Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DBCVO4o5c_x2uCqFU5jchmRdbeg.roa
File: DBCVO4o5c_x2uCqFU5jchmRdbeg.roa (raw, json)
Hash identifier: SpTmeeXUHGc4/si0UBKYPkcDZSmP4pjO0Kd/4HNql/c=
Subject key identifier: 0C:10:95:3B:8A:39:73:FC:76:B8:2A:85:53:98:DC:86:64:5D:6D:E8
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 32B1D42B
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DBCVO4o5c_x2uCqFU5jchmRdbeg.roa
Signing time: Sat 01 Jan 2022 06:56:47 +0000
ROA not before: Sat 01 Jan 2022 06:56:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9033
IP address blocks: 194.59.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 850514987 (0x32b1d42b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Jan 1 06:56:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c10953b8a3973fc76b82a855398dc86645d6de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:07:bd:f3:52:5b:d3:cb:62:6b:34:53:32:
23:cc:71:b7:25:55:e2:e3:d4:d6:02:a8:d4:51:dd:
7f:75:4a:f4:44:21:28:7b:b9:83:f8:d4:36:69:d4:
73:68:0d:a7:ab:b5:8e:ef:86:dc:48:1e:dc:68:90:
aa:5a:bb:7d:87:eb:47:cf:2c:0d:09:6e:61:61:76:
eb:42:43:a0:bb:01:1b:4a:4f:2b:76:4e:1b:3a:1d:
cb:44:16:1d:5f:a7:ae:cc:ec:29:e2:53:20:d6:08:
0a:ad:a4:5f:e7:8e:3f:ac:d3:6e:1d:3a:24:78:42:
d4:7e:6b:58:f5:67:73:fa:92:c6:1c:b3:b7:82:91:
20:1b:f2:5b:87:42:4e:48:5a:50:b3:a8:73:da:47:
da:d2:1a:06:a9:2e:7f:68:69:b1:47:12:3f:10:ce:
c5:32:b3:3f:8f:5d:bf:93:a1:6a:49:38:14:d1:c4:
da:55:94:5f:4d:e8:10:41:19:4e:e8:bf:6b:12:ba:
74:6e:62:a8:5a:b4:ac:2b:84:a4:e8:8c:a0:c7:6a:
37:ef:65:bb:56:de:c7:14:c0:a0:36:fb:eb:84:3c:
95:c1:0f:b6:e1:0c:17:fb:35:a8:d2:d7:0b:d1:85:
94:a4:bc:44:78:fa:78:6b:fe:6a:2d:9f:b6:a7:cc:
61:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:10:95:3B:8A:39:73:FC:76:B8:2A:85:53:98:DC:86:64:5D:6D:E8
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DBCVO4o5c_x2uCqFU5jchmRdbeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.191.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:91:d9:55:4f:65:3a:dc:a3:03:d5:42:e8:f6:3e:ab:1d:3d:
23:05:32:82:79:b3:85:bb:2f:42:0d:ae:5d:33:5c:6e:1a:32:
38:63:06:17:94:ca:1a:13:ef:d1:38:76:6d:ea:24:f7:68:40:
48:bb:63:45:f8:81:4e:7e:b3:fa:0b:e4:f3:16:0c:7a:af:21:
bd:b4:11:58:dd:e8:3a:b7:ad:9d:ae:fd:64:56:6a:3f:a5:14:
0b:df:22:c0:46:44:f3:ee:ed:a5:56:4f:a8:1c:5d:3d:df:8e:
a3:c9:7e:85:0f:68:e0:ee:3c:0a:c7:8b:30:e8:6a:5b:b4:3e:
6a:76:48:0b:31:e1:e6:de:ba:cb:4b:cf:8f:de:a7:e7:49:ce:
f0:8e:cb:07:62:7e:03:80:f3:80:6b:18:84:1b:af:8e:3e:9a:
7b:14:d3:44:21:8f:2c:c7:07:b3:96:b3:b0:77:92:7d:dc:3f:
84:7e:ac:82:15:04:56:c9:b0:0c:4e:95:c7:81:fb:9d:bd:95:
82:14:ec:ac:71:12:21:c3:a4:e2:66:b5:6f:3c:18:22:2b:5b:
61:ff:8a:e6:69:5a:ce:38:f9:f2:94:76:a5:75:e7:bb:bb:1a:
f3:2b:ab:6c:a1:14:71:8d:db:2a:d4:5d:ec:9b:21:ed:cb:01:
d7:a5:b3:72
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMrHUKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjIxNTIxYTcxMjcxNTdmN2RhZjBhZDA5MTM5NGFkNWExY2NlNzc5MB4XDTIyMDEw
MTA2NTY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMxMDk1M2I4YTM5
NzNmYzc2YjgyYTg1NTM5OGRjODY2NDVkNmRlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI9B73zUlvTy2JrNFMyI8xxtyVV4uPU1gKo1FHdf3VK9EQh
KHu5g/jUNmnUc2gNp6u1ju+G3Ege3GiQqlq7fYfrR88sDQluYWF260JDoLsBG0pP
K3ZOGzody0QWHV+nrszsKeJTINYICq2kX+eOP6zTbh06JHhC1H5rWPVnc/qSxhyz
t4KRIBvyW4dCTkhaULOoc9pH2tIaBqkuf2hpsUcSPxDOxTKzP49dv5Ohakk4FNHE
2lWUX03oEEEZTui/axK6dG5iqFq0rCuEpOiMoMdqN+9lu1bexxTAoDb764Q8lcEP
tuEMF/s1qNLXC9GFlKS8RHj6eGv+ai2ftqfMYT0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMEJU7ijlz/Ha4KoVTmNyGZF1t6DAfBgNVHSMEGDAWgBQPIVIacScVf32v
CtCROUrVoczneTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R5RlNHbkVuRlg5OXJ3clFrVGxLMWFITTUzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvZTgzMWIxLTllYzAtNDZmMi04NjBkLWZhZDVmZDc5NzBiYS8x
L0RCQ1ZPNG81Y194MnVDcUZVNWpjaG1SZGJlZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ZTgzMWIxLTllYzAtNDZmMi04NjBkLWZhZDVmZDc5NzBiYS8xL0R5RlNHbkVuRlg5
OXJ3clFrVGxLMWFITTUzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI7vzANBgkqhkiG9w0BAQsFAAOC
AQEArJHZVU9lOtyjA9VC6PY+qx09IwUygnmzhbsvQg2uXTNcbhoyOGMGF5TKGhPv
0Th2beok92hASLtjRfiBTn6z+gvk8xYMeq8hvbQRWN3oOretna79ZFZqP6UUC98i
wEZE8+7tpVZPqBxdPd+Oo8l+hQ9o4O48CseLMOhqW7Q+anZICzHh5t66y0vPj96n
50nO8I7LB2J+A4DzgGsYhBuvjj6aexTTRCGPLMcHs5azsHeSfdw/hH6sghUEVsmw
DE6Vx4H7nb2VghTsrHESIcOk4ma1bzwYIitbYf+K5mlazjj58pR2pXXnu7sa8yur
bKEUcY3bKtRd7Jsh7csB16Wzcg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:15 2023 by rpki-client on console-fra.rpki-client.org