Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0edc0b-7ebb-470a-b056-3de44fc8b3b5/1/iq5u0k2EdwQTCRtstrWJCBSqKDc.roa
File: iq5u0k2EdwQTCRtstrWJCBSqKDc.roa (raw, json)
Hash identifier: khHSETFfV/DIqI/K5nRsw8zS3nP2TtFxIdwsWgxvzXQ=
Subject key identifier: 8A:AE:6E:D2:4D:84:77:04:13:09:1B:6C:B6:B5:89:08:14:AA:28:37
Certificate issuer: /CN=6ca944eaa9c7f6d457406f142c6e28cf5acc6ac8
Certificate serial: 01825E5B6134791A4B1498CE97387E7C7506
Authority key identifier: 6C:A9:44:EA:A9:C7:F6:D4:57:40:6F:14:2C:6E:28:CF:5A:CC:6A:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKlE6qnH9tRXQG8ULG4oz1rMasg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/0edc0b-7ebb-470a-b056-3de44fc8b3b5/1/iq5u0k2EdwQTCRtstrWJCBSqKDc.roa
Signing time: Tue 02 Aug 2022 11:40:23 +0000
ROA not before: Tue 02 Aug 2022 11:40:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 193.9.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:5b:61:34:79:1a:4b:14:98:ce:97:38:7e:7c:75:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ca944eaa9c7f6d457406f142c6e28cf5acc6ac8
Validity
Not Before: Aug 2 11:40:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8aae6ed24d84770413091b6cb6b5890814aa2837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:af:a5:68:24:e3:17:3b:c3:00:0d:94:19:3b:
61:e4:d9:ec:19:41:bf:cc:0b:a9:26:02:57:1e:b8:
8e:db:89:61:08:c0:4b:51:c3:83:7c:7e:f1:3b:85:
85:f5:46:6e:11:01:b5:3e:57:e1:20:70:87:b5:36:
73:44:a9:6d:a6:af:c3:f6:36:13:7e:da:c3:76:b8:
e7:bc:56:6b:de:34:a0:e9:7d:c9:16:f9:a4:8c:f8:
6b:99:14:44:0f:90:32:88:82:a9:f6:f8:9f:73:1a:
37:42:3f:06:22:b8:57:1e:cc:76:4c:0d:0b:7f:01:
6c:a0:b9:43:d8:99:63:06:79:26:ad:34:f0:6a:4f:
32:56:c2:d3:c4:7a:be:bc:f2:2b:65:24:76:f2:36:
d5:d3:37:8a:d9:fe:68:59:c7:10:68:2c:f3:83:e8:
0c:8d:1b:8b:48:b0:19:f2:1e:da:0d:f8:96:c6:6c:
5e:51:3f:24:f6:ff:c0:a0:81:b8:d5:c2:12:0e:ba:
59:c1:61:e9:9d:60:1b:63:5f:f2:e5:ea:dd:b9:bd:
e0:69:31:89:b7:2f:b4:7f:32:ba:89:2a:65:9c:bd:
44:bb:70:69:50:96:f8:3c:9a:27:94:93:e7:36:43:
5a:f6:89:57:f0:32:7a:e0:1b:ca:39:7a:20:b9:2d:
e2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AE:6E:D2:4D:84:77:04:13:09:1B:6C:B6:B5:89:08:14:AA:28:37
X509v3 Authority Key Identifier:
keyid:6C:A9:44:EA:A9:C7:F6:D4:57:40:6F:14:2C:6E:28:CF:5A:CC:6A:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKlE6qnH9tRXQG8ULG4oz1rMasg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0edc0b-7ebb-470a-b056-3de44fc8b3b5/1/iq5u0k2EdwQTCRtstrWJCBSqKDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0edc0b-7ebb-470a-b056-3de44fc8b3b5/1/bKlE6qnH9tRXQG8ULG4oz1rMasg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.249.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:60:01:7f:cf:ea:b5:32:0d:c4:e8:a6:37:fe:bb:06:05:10:
