Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa
File: 1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa (raw, json)
Hash identifier: WV8X+Ip6EQIULtlFzcAoFzYj3Y5qniFZ2/fL/0Ue0hQ=
Subject key identifier: FA:49:82:68:7E:2A:49:BE:E8:66:D8:22:CB:5A:AC:C1:4E:4D:B5:82
Certificate issuer: /CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
Certificate serial: 0183C6438346E2A148AE6382D9231C45962B
Authority key identifier: 46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa
Signing time: Tue 11 Oct 2022 08:57:36 +0000
ROA not before: Tue 11 Oct 2022 08:57:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209311
IP address blocks: 193.111.211.0/24 maxlen: 24
2a0a:8ac0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:43:83:46:e2:a1:48:ae:63:82:d9:23:1c:45:96:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
Validity
Not Before: Oct 11 08:57:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa4982687e2a49bee866d822cb5aacc14e4db582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4d:5a:b4:52:4b:da:4a:0a:a4:7e:57:6d:2a:
3c:c6:46:95:29:5b:8a:aa:1b:55:ad:4c:4c:92:a8:
48:26:ed:cc:0b:51:b2:d5:10:7e:e1:7e:a1:78:00:
17:f8:5a:26:14:b9:f3:a5:aa:39:64:70:01:96:fd:
0b:cf:8d:b1:4b:bb:ae:f9:bb:5a:7b:f8:b7:50:a2:
73:fa:65:77:df:43:b0:9a:0a:c6:32:79:f2:ac:c0:
89:eb:33:29:58:34:f2:d1:72:08:b9:5d:bd:c5:52:
38:af:86:68:f5:5d:4d:7e:c5:d6:86:25:39:34:df:
68:d1:1d:ad:f4:45:4c:56:a2:ca:40:1b:ce:9b:f0:
e2:97:d1:cd:50:3a:2d:5a:67:87:b3:b3:e2:3b:61:
7f:15:f3:f3:11:bd:ef:e0:ba:c0:2f:c8:00:bc:d0:
23:3b:0a:de:55:1f:23:66:6c:e2:45:e3:fe:3c:8c:
63:9c:cf:d2:45:24:6a:27:98:26:bf:1a:b0:d6:d9:
9d:72:86:82:8a:e2:66:02:db:a6:21:8c:75:ef:cf:
e9:6c:68:d8:6a:a1:94:6a:fa:52:75:07:d6:70:19:
93:25:c1:a8:d6:db:1c:27:31:ec:7e:6e:ff:ec:cb:
c8:d8:51:a6:c3:64:5c:6a:48:b9:2a:4d:2f:17:d1:
83:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:49:82:68:7E:2A:49:BE:E8:66:D8:22:CB:5A:AC:C1:4E:4D:B5:82
X509v3 Authority Key Identifier:
keyid:46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/RqSzXI4CVuqi-_dR5sAeXpCcCh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.211.0/24
IPv6:
2a0a:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
79:40:5f:93:63:a4:d8:81:9d:15:70:57:d0:d5:c2:e4:2d:fa:
27:4d:d1:d6:97:c0:9c:cb:22:6e:9c:53:25:9f:89:b6:a9:df:
c8:75:cb:65:ba:38:9b:ed:46:b4:f6:52:ee:1a:c9:65:f5:78:
3d:4e:1f:4e:d1:64:f6:db:e7:dc:1e:27:07:50:a7:78:b1:0e:
16:ed:c4:10:69:ce:cc:42:f8:ae:79:35:e6:88:e8:2d:2e:15:
db:48:0e:e8:05:4d:3f:91:b7:81:25:cc:f8:b5:28:1a:ae:c3:
90:c1:1f:18:fa:d7:ef:69:ee:b5:1e:b9:ca:31:65:d7:ea:87:
61:4c:43:0c:15:a2:33:44:9d:14:4f:e1:5a:68:4a:aa:ff:ce:
90:d2:48:04:9d:b8:fd:fe:c3:f8:c7:9a:f7:1c:e6:27:1e:04:
47:8e:48:c1:ef:b6:a0:c6:fa:00:dd:b8:64:66:f6:da:f5:b7:
3d:83:45:5b:32:04:70:2e:64:49:42:b9:7b:80:56:3d:fc:c0:
39:be:5d:ad:d9:fe:d1:bb:13:b1:7d:4c:9c:fd:2b:b4:74:94:
2f:fc:76:39:1f:e3:0a:09:b9:f1:7f:39:2b:49:96:a1:64:70:
29:2c:d7:0e:9e:6c:ef:33:e9:b1:42:0c:f3:64:8b:c1:4b:46:
43:1d:6e:53
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYPGQ4NG4qFIrmOC2SMcRZYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YTRiMzVjOGUwMjU2ZWFhMmZiZjc1MWU2YzAxZTVlOTA5
YzBhMWYwHhcNMjIxMDExMDg1NzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ5ODI2ODdlMmE0OWJlZTg2NmQ4MjJjYjVhYWNjMTRlNGRiNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk1atFJL2koKpH5XbSo8xkaVKVuK
qhtVrUxMkqhIJu3MC1Gy1RB+4X6heAAX+FomFLnzpao5ZHABlv0Lz42xS7uu+bta
e/i3UKJz+mV330OwmgrGMnnyrMCJ6zMpWDTy0XIIuV29xVI4r4Zo9V1NfsXWhiU5
NN9o0R2t9EVMVqLKQBvOm/Dil9HNUDotWmeHs7PiO2F/FfPzEb3v4LrAL8gAvNAj
OwreVR8jZmziReP+PIxjnM/SRSRqJ5gmvxqw1tmdcoaCiuJmAtumIYx178/pbGjY
aqGUavpSdQfWcBmTJcGo1tscJzHsfm7/7MvI2FGmw2Rcaki5Kk0vF9GDMQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPpJgmh+Kkm+6GbYIstarMFOTbWCMB8GA1UdIwQY
MBaAFEaks1yOAlbqovv3UebAHl6QnAofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnFTelhJNENWdXFpLV9kUjVzQWVYcENjQ2g4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xMTkxZDYtNTQyMy00MmNmLThmNmIt
MTE3ODg2ZWI3ZDY3LzEvMS1rbUNhSDRxU2I3b1p0Z2l5MXFzd1U1TnRZSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWIvMTE5MWQ2LTU0MjMtNDJjZi04ZjZiLTExNzg4NmViN2Q2
Ny8xL1JxU3pYSTRDVnVxaS1fZFI1c0FlWHBDY0NoOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMFv0zAN
BAIAAjAHAwUDKgqKwDANBgkqhkiG9w0BAQsFAAOCAQEAeUBfk2Ok2IGdFXBX0NXC
5C36J03R1pfAnMsibpxTJZ+JtqnfyHXLZbo4m+1GtPZS7hrJZfV4PU4fTtFk9tvn
3B4nB1CneLEOFu3EEGnOzEL4rnk15ojoLS4V20gO6AVNP5G3gSXM+LUoGq7DkMEf
GPrX72nutR65yjFl1+qHYUxDDBWiM0SdFE/hWmhKqv/OkNJIBJ24/f7D+Mea9xzm
Jx4ER45Iwe+2oMb6AN24ZGb22vW3PYNFWzIEcC5kSUK5e4BWPfzAOb5drdn+0bsT
sX1MnP0rtHSUL/x2OR/jCgm58X85K0mWoWRwKSzXDp5s7zPpsUIM82SLwUtGQx1u
Uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:44 2024 by rpki-client on console-ams.rpki-client.org