Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/6NwRw2xiEHDDcJQWn2_50teMRxo.roa
File: 6NwRw2xiEHDDcJQWn2_50teMRxo.roa (raw, json)
Hash identifier: iREMyyRtavmaoOUtGAwb7lSQkiDbj42kl1EOFyjyqsQ=
Subject key identifier: E8:DC:11:C3:6C:62:10:70:C3:70:94:16:9F:6F:F9:D2:D7:8C:47:1A
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 03E2BE21
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/6NwRw2xiEHDDcJQWn2_50teMRxo.roa
Signing time: Sat 01 Jan 2022 06:57:56 +0000
ROA not before: Sat 01 Jan 2022 06:57:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8595
IP address blocks: 82.194.242.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65191457 (0x3e2be21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 06:57:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8dc11c36c621070c37094169f6ff9d2d78c471a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5b:39:08:66:b9:fe:33:f7:a3:f3:2a:73:f2:
40:0d:33:53:7d:1a:07:44:13:88:7e:5b:43:05:43:
72:c5:36:6e:38:f6:e3:de:9a:fa:fb:98:fe:4b:34:
bc:88:45:56:b8:67:89:71:b3:55:2d:09:4c:2f:ba:
06:81:54:cf:cf:55:93:76:b8:d4:2f:fb:eb:47:14:
d8:94:65:1b:f8:df:73:63:d2:ef:92:e9:db:80:4f:
9a:4a:1d:20:28:46:fe:16:cd:db:73:7c:b7:89:2c:
48:f2:fa:41:5f:42:11:89:09:65:33:0b:f9:46:cd:
35:89:fa:91:0b:66:f8:8a:ac:3b:a8:64:d3:16:cb:
2c:33:5d:9d:ad:6a:2a:22:19:ae:3a:61:2d:9d:d5:
87:a8:15:25:9e:bc:2e:d1:0f:5f:79:68:50:c9:8f:
24:36:12:5a:bb:af:a0:27:3d:e4:f3:66:9c:39:24:
d0:82:f1:43:fb:e3:8d:87:61:4d:7d:cf:9b:d0:a1:
e9:d8:ff:e3:2c:68:3f:ae:44:aa:8b:79:09:eb:f1:
c4:95:1d:f3:fa:9b:12:da:fd:7c:dd:f1:70:38:05:
ef:4c:c5:20:49:86:9e:4c:06:85:e5:6a:66:87:06:
5e:3f:46:cf:bc:fe:ca:0a:7d:56:fb:ea:43:7b:96:
62:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DC:11:C3:6C:62:10:70:C3:70:94:16:9F:6F:F9:D2:D7:8C:47:1A
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/6NwRw2xiEHDDcJQWn2_50teMRxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.242.0/23
Signature Algorithm: sha256WithRSAEncryption
73:d7:45:e2:75:08:b4:ac:b8:fe:fd:50:e6:fe:5e:ea:50:69:
09:8e:db:af:31:7c:91:8d:a8:be:a8:2c:56:0a:e2:f2:0d:46:
1d:a5:c8:05:7c:9d:7a:4b:86:c8:f1:86:af:36:e5:bc:08:bf:
2a:01:df:e6:ce:55:8a:c5:d5:f7:03:b6:d1:21:63:66:66:c0:
cb:0c:ae:e1:8e:f0:9b:5b:cc:55:13:ca:57:26:1b:88:31:fc:
03:f7:a2:17:5f:5c:92:26:42:66:00:af:ee:d9:83:7b:89:bb:
e9:4a:fb:a5:20:b7:65:32:b9:8c:6f:fa:8c:a2:ef:b7:6e:11:
f2:14:dc:ba:a7:3d:22:b7:25:6a:72:55:ce:4c:33:bf:0f:81:
bd:b1:f7:eb:dc:ff:c3:f0:83:2a:f2:b2:0e:58:c3:09:f5:0b:
23:33:65:4f:3a:09:a3:76:b3:09:cf:46:54:53:43:b7:75:2b:
d1:ba:4f:36:cc:cb:60:2b:03:ad:3f:00:2e:08:13:94:56:13:
93:91:cc:05:85:cd:bc:b4:bb:c9:92:c4:ba:55:6c:6e:76:36:
c8:98:62:e4:ee:3e:40:6d:7c:20:05:32:6c:79:3c:72:eb:67:
b5:e3:dd:34:48:ec:8f:b9:7e:2c:1a:45:1c:cb:7d:38:57:df:
c3:40:c1:bc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+K+ITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2UzZDkyYmZlMTY2MTljYTUwMGMwMzI2N2VmZmE5YWE3Y2EwYzQ3MB4XDTIyMDEw
MTA2NTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThkYzExYzM2YzYy
MTA3MGMzNzA5NDE2OWY2ZmY5ZDJkNzhjNDcxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNbOQhmuf4z96PzKnPyQA0zU30aB0QTiH5bQwVDcsU2bjj2
496a+vuY/ks0vIhFVrhniXGzVS0JTC+6BoFUz89Vk3a41C/760cU2JRlG/jfc2PS
75Lp24BPmkodIChG/hbN23N8t4ksSPL6QV9CEYkJZTML+UbNNYn6kQtm+IqsO6hk
0xbLLDNdna1qKiIZrjphLZ3Vh6gVJZ68LtEPX3loUMmPJDYSWruvoCc95PNmnDkk
0ILxQ/vjjYdhTX3Pm9Ch6dj/4yxoP65Eqot5CevxxJUd8/qbEtr9fN3xcDgF70zF
IEmGnkwGheVqZocGXj9Gz7z+ygp9VvvqQ3uWYnsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTo3BHDbGIQcMNwlBafb/nS14xHGjAfBgNVHSMEGDAWgBQj49kr/hZhnKUA
wDJn7/qap8oMRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ktUFpLXzRXWVp5bEFNQXlaLV82bXFmS0RFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvOWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8x
LzZOd1J3MnhpRUhERGNKUVduMl81MHRlTVJ4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
OWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8xL0ktUFpLXzRXWVp5
bEFNQXlaLV82bXFmS0RFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVLC8jANBgkqhkiG9w0BAQsFAAOC
AQEAc9dF4nUItKy4/v1Q5v5e6lBpCY7brzF8kY2ovqgsVgri8g1GHaXIBXydekuG
yPGGrzblvAi/KgHf5s5VisXV9wO20SFjZmbAywyu4Y7wm1vMVRPKVyYbiDH8A/ei
F19ckiZCZgCv7tmDe4m76Ur7pSC3ZTK5jG/6jKLvt24R8hTcuqc9IrclanJVzkwz
vw+BvbH369z/w/CDKvKyDljDCfULIzNlTzoJo3azCc9GVFNDt3Ur0bpPNszLYCsD
rT8ALggTlFYTk5HMBYXNvLS7yZLEulVsbnY2yJhi5O4+QG18IAUybHk8cutntePd
NEjsj7l+LBpFHMt9OFffw0DBvA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:09 2023 by rpki-client on console-fra.rpki-client.org