Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/B9pd7IgrG7q3YzjGqDvyT6TfGig.roa
File: B9pd7IgrG7q3YzjGqDvyT6TfGig.roa (raw, json)
Hash identifier: tpJv6iTj9IURxl3Jqg5sFSMGbbINQkz/UaCO3stqKIw=
Subject key identifier: 07:DA:5D:EC:88:2B:1B:BA:B7:63:38:C6:A8:3B:F2:4F:A4:DF:1A:28
Certificate issuer: /CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Certificate serial: 01826FB70CA5AC26D489031CFB68F3ED2898
Authority key identifier: 7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/B9pd7IgrG7q3YzjGqDvyT6TfGig.roa
Signing time: Fri 05 Aug 2022 20:34:03 +0000
ROA not before: Fri 05 Aug 2022 20:34:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205131
IP address blocks: 194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6f:b7:0c:a5:ac:26:d4:89:03:1c:fb:68:f3:ed:28:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Validity
Not Before: Aug 5 20:34:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07da5dec882b1bbab76338c6a83bf24fa4df1a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:42:ac:26:81:4a:a6:f0:37:81:d7:df:94:59:
cc:02:b5:54:97:4d:ec:b7:2a:30:b3:41:27:7f:bb:
97:6f:51:ae:fa:1c:97:58:e2:c1:8b:cb:c3:4b:67:
c8:92:4c:c3:02:12:f9:10:91:75:95:7f:53:d4:ce:
69:60:a6:b3:8a:5d:85:a0:e2:05:5a:cf:5b:03:19:
a0:14:9e:ae:e7:cf:10:69:7c:ea:de:2d:cb:37:a1:
28:d3:3e:0e:3e:e5:98:a1:ca:6c:ff:db:8b:28:81:
86:9e:d8:3c:2e:cf:37:d1:0f:d0:fd:cf:a2:bf:74:
b9:97:6b:62:8c:ce:0e:5c:80:29:2b:25:28:a2:25:
9f:29:b6:5d:a2:22:b5:5c:cf:d1:5c:e6:ec:39:01:
e1:50:e6:45:05:e7:dd:3c:14:67:a0:3b:d4:f0:31:
f8:d0:ee:16:df:44:86:f2:69:64:56:3e:fd:37:01:
9d:71:2f:e1:9b:9f:3e:65:d3:92:84:b8:3c:fe:6c:
3d:7c:1d:ae:e8:a6:53:0f:95:0e:6a:e4:81:96:22:
cc:f5:b0:74:bc:76:07:9c:b8:26:f9:df:06:53:6f:
1e:67:8f:d2:4b:c4:90:dd:b9:69:f5:39:1e:0d:b2:
99:b8:35:91:99:dc:56:4a:3e:28:17:36:f6:4a:4d:
94:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:DA:5D:EC:88:2B:1B:BA:B7:63:38:C6:A8:3B:F2:4F:A4:DF:1A:28
X509v3 Authority Key Identifier:
keyid:7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/B9pd7IgrG7q3YzjGqDvyT6TfGig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/fNbAI2_01gUJBpV__TgLOHnm7W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.156.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:af:f1:3a:dd:3f:b8:06:4f:a3:3d:fb:c3:8c:a0:af:42:9f:
92:6f:fa:44:49:b3:a7:2c:25:02:af:9e:c4:1a:0e:25:7c:e8:
36:77:28:1a:df:31:27:f5:3e:a6:e2:cf:f0:82:b0:0f:22:bf:
c0:51:8e:ac:d5:59:4a:d3:37:51:29:24:bb:21:89:88:20:7e:
d7:ad:cd:67:6c:ab:9f:91:9e:34:ac:dd:29:d2:47:a1:93:fa:
df:ee:cb:6f:15:2a:3d:61:c7:2c:2b:8f:e4:20:0b:91:88:f6:
a7:4c:48:2e:c8:a4:88:03:cd:af:cd:7f:ff:e1:b7:fa:0a:4c:
b5:2c:7b:23:41:12:01:e1:68:08:89:0b:54:35:c9:b9:07:62:
51:53:40:dd:cf:b9:40:20:38:19:fa:95:ee:d9:22:8a:8c:9e:
b0:99:0d:de:50:d3:c6:f5:1b:38:2a:73:30:bc:38:d3:db:85:
1f:4a:4c:10:38:55:dc:d8:a1:b9:0e:67:72:fc:6e:3f:67:32:
05:22:ae:a9:18:70:87:d6:9c:33:f7:92:11:d9:12:1a:8b:af:
23:24:32:a2:26:a8:53:77:07:b5:43:69:76:b9:54:83:11:d6:
27:65:5d:4b:2d:3b:1d:e0:38:bf:0e:a4:da:5d:f9:36:bb:f5:
82:b2:72:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJvtwylrCbUiQMc+2jz7SiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZDZjMDIzNmZmNGQ2MDUwOTA2OTU3ZmZkMzgwYjM4Nzll
NmVkNmUwHhcNMjIwODA1MjAzNDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2RhNWRlYzg4MmIxYmJhYjc2MzM4YzZhODNiZjI0ZmE0ZGYxYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0KsJoFKpvA3gdfflFnMArVUl03s
tyows0Enf7uXb1Gu+hyXWOLBi8vDS2fIkkzDAhL5EJF1lX9T1M5pYKazil2FoOIF
Ws9bAxmgFJ6u588QaXzq3i3LN6Eo0z4OPuWYocps/9uLKIGGntg8Ls830Q/Q/c+i
v3S5l2tijM4OXIApKyUooiWfKbZdoiK1XM/RXObsOQHhUOZFBefdPBRnoDvU8DH4
0O4W30SG8mlkVj79NwGdcS/hm58+ZdOShLg8/mw9fB2u6KZTD5UOauSBliLM9bB0
vHYHnLgm+d8GU28eZ4/SS8SQ3blp9TkeDbKZuDWRmdxWSj4oFzb2Sk2UuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfaXeyIKxu6t2M4xqg78k+k3xooMB8GA1UdIwQY
MBaAFHzWwCNv9NYFCQaVf/04Czh55u1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEt
YzgwYzI4OGViZWVhLzEvQjlwZDdJZ3JHN3EzWXpqR3FEdnlUNlRmR2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEtYzgwYzI4OGViZWVh
LzEvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjacMA0G
CSqGSIb3DQEBCwUAA4IBAQAvr/E63T+4Bk+jPfvDjKCvQp+Sb/pESbOnLCUCr57E
Gg4lfOg2dyga3zEn9T6m4s/wgrAPIr/AUY6s1VlK0zdRKSS7IYmIIH7Xrc1nbKuf
kZ40rN0p0kehk/rf7stvFSo9YccsK4/kIAuRiPanTEguyKSIA82vzX//4bf6Cky1
LHsjQRIB4WgIiQtUNcm5B2JRU0Ddz7lAIDgZ+pXu2SKKjJ6wmQ3eUNPG9Rs4KnMw
vDjT24UfSkwQOFXc2KG5Dmdy/G4/ZzIFIq6pGHCH1pwz95IR2RIai68jJDKiJqhT
dwe1Q2l2uVSDEdYnZV1LLTsd4Di/DqTaXfk2u/WCsnJf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org