnxQCxUqIhNFbNzWhMVuYt4zTpTOXLbB
8lPs9xbzIwfMzJ5jO7D4twDC7pQz6q8+EhU6QUS7R0z6I6AFE52f+g1dVhmRAunl
skFrdLNBh7yLUSVaiJ9zmhl6YKh64GgCoGM6iWRlhQZjgiFq5/b2sEOF+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGBbkYAbA00DARdWM2t9KznPrmJMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTVlGdVJnQnNEVFFNQkYxWXphMzByT2MtdVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjITMA0G
CSqGSIb3DQEBCwUAA4IBAQBKiPT43etJeQyJ0aMt2Hd61JD1HduG0PrqPkW3ji6g
kfHP0MCxMSAyaF0lMNZkCgzQJWhF1akUiYD0DwIz1f2TfkYx25VeCsXTfJzjj5hv
IDL0+HN7AKK6zU302+mOEr1pDat0m/hnqSWMsAiaDh5pQFAITuO2/wEL4WLojhMK
heSJCIASJWmYCcQKGHl78OYSQJTqKV07fjBcQtxtkiJT0NaYZaoCBLp02CbumJsN
SXYGRoyIR7CtnG5oxjb9CCPzNdPNfmpZsawLTcZZPaYbXQP818HJWpRIj12wQ680
O0qdZcpc7eUe2O/K9ocppZNlMmcKR1KfK3ocqLNz+iS/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org