Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/SEC7faqn6tD5pSRjqMFgx0XjxoM.roa
File: SEC7faqn6tD5pSRjqMFgx0XjxoM.roa (raw, json)
Hash identifier: HHnDijoUCDFDNYXE5S/3jToUi7RSHPRigbftOAg5WsY=
Subject key identifier: 48:40:BB:7D:AA:A7:EA:D0:F9:A5:24:63:A8:C1:60:C7:45:E3:C6:83
Certificate issuer: /CN=1a3e970ed62771343a096ffb2efc26abb7ed68af
Certificate serial: 06442B9A
Authority key identifier: 1A:3E:97:0E:D6:27:71:34:3A:09:6F:FB:2E:FC:26:AB:B7:ED:68:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gj6XDtYncTQ6CW_7Lvwmq7ftaK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/SEC7faqn6tD5pSRjqMFgx0XjxoM.roa
Signing time: Sat 01 Jan 2022 11:59:39 +0000
ROA not before: Sat 01 Jan 2022 11:59:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39771
IP address blocks: 195.42.0.0/19 maxlen: 19
195.42.32.0/20 maxlen: 20
194.4.72.0/21 maxlen: 21
195.42.48.0/21 maxlen: 21
195.42.56.0/22 maxlen: 22
194.4.80.0/20 maxlen: 20
195.42.60.0/23 maxlen: 23
195.42.62.0/23 maxlen: 23
194.4.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105130906 (0x6442b9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a3e970ed62771343a096ffb2efc26abb7ed68af
Validity
Not Before: Jan 1 11:59:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4840bb7daaa7ead0f9a52463a8c160c745e3c683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d8:57:b8:b3:86:ba:93:51:65:7c:88:0d:20:
a1:3f:bb:55:a5:1c:1c:c9:c0:9a:28:af:cc:0a:87:
67:ce:2d:6f:c3:5d:dd:f4:0b:96:e3:dc:69:f8:8e:
be:7d:79:1c:d6:85:f6:98:b0:db:7c:a9:10:23:33:
4e:59:05:24:e8:e6:04:3e:98:26:46:6b:67:f1:4f:
65:df:b8:df:e5:b3:e6:40:ad:a7:00:56:bf:d1:00:
70:6a:2a:1f:35:66:d7:0b:4f:8b:60:cf:99:c1:0d:
2f:72:b8:e8:b6:9d:8b:f5:da:e3:58:51:37:06:0a:
c7:a2:6e:cd:40:00:93:55:2f:12:93:bd:a1:43:6c:
84:59:d0:01:83:1e:97:69:36:6b:b2:ed:d0:f9:21:
32:4c:11:dc:5c:28:c7:f6:37:ba:5e:35:67:d3:bb:
17:76:ee:4c:0f:f7:5e:39:a5:c9:4c:f4:5e:82:a4:
70:19:28:fe:e8:46:07:66:17:da:6a:d0:76:d9:43:
17:d0:3b:bb:ca:aa:78:11:39:5e:56:d9:c3:0a:62:
99:87:0e:70:84:ee:b2:23:ce:b4:8b:a5:b7:39:24:
d3:be:f7:1d:b5:f8:94:59:82:1b:d5:47:32:72:3b:
d9:d0:65:4b:18:c1:93:0c:ff:e5:6b:ec:04:12:68:
37:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:40:BB:7D:AA:A7:EA:D0:F9:A5:24:63:A8:C1:60:C7:45:E3:C6:83
X509v3 Authority Key Identifier:
keyid:1A:3E:97:0E:D6:27:71:34:3A:09:6F:FB:2E:FC:26:AB:B7:ED:68:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gj6XDtYncTQ6CW_7Lvwmq7ftaK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/SEC7faqn6tD5pSRjqMFgx0XjxoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/Gj6XDtYncTQ6CW_7Lvwmq7ftaK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.72.0-194.4.99.255
