Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/opkGpOp2WQg0ELoMa3Glv8NTqzk.roa
File: opkGpOp2WQg0ELoMa3Glv8NTqzk.roa (raw, json)
Hash identifier: 76cR+hxCttgtznTu5sM0uGkovMyBOZVGD0I6Zk8xlEA=
Subject key identifier: A2:99:06:A4:EA:76:59:08:34:10:BA:0C:6B:71:A5:BF:C3:53:AB:39
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 09090CB0
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/opkGpOp2WQg0ELoMa3Glv8NTqzk.roa
Signing time: Sat 01 Jan 2022 16:00:29 +0000
ROA not before: Sat 01 Jan 2022 16:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46841
IP address blocks: 193.34.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151588016 (0x9090cb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a29906a4ea7659083410ba0c6b71a5bfc353ab39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:72:7f:78:ad:d8:0c:97:03:51:87:02:37:
bf:c8:8d:1c:0e:74:f8:df:c2:35:ae:1d:04:6a:da:
35:2f:db:32:c1:d4:d9:78:3d:a5:99:7d:2b:fa:2b:
83:51:07:7f:6b:3e:a5:aa:70:15:c7:5d:de:1a:77:
56:a9:60:9b:0f:f6:05:ac:48:16:b4:a0:48:aa:ea:
54:15:49:0f:bb:cc:13:23:e9:01:35:2c:d7:01:f2:
f7:79:ac:39:ab:bd:a0:81:d3:66:dc:04:7b:ca:04:
47:f4:fc:9d:e5:7a:e5:c3:fb:62:16:91:45:bd:f0:
b2:36:79:3b:f3:9c:b7:59:65:99:1a:ba:b4:30:10:
49:08:d3:dd:c7:59:cf:13:18:c8:c2:4b:0f:b4:f7:
23:6e:f7:99:7a:ee:dc:56:f3:a6:00:07:44:19:69:
a2:b6:d5:02:84:9e:87:08:cb:c0:cf:18:06:a1:8e:
cc:e6:8c:eb:a7:68:31:73:a8:d4:29:71:49:8e:ef:
9e:96:b5:ba:c1:dd:19:43:ff:a5:fe:4b:bc:e3:92:
bd:34:bb:9d:35:8c:f2:1d:ee:ca:84:6a:d0:35:92:
5b:62:22:df:89:d9:45:dd:a3:c9:ff:84:78:be:b7:
6c:83:b2:a5:3d:93:50:92:87:7a:0f:cf:8d:39:12:
51:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:99:06:A4:EA:76:59:08:34:10:BA:0C:6B:71:A5:BF:C3:53:AB:39
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/opkGpOp2WQg0ELoMa3Glv8NTqzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.77.0/24
Signature Algorithm: sha256WithRSAEncryption
11:54:59:4b:1a:ef:4d:7a:d2:c0:86:79:9c:0b:0c:27:9a:a4:
44:2a:22:a4:81:3b:1e:1c:b2:30:38:b6:d9:60:97:3d:7d:f7:
e2:d4:07:3f:dc:86:3f:7c:de:11:7b:e2:55:ed:0d:81:ea:c9:
b0:cf:35:ed:6c:86:fd:f8:a1:03:87:b5:54:cd:e4:6a:86:79:
c9:c4:5e:ce:ae:55:1e:be:33:c7:f3:6f:e3:e7:0c:03:7e:5d:
a7:fb:43:97:60:36:0c:79:40:4f:5b:1c:db:a8:95:1f:a9:4a:
d0:e4:d3:21:4f:79:f5:69:c7:ad:4d:71:bd:fb:a4:ad:29:7c:
48:5b:51:0c:ea:b0:c2:f7:40:cd:b0:93:f4:42:b1:e9:22:b2:
86:a6:b7:9d:01:9d:73:69:2a:4e:45:45:04:eb:60:43:db:46:
6a:df:85:aa:f3:7a:67:3f:8d:f9:c0:13:05:ce:c0:e9:e8:be:
27:d5:88:80:de:fa:c2:6a:af:bc:bc:97:57:d4:d6:fe:f2:36:
f3:46:62:e6:74:d6:71:a3:84:05:36:83:36:d4:05:5d:d5:3c:
bf:cb:6e:bb:75:a3:9b:f0:61:ec:57:04:50:23:3a:82:5b:83:
71:7a:aa:7a:fc:7a:94:0e:e9:9b:23:36:47:42:08:36:6a:a0:
3c:e0:98:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQkMsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI5OTA2YTRlYTc2
NTkwODM0MTBiYTBjNmI3MWE1YmZjMzUzYWIzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlHcn94rdgMlwNRhwI3v8iNHA50+N/CNa4dBGraNS/bMsHU
2Xg9pZl9K/org1EHf2s+papwFcdd3hp3Vqlgmw/2BaxIFrSgSKrqVBVJD7vMEyPp
ATUs1wHy93msOau9oIHTZtwEe8oER/T8neV65cP7YhaRRb3wsjZ5O/Oct1llmRq6
tDAQSQjT3cdZzxMYyMJLD7T3I273mXru3FbzpgAHRBlporbVAoSehwjLwM8YBqGO
zOaM66doMXOo1ClxSY7vnpa1usHdGUP/pf5LvOOSvTS7nTWM8h3uyoRq0DWSW2Ii
34nZRd2jyf+EeL63bIOypT2TUJKHeg/PjTkSUXsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSimQak6nZZCDQQugxrcaW/w1OrOTAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L29wa0dwT3AyV1FnMEVMb01hM0dsdjhOVHF6ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEiTTANBgkqhkiG9w0BAQsFAAOC
AQEAEVRZSxrvTXrSwIZ5nAsMJ5qkRCoipIE7HhyyMDi22WCXPX334tQHP9yGP3ze
EXviVe0NgerJsM817WyG/fihA4e1VM3kaoZ5ycRezq5VHr4zx/Nv4+cMA35dp/tD
l2A2DHlAT1sc26iVH6lK0OTTIU959WnHrU1xvfukrSl8SFtRDOqwwvdAzbCT9EKx
6SKyhqa3nQGdc2kqTkVFBOtgQ9tGat+FqvN6Zz+N+cATBc7A6ei+J9WIgN76wmqv
vLyXV9TW/vI280Zi5nTWcaOEBTaDNtQFXdU8v8tuu3Wjm/Bh7FcEUCM6gluDcXqq
evx6lA7pmyM2R0IINmqgPOCYJA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org