Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/pAj__d6IoSRdCKVBi1K1I7Ff-TU.roa
File: pAj__d6IoSRdCKVBi1K1I7Ff-TU.roa (raw, json)
Hash identifier: te5IfeSvRSFzqkAXJeJxVgbFiP6DX3ugB8WeJg/QFC4=
Subject key identifier: A4:08:FF:FD:DE:88:A1:24:5D:08:A5:41:8B:52:B5:23:B1:5F:F9:35
Certificate issuer: /CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Certificate serial: 0184DA234C7050F5F410C0FCEBC010C77C47
Authority key identifier: 28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/pAj__d6IoSRdCKVBi1K1I7Ff-TU.roa
Signing time: Sat 03 Dec 2022 22:37:37 +0000
ROA not before: Sat 03 Dec 2022 22:37:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203377
IP address blocks: 194.147.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:da:23:4c:70:50:f5:f4:10:c0:fc:eb:c0:10:c7:7c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Validity
Not Before: Dec 3 22:37:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a408fffdde88a1245d08a5418b52b523b15ff935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9c:bf:06:9f:7b:9f:d2:1f:45:59:eb:7e:cc:
1f:b2:a6:ae:33:81:52:24:32:ec:b5:2d:dd:b3:63:
23:8c:58:69:73:ab:86:f1:51:4b:45:47:f1:c4:35:
d1:28:cf:1d:2f:f8:94:94:89:32:b7:40:13:65:10:
e5:e8:4d:bd:8d:e4:d5:14:28:71:a6:2a:84:51:13:
0c:a3:00:ca:49:37:e7:b8:e9:50:6a:b7:04:09:71:
03:12:94:19:39:98:2a:16:4b:87:49:40:3b:d9:b1:
fa:ad:0b:97:d0:e7:46:4d:82:d2:b0:51:ba:8b:01:
d6:16:e9:dd:e5:bb:a1:9b:63:9c:d3:5a:82:54:80:
1a:ce:53:0e:76:65:49:28:3a:02:f5:4f:7d:8f:a3:
a5:b6:a5:dc:3e:46:c5:b3:c4:af:84:9f:03:8f:bc:
01:70:7d:aa:d5:f1:fd:19:63:6a:02:c3:03:bf:41:
5f:66:18:7a:2c:e3:f7:b4:53:d5:c1:ba:29:a2:7a:
f3:2b:5f:64:d5:98:fc:c5:31:0a:14:22:bf:ec:ec:
bf:25:eb:a3:43:e4:64:c1:05:42:17:f5:3b:76:22:
7b:e0:ad:70:13:07:84:31:55:6e:da:3f:be:9b:f8:
64:7d:ac:fa:6a:25:04:7e:76:e8:0a:aa:00:93:07:
80:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:08:FF:FD:DE:88:A1:24:5D:08:A5:41:8B:52:B5:23:B1:5F:F9:35
X509v3 Authority Key Identifier:
keyid:28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/pAj__d6IoSRdCKVBi1K1I7Ff-TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/KP1m5DoQRjOye6xTm5i9-Ov6ya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.216.0/24
Signature Algorithm: sha256WithRSAEncryption
70:ac:9a:73:36:d0:8b:1f:9d:1e:d5:85:cf:87:71:85:37:a9:
bb:79:32:9b:33:c4:38:44:21:0c:59:05:46:a0:2b:2a:c8:47:
08:87:86:fa:1f:3f:1d:23:05:90:77:00:eb:87:bb:15:77:c8:
1a:53:05:b6:2d:d8:41:0f:aa:95:21:7b:da:a2:25:21:6e:89:
8b:51:ba:0e:42:76:cb:48:2e:a1:d1:d9:38:00:c3:66:dd:28:
96:b7:cf:56:2c:a4:22:f6:59:29:f9:bb:14:54:63:fa:a1:c2:
98:ec:4f:ab:2f:cb:be:da:46:41:5c:1a:17:b6:c5:51:6e:9d:
9a:53:cd:2b:6a:c8:c2:64:07:35:0b:32:07:24:a8:ca:c3:bb:
fa:5f:e1:ff:f0:e7:7f:9c:ef:08:29:19:02:67:a1:1b:33:a3:
ac:68:fd:12:49:a7:59:69:87:23:2f:67:bc:86:37:a1:91:0c:
43:b7:59:cf:7a:b5:c2:b2:76:0e:91:d6:37:8f:bb:bb:03:e9:
df:1b:09:ae:e7:38:45:c4:bd:30:ad:b3:fd:7d:d3:0a:9c:45:
f6:e2:a1:c5:0d:f3:83:d6:3e:f8:6d:3f:bf:37:e6:be:25:99:
c8:e8:9d:64:f7:94:c0:af:8b:f1:80:18:91:ed:66:37:15:c9:
bb:d3:a2:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTaI0xwUPX0EMD868AQx3xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmQ2NmU0M2ExMDQ2MzNiMjdiYWM1MzliOThiZGY4ZWJm
YWM5YWUwHhcNMjIxMjAzMjIzNzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA4ZmZmZGRlODhhMTI0NWQwOGE1NDE4YjUyYjUyM2IxNWZmOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipy/Bp97n9IfRVnrfswfsqauM4FS
JDLstS3ds2MjjFhpc6uG8VFLRUfxxDXRKM8dL/iUlIkyt0ATZRDl6E29jeTVFChx
piqEURMMowDKSTfnuOlQarcECXEDEpQZOZgqFkuHSUA72bH6rQuX0OdGTYLSsFG6
iwHWFund5buhm2Oc01qCVIAazlMOdmVJKDoC9U99j6OltqXcPkbFs8SvhJ8Dj7wB
cH2q1fH9GWNqAsMDv0FfZhh6LOP3tFPVwboponrzK19k1Zj8xTEKFCK/7Oy/Jeuj
Q+RkwQVCF/U7diJ74K1wEweEMVVu2j++m/hkfaz6aiUEfnboCqoAkweAhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQI//3eiKEkXQilQYtStSOxX/k1MB8GA1UdIwQY
MBaAFCj9ZuQ6EEYzsnusU5uYvfjr+smuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYt
MjY3NjY5ZjM1NjQ4LzEvcEFqX19kNklvU1JkQ0tWQmkxSzFJN0ZmLVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYtMjY3NjY5ZjM1NjQ4
LzEvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpPYMA0G
CSqGSIb3DQEBCwUAA4IBAQBwrJpzNtCLH50e1YXPh3GFN6m7eTKbM8Q4RCEMWQVG
oCsqyEcIh4b6Hz8dIwWQdwDrh7sVd8gaUwW2LdhBD6qVIXvaoiUhbomLUboOQnbL
SC6h0dk4AMNm3SiWt89WLKQi9lkp+bsUVGP6ocKY7E+rL8u+2kZBXBoXtsVRbp2a
U80rasjCZAc1CzIHJKjKw7v6X+H/8Od/nO8IKRkCZ6EbM6OsaP0SSadZaYcjL2e8
hjehkQxDt1nPerXCsnYOkdY3j7u7A+nfGwmu5zhFxL0wrbP9fdMKnEX24qHFDfOD
1j74bT+/N+a+JZnI6J1k95TAr4vxgBiR7WY3Fcm706LH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:19 2024 by rpki-client on console-fra.rpki-client.org