195.42.0.0/18
Signature Algorithm: sha256WithRSAEncryption
86:df:4e:01:fb:cb:14:9f:31:6a:3b:72:d5:38:8d:da:e8:84:
12:7c:bc:14:36:30:ba:02:5d:9d:46:11:51:f6:3d:d7:53:c6:
41:9c:ce:35:88:1c:7c:08:41:b3:fb:ca:9e:ea:03:b2:21:e3:
40:7b:d9:8e:de:bd:3d:77:f9:16:fc:0c:27:55:64:04:45:44:
7c:8d:78:9a:03:ab:1d:9e:32:f6:ab:a4:01:b5:55:64:d1:84:
66:8e:cb:7e:89:6d:dc:a0:b7:4d:d9:92:37:5a:f2:07:a8:c0:
de:c7:e2:e4:31:dd:a1:ac:b3:90:e6:47:33:94:0b:e8:08:9b:
2a:d8:97:4f:c6:57:6c:37:e7:5d:6c:96:ef:8c:01:50:b6:5b:
52:11:a0:cc:54:24:30:aa:a1:64:3a:c1:ca:35:c4:a6:5d:9e:
9e:c0:27:a0:c4:c0:b2:58:2a:3a:4a:32:eb:9e:43:70:72:5d:
4b:03:49:22:52:c6:f2:05:f2:7f:6d:de:ee:fb:4e:a6:e1:e4:
d0:69:6b:00:7e:bc:1e:bf:3f:36:94:3c:b3:f0:08:80:c8:f3:
fd:e5:02:12:fa:ae:a2:0d:7c:b2:4c:b0:b1:1f:bb:c2:18:b6:
ae:d2:80:6d:f4:a9:f1:f9:40:f6:93:92:57:05:4f:2b:f4:41:
a7:12:66:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBkQrmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTNlOTcwZWQ2Mjc3MTM0M2EwOTZmZmIyZWZjMjZhYmI3ZWQ2OGFmMB4XDTIyMDEw
MTExNTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg0MGJiN2RhYWE3
ZWFkMGY5YTUyNDYzYThjMTYwYzc0NWUzYzY4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLYV7izhrqTUWV8iA0goT+7VaUcHMnAmiivzAqHZ84tb8Nd
3fQLluPcafiOvn15HNaF9piw23ypECMzTlkFJOjmBD6YJkZrZ/FPZd+43+Wz5kCt
pwBWv9EAcGoqHzVm1wtPi2DPmcENL3K46Ladi/Xa41hRNwYKx6JuzUAAk1UvEpO9
oUNshFnQAYMel2k2a7Lt0PkhMkwR3Fwox/Y3ul41Z9O7F3buTA/3XjmlyUz0XoKk
cBko/uhGB2YX2mrQdtlDF9A7u8qqeBE5XlbZwwpimYcOcITusiPOtIultzkk0773
HbX4lFmCG9VHMnI72dBlSxjBkwz/5WvsBBJoNycCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRIQLt9qqfq0PmlJGOowWDHRePGgzAfBgNVHSMEGDAWgBQaPpcO1idxNDoJ
b/su/Cart+1orzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dqNlhEdFluY1RRNkNXXzdMdndtcTdmdGFLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvMGY3MDkyLWUzYTQtNDcwYi04NWE1LWQ0ODkwOTRjNjYwNC8x
L1NFQzdmYXFuNnRENXBTUmpxTUZneDBYanhvTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
MGY3MDkyLWUzYTQtNDcwYi04NWE1LWQ0ODkwOTRjNjYwNC8xL0dqNlhEdFluY1RR
NkNXXzdMdndtcTdmdGFLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQDwgRIAwQCwgRgAwQGwyoAMA0G
CSqGSIb3DQEBCwUAA4IBAQCG304B+8sUnzFqO3LVOI3a6IQSfLwUNjC6Al2dRhFR
9j3XU8ZBnM41iBx8CEGz+8qe6gOyIeNAe9mO3r09d/kW/AwnVWQERUR8jXiaA6sd
njL2q6QBtVVk0YRmjst+iW3coLdN2ZI3WvIHqMDex+LkMd2hrLOQ5kczlAvoCJsq
2JdPxldsN+ddbJbvjAFQtltSEaDMVCQwqqFkOsHKNcSmXZ6ewCegxMCyWCo6SjLr
nkNwcl1LA0kiUsbyBfJ/bd7u+06m4eTQaWsAfrwevz82lDyz8AiAyPP95QIS+q6i
DXyyTLCxH7vCGLau0oBt9Knx+UD2k5JXBU8r9EGnEmbN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:53 2023 by rpki-client on console-fra.rpki-client.org