Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/M_g00emkIBBtwJAEwgup1c2z4_w.roa
File: M_g00emkIBBtwJAEwgup1c2z4_w.roa (raw, json)
Hash identifier: GiqgM0OEmUztSEreXVY64G4mS+wxLbNMpuG7wTpkj8M=
Subject key identifier: 33:F8:34:D1:E9:A4:20:10:6D:C0:90:04:C2:0B:A9:D5:CD:B3:E3:FC
Certificate issuer: /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Certificate serial: 0920B1D9
Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/M_g00emkIBBtwJAEwgup1c2z4_w.roa
Signing time: Sat 01 Jan 2022 14:02:19 +0000
ROA not before: Sat 01 Jan 2022 14:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 193.151.94.0/24 maxlen: 24
195.8.103.0/24 maxlen: 24
91.240.19.0/24 maxlen: 24
91.240.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153137625 (0x920b1d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Validity
Not Before: Jan 1 14:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33f834d1e9a420106dc09004c20ba9d5cdb3e3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:53:91:a0:22:9b:12:05:55:54:9e:0b:ca:24:
ba:8d:7d:ef:64:9e:39:fb:3d:28:28:73:86:91:33:
df:70:52:75:81:78:b8:8d:4b:dd:b5:72:f4:d8:8f:
c0:08:83:93:78:a2:24:5c:fd:07:d3:c4:f6:74:f6:
46:95:c5:2a:92:fe:19:9b:24:b7:a3:97:46:ea:8d:
1a:74:19:d6:24:9b:3f:e4:83:f7:f5:e4:30:24:a6:
b3:80:2d:e5:c9:1e:61:16:db:49:75:77:88:f2:8a:
5e:63:9b:24:16:ab:7f:01:7f:e5:2f:6b:5c:6a:cd:
30:30:de:89:4c:3d:ab:29:9c:e2:af:2b:6e:fb:40:
d1:ce:82:81:6d:fa:0e:6d:6a:86:d0:67:d6:a3:16:
a1:6e:c8:6c:47:7d:d9:5e:e8:ed:a3:cc:69:24:56:
1d:d2:12:dc:14:82:0c:7f:00:ad:5c:46:66:46:36:
2d:8a:2d:40:94:73:06:e6:ed:e0:4b:6f:55:de:eb:
c0:b7:fb:d4:a4:21:c9:8c:9d:04:b3:a2:09:c7:19:
63:fd:f4:fc:c8:db:ae:5e:aa:70:76:54:e4:b1:da:
a1:cc:a8:64:3b:90:c1:1b:a4:93:d5:9a:b6:95:27:
e4:85:17:34:31:51:33:d7:6a:9b:06:c7:03:73:71:
c4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F8:34:D1:E9:A4:20:10:6D:C0:90:04:C2:0B:A9:D5:CD:B3:E3:FC
X509v3 Authority Key Identifier:
keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/M_g00emkIBBtwJAEwgup1c2z4_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.18.0/23
193.151.94.0/24
195.8.103.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:de:37:ee:cf:73:4b:45:60:d8:83:15:fc:35:cd:82:8b:62:
1e:bf:1c:3b:4d:c2:04:16:b4:02:be:18:a6:f0:64:d3:1d:97:
62:bd:9a:8e:17:45:bb:48:55:2e:de:72:b8:cd:2a:54:5b:91:
ff:88:11:de:51:c9:e9:ef:f5:e0:38:b0:4b:23:a2:33:7b:2d:
b2:88:5b:5b:3b:c0:fe:70:b4:7c:db:2c:12:fc:65:e8:b7:97:
8e:75:3c:53:5c:1e:05:5e:53:4c:9c:b4:ad:69:91:b4:d8:6a:
a8:7a:4c:95:9e:d4:f4:fc:2f:7f:f4:44:ee:7d:65:64:b7:f1:
14:48:64:67:83:24:80:a9:55:47:6c:20:39:ea:2b:4b:00:c8:
00:d6:0e:71:0f:2a:30:33:2f:46:73:78:f1:ac:30:3a:7b:3f:
e0:b7:62:14:b9:e9:8b:6a:03:03:30:58:f1:74:39:aa:f8:f7:
ab:b6:c1:2b:f6:23:9c:51:c0:83:79:89:ef:08:47:68:a0:71:
8c:4d:1b:7a:47:15:5a:6d:ce:15:d2:04:24:c4:58:ed:d6:56:
41:58:f4:2f:34:bd:91:79:8c:96:ed:b8:fc:1d:f9:df:f1:f3:
4e:54:f2:26:cf:ce:41:70:a0:d7:19:82:27:18:69:4c:cc:5d:
16:d4:fc:35
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECSCx2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWRjYzc3NmIyYmY1OTViZjRiM2U2MGJiYTQyNDVmMDEyMGEyMTc2MB4XDTIyMDEw
MTE0MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNmODM0ZDFlOWE0
MjAxMDZkYzA5MDA0YzIwYmE5ZDVjZGIzZTNmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNTkaAimxIFVVSeC8okuo1972SeOfs9KChzhpEz33BSdYF4
uI1L3bVy9NiPwAiDk3iiJFz9B9PE9nT2RpXFKpL+GZskt6OXRuqNGnQZ1iSbP+SD
9/XkMCSms4At5ckeYRbbSXV3iPKKXmObJBarfwF/5S9rXGrNMDDeiUw9qymc4q8r
bvtA0c6CgW36Dm1qhtBn1qMWoW7IbEd92V7o7aPMaSRWHdIS3BSCDH8ArVxGZkY2
LYotQJRzBubt4EtvVd7rwLf71KQhyYydBLOiCccZY/30/Mjbrl6qcHZU5LHaocyo
ZDuQwRukk9WatpUn5IUXNDFRM9dqmwbHA3NxxMcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQz+DTR6aQgEG3AkATCC6nVzbPj/DAfBgNVHSMEGDAWgBR13Md2sr9ZW/Sz
5gu6QkXwEgohdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RkekhkcktfV1Z2MHMtWUx1a0pGOEJJS0lYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvNTgxYzVkLWJjOWItNDBhNi1hNWE0LTY0NTQwMjA1ZWNmNC8x
L01fZzAwZW1rSUJCdHdKQUV3Z3VwMWMyejRfdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
NTgxYzVkLWJjOWItNDBhNi1hNWE0LTY0NTQwMjA1ZWNmNC8xL2RkekhkcktfV1Z2
MHMtWUx1a0pGOEJJS0lYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvwEgMEAMGXXgMEAMMIZzANBgkq
hkiG9w0BAQsFAAOCAQEAzd437s9zS0Vg2IMV/DXNgotiHr8cO03CBBa0Ar4YpvBk
0x2XYr2ajhdFu0hVLt5yuM0qVFuR/4gR3lHJ6e/14DiwSyOiM3stsohbWzvA/nC0
fNssEvxl6LeXjnU8U1weBV5TTJy0rWmRtNhqqHpMlZ7U9Pwvf/RE7n1lZLfxFEhk
Z4MkgKlVR2wgOeorSwDIANYOcQ8qMDMvRnN48awwOns/4LdiFLnpi2oDAzBY8XQ5
qvj3q7bBK/YjnFHAg3mJ7whHaKBxjE0bekcVWm3OFdIEJMRY7dZWQVj0LzS9kXmM
lu24/B353/HzTlTyJs/OQXCg1xmCJxhpTMxdFtT8NQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:45 2023 by rpki-client on console-fra.rpki-client.org