Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/goDfUKvUvX_BejNaxlSJwtKfh9U.roa
File: goDfUKvUvX_BejNaxlSJwtKfh9U.roa (raw, json)
Hash identifier: LqXw9CU1UYpx7W4Wu8vt3oTtPw70+wtqFugjEUEbdt8=
Subject key identifier: 82:80:DF:50:AB:D4:BD:7F:C1:7A:33:5A:C6:54:89:C2:D2:9F:87:D5
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0184397EEC7A2276CCE93706A050B2EFD59F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/goDfUKvUvX_BejNaxlSJwtKfh9U.roa
Signing time: Wed 02 Nov 2022 17:58:50 +0000
ROA not before: Wed 02 Nov 2022 17:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 93.120.0.0/21 maxlen: 21
64.43.112.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:39:7e:ec:7a:22:76:cc:e9:37:06:a0:50:b2:ef:d5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 2 17:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8280df50abd4bd7fc17a335ac65489c2d29f87d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:20:c6:a9:20:fc:af:61:05:8f:3c:f6:6b:57:
5e:06:e6:4b:26:00:63:2c:de:d3:a4:d7:42:8b:ce:
c6:6c:71:c7:aa:56:c1:4e:32:84:9c:c6:e3:23:77:
8b:a1:3c:9d:ef:5d:7d:48:bc:d9:87:1b:0c:7f:ba:
ef:c5:54:64:14:2a:d6:26:9e:2e:20:6f:82:55:48:
c3:e8:34:4e:93:8f:f5:a4:d7:9d:32:f9:3c:c9:1f:
33:8f:d2:c9:af:bd:74:93:c9:e4:1b:49:4c:f2:52:
3a:d3:b8:93:d2:3a:d5:7d:b9:c9:53:87:58:15:dc:
43:ef:28:62:ca:84:81:9d:6a:f6:ae:4c:ca:cc:e0:
a3:9f:29:54:02:37:79:2a:4e:23:f9:6b:45:b1:15:
ac:d4:3b:06:05:03:b1:26:c8:14:cd:05:80:4d:d5:
f8:19:3d:af:d5:b6:e4:5b:d4:ae:8e:21:6d:08:49:
60:b9:98:ae:ec:a9:7e:c5:25:7c:de:90:5f:e6:e2:
b5:1f:58:f2:82:e5:0f:19:84:5f:b2:a0:7c:f4:2d:
a9:53:e6:dd:3c:c0:03:8b:a7:77:3c:d5:d0:06:89:
a9:41:f5:1d:52:bc:51:b0:22:a2:01:97:1e:73:9f:
6e:21:37:24:62:94:6f:fb:79:8e:ef:ec:9c:02:56:
6f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:80:DF:50:AB:D4:BD:7F:C1:7A:33:5A:C6:54:89:C2:D2:9F:87:D5
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/goDfUKvUvX_BejNaxlSJwtKfh9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.112.0/22
64.43.124.0/22
93.120.0.0/21
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
94:50:b8:b4:2a:fe:a8:0e:a1:c6:c9:b1:93:0c:db:9e:72:55:
18:21:ac:0c:ab:a7:61:e6:89:ab:42:bf:91:37:ab:d6:31:ee:
9b:b6:14:bf:20:55:b7:fc:fa:c6:93:1f:0f:c6:ef:f8:2d:58:
89:ec:68:0f:53:e5:8d:f1:64:63:9e:5b:1a:88:17:10:42:45:
49:c7:f1:fa:fc:59:2c:c2:d2:60:65:c2:5e:7d:7a:23:f4:54:
e6:74:7c:24:3a:25:43:85:73:a9:5c:5c:34:23:86:88:2b:3d:
10:c4:31:8e:c0:23:bd:8a:9c:fd:b2:c3:f6:9d:bc:7a:3c:c9:
9f:02:c4:ad:e9:57:cd:57:2c:71:bc:0f:e1:e2:93:f7:d7:4c:
34:87:1d:e3:3d:6e:a8:96:41:37:18:8f:00:42:69:0e:4c:99:
45:0a:02:b5:7a:11:cd:b8:a9:15:7e:6c:6f:e0:49:8c:59:df:
5d:b1:42:fa:27:4e:7b:48:76:a2:f8:89:9c:d8:f0:72:a1:88:
e4:53:f9:b2:1a:9d:88:7b:b6:0c:f3:7a:85:57:69:26:34:06:
14:b5:2a:36:6b:38:8a:19:cf:26:cf:53:79:62:6d:1c:5f:b9:
3f:e1:01:ac:1f:4c:00:08:86:7d:ba:d7:43:9a:94:38:6e:62:
94:fa:ef:b0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQ5fux6InbM6TcGoFCy79WfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTAyMTc1ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjgwZGY1MGFiZDRiZDdmYzE3YTMzNWFjNjU0ODljMmQyOWY4N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiDGqSD8r2EFjzz2a1deBuZLJgBj
LN7TpNdCi87GbHHHqlbBTjKEnMbjI3eLoTyd7119SLzZhxsMf7rvxVRkFCrWJp4u
IG+CVUjD6DROk4/1pNedMvk8yR8zj9LJr710k8nkG0lM8lI607iT0jrVfbnJU4dY
FdxD7yhiyoSBnWr2rkzKzOCjnylUAjd5Kk4j+WtFsRWs1DsGBQOxJsgUzQWATdX4
GT2v1bbkW9SujiFtCElguZiu7Kl+xSV83pBf5uK1H1jyguUPGYRfsqB89C2pU+bd
PMADi6d3PNXQBompQfUdUrxRsCKiAZcec59uITckYpRv+3mO7+ycAlZvaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIKA31Cr1L1/wXozWsZUicLSn4fVMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZ29EZlVLdlV2WF9CZWpOYXhsU0p3dEtmaDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQCtwAwQC
QCt8AwQDXXgAAwQCwSTMMA0GCSqGSIb3DQEBCwUAA4IBAQCUULi0Kv6oDqHGybGT
DNueclUYIawMq6dh5omrQr+RN6vWMe6bthS/IFW3/PrGkx8