53:7e:3b:fd:8c:95:6f:da:b7:d0:ca:d1:35:07:cb:b1:f6:aa:
c2:65:d3:f2:3f:5c:cd:2d:e5:d9:b4:b8:03:0c:4e:59:01:13:
13:cc:04:da:7c:22:1c:cc:b6:25:a7:75:6e:5f:6c:8e:1e:eb:
75:05:d8:33:df:f4:7b:aa:a9:1d:4f:09:c5:f5:42:c5:ef:04:
49:d1:c4:4c:b8:52:c5:f8:a8:68:8d:de:f7:12:e1:c8:76:5a:
d8:25:00:95:25:bc:35:84:b2:52:a7:e4:0d:f2:e1:5f:6f:72:
a1:0a:f2:ad:20:3e:17:82:08:7e:cc:3c:91:c7:8f:93:74:e4:
80:27:45:c2:43:af:ad:f5:69:0c:98:73:9a:bf:d9:32:a0:b7:
24:e7:e2:19:ae:96:49:02:24:da:6a:fa:4c:b5:6b:d3:2b:40:
ff:21:ec:05:0a:ca:e2:18:e0:a3:30:69:4f:0b:a2:37:ec:4c:
b8:8f:01:e6:3e:f2:af:dc:2f:4b:59:13:01:b6:6e:09:4b:05:
e8:78:2b:37:18:83:49:be:5c:4b:90:9c:b4:49:2b:03:5f:fd:
c8:36:c3:97:39:d4:fa:49:28:c4:ea:3a:67:83:97:0c:ce:28:
0c:fc:e6:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJeW2E0eRpLFJjOlzh+fHUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk0NGVhYTljN2Y2ZDQ1NzQwNmYxNDJjNmUyOGNmNWFj
YzZhYzgwHhcNMjIwODAyMTE0MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFlNmVkMjRkODQ3NzA0MTMwOTFiNmNiNmI1ODkwODE0YWEyODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq+laCTjFzvDAA2UGTth5NnsGUG/
zAupJgJXHriO24lhCMBLUcODfH7xO4WF9UZuEQG1PlfhIHCHtTZzRKltpq/D9jYT
ftrDdrjnvFZr3jSg6X3JFvmkjPhrmRRED5AyiIKp9vifcxo3Qj8GIrhXHsx2TA0L
fwFsoLlD2JljBnkmrTTwak8yVsLTxHq+vPIrZSR28jbV0zeK2f5oWccQaCzzg+gM
jRuLSLAZ8h7aDfiWxmxeUT8k9v/AoIG41cISDrpZwWHpnWAbY1/y5erdub3gaTGJ
ty+0fzK6iSplnL1Eu3BpUJb4PJonlJPnNkNa9olX8DJ64BvKOXoguS3ilwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqubtJNhHcEEwkbbLa1iQgUqig3MB8GA1UdIwQY
MBaAFGypROqpx/bUV0BvFCxuKM9azGrIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsRTZxbkg5dFJYUUc4VUxHNG96MXJNYXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wZWRjMGItN2ViYi00NzBhLWIwNTYt
M2RlNDRmYzhiM2I1LzEvaXE1dTBrMkVkd1FUQ1J0c3RyV0pDQlNxS0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wZWRjMGItN2ViYi00NzBhLWIwNTYtM2RlNDRmYzhiM2I1
LzEvYktsRTZxbkg5dFJYUUc4VUxHNG96MXJNYXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQn5MA0G
CSqGSIb3DQEBCwUAA4IBAQCOYAF/z+q1Mg3E6KY3/rsGBRBTfjv9jJVv2rfQytE1
B8ux9qrCZdPyP1zNLeXZtLgDDE5ZARMTzATafCIczLYlp3VuX2yOHut1Bdgz3/R7
qqkdTwnF9ULF7wRJ0cRMuFLF+Khojd73EuHIdlrYJQCVJbw1hLJSp+QN8uFfb3Kh
CvKtID4Xggh+zDyRx4+TdOSAJ0XCQ6+t9WkMmHOav9kyoLck5+IZrpZJAiTaavpM
tWvTK0D/IewFCsriGOCjMGlPC6I37Ey4jwHmPvKv3C9LWRMBtm4JSwXoeCs3GINJ
vlxLkJy0SSsDX/3INsOXOdT6SSjE6jpng5cMzigM/Oap
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:54 2023 by rpki-client on console-ams.rpki-client.org