Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/yz0kihDfT9pxxRQqSPRxW8gHNZU.roa
File: yz0kihDfT9pxxRQqSPRxW8gHNZU.roa (raw, json)
Hash identifier: udULfD3q+EL0EVrzDF7sAy+aGk9CRnMcDQWS6mdSeqo=
Subject key identifier: CB:3D:24:8A:10:DF:4F:DA:71:C5:14:2A:48:F4:71:5B:C8:07:35:95
Certificate issuer: /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial: 0130783F
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/yz0kihDfT9pxxRQqSPRxW8gHNZU.roa
Signing time: Wed 05 Jan 2022 19:11:40 +0000
ROA not before: Wed 05 Jan 2022 19:11:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206352
IP address blocks: 195.210.124.0/23 maxlen: 23
195.210.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19953727 (0x130783f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Validity
Not Before: Jan 5 19:11:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb3d248a10df4fda71c5142a48f4715bc8073595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8d:32:72:39:6b:89:00:f7:46:dc:14:34:0a:
ed:36:90:1a:1c:ed:d2:2d:50:0e:d6:b3:40:d4:1d:
c7:40:df:16:8a:9c:94:e2:53:01:2f:60:d7:30:27:
3d:d5:7b:99:0a:b5:bc:f8:e8:10:06:2a:9d:af:48:
8c:1c:b3:00:da:f0:85:08:90:0f:e5:27:ae:5c:09:
c9:4b:a8:a2:5b:59:09:83:a2:c7:79:47:83:91:f7:
3c:aa:5d:b2:2e:60:dd:c8:75:a3:13:fc:fd:a1:d1:
66:8c:38:78:3b:e6:d7:bb:6e:08:c8:68:c6:93:a8:
2f:d1:77:52:ef:8d:0c:99:ef:b6:73:d1:de:e4:bc:
87:b6:98:14:b9:7a:2b:1c:d9:8c:a0:6a:16:f9:ce:
94:76:b4:02:2d:6c:e5:89:34:a7:c4:34:c7:db:74:
2f:11:8f:90:7f:04:ce:52:d8:fc:4e:43:db:8f:0d:
04:c4:67:b5:07:30:8c:ac:40:4d:3f:24:e1:7c:b6:
82:72:1f:4d:d8:5e:6b:a7:22:63:8b:80:be:d2:c5:
a3:81:7c:3c:59:41:8c:b9:4e:cc:54:ce:3f:00:3e:
87:84:46:89:b4:0e:a5:e1:cb:6a:0a:98:85:60:9a:
d9:8f:07:20:3b:b4:a7:2f:09:b1:06:32:1c:49:0f:
a2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3D:24:8A:10:DF:4F:DA:71:C5:14:2A:48:F4:71:5B:C8:07:35:95
X509v3 Authority Key Identifier:
keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/yz0kihDfT9pxxRQqSPRxW8gHNZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.124.0/22
Signature Algorithm: sha256WithRSAEncryption
54:04:5e:1a:ca:94:84:e3:21:b6:b0:d5:e0:48:13:37:fe:24:
0b:63:dc:3c:34:3f:63:26:13:ab:4c:ef:e3:c0:59:d4:6b:f3:
42:c7:3c:72:34:13:ce:3a:0f:fc:4f:20:e3:60:c2:5d:b2:f0:
58:8e:a2:8e:73:ef:bb:cc:d1:a5:87:44:6e:ed:b1:c6:2a:16:
06:35:66:eb:a9:e5:82:3f:01:9e:fd:47:b9:55:9a:fa:67:33:
77:ee:b8:f3:1d:35:f7:b6:e5:f6:91:30:c2:bb:b0:60:e2:94:
ae:e5:c5:f8:64:72:90:6d:35:43:3d:fb:a8:79:50:40:d3:12:
2b:41:b4:28:b6:0d:62:94:0f:a0:78:1e:8e:4f:23:83:1e:4b:
26:6e:34:b9:8e:a6:77:6b:b6:08:1a:74:fe:92:35:cf:1d:5d:
62:ce:58:a7:c3:cd:c3:c5:54:31:fb:d5:6b:04:93:6e:d8:55:
f3:b7:87:72:61:24:0d:04:a7:b0:c7:51:fe:f9:3c:e5:e2:7f:
2e:de:92:7c:f4:1e:02:52:26:8c:19:b1:87:18:f4:70:c1:10:
ea:e8:59:1a:76:79:a4:3d:b3:8b:d7:c2:8f:8c:06:36:34:67:
46:88:cd:1b:2f:90:2d:39:e8:70:38:c0:7d:c1:b5:88:7a:89:
61:fd:bb:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATB4PzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZWI4NGQ5ZjhmOWUzMzE1NjU4OWE1ZWJmNzIyMjAzYTg5OWUwYTUxMB4XDTIyMDEw
NTE5MTE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2IzZDI0OGExMGRm
NGZkYTcxYzUxNDJhNDhmNDcxNWJjODA3MzU5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMONMnI5a4kA90bcFDQK7TaQGhzt0i1QDtazQNQdx0DfFoqc
lOJTAS9g1zAnPdV7mQq1vPjoEAYqna9IjByzANrwhQiQD+UnrlwJyUuooltZCYOi
x3lHg5H3PKpdsi5g3ch1oxP8/aHRZow4eDvm17tuCMhoxpOoL9F3Uu+NDJnvtnPR
3uS8h7aYFLl6KxzZjKBqFvnOlHa0Ai1s5Yk0p8Q0x9t0LxGPkH8EzlLY/E5D248N
BMRntQcwjKxATT8k4Xy2gnIfTdhea6ciY4uAvtLFo4F8PFlBjLlOzFTOPwA+h4RG
ibQOpeHLagqYhWCa2Y8HIDu0py8JsQYyHEkPovcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTLPSSKEN9P2nHFFCpI9HFbyAc1lTAfBgNVHSMEGDAWgBT+uE2fj54zFWWJ
pev3IiA6iZ4KUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19yaE5uNC1lTXhWbGlhWHI5eUlnT29tZUNsRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvNjE0ZTVjLTI5OWItNGZkNC1hMGJjLWFmMWNjMjMxN2UzOS8x
L3l6MGtpaERmVDlweHhSUXFTUFJ4VzhnSE5aVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
NjE0ZTVjLTI5OWItNGZkNC1hMGJjLWFmMWNjMjMxN2UzOS8xL19yaE5uNC1lTXhW
bGlhWHI5eUlnT29tZUNsRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsPSfDANBgkqhkiG9w0BAQsFAAOC
AQEAVAReGsqUhOMhtrDV4EgTN/4kC2PcPDQ/YyYTq0zv48BZ1GvzQsc8cjQTzjoP
/E8g42DCXbLwWI6ijnPvu8zRpYdEbu2xxioWBjVm66nlgj8Bnv1HuVWa+mczd+64
8x0197bl9pEwwruwYOKUruXF+GRykG01Qz37qHlQQNMSK0G0KLYNYpQPoHgejk8j
gx5LJm40uY6md2u2CBp0/pI1zx1dYs5Yp8PNw8VUMfvVawSTbthV87eHcmEkDQSn
sMdR/vk85eJ/Lt6SfPQeAlImjBmxhxj0cMEQ6uhZGnZ5pD2zi9fCj4wGNjRnRojN
Gy+QLTnocDjAfcG1iHqJYf27+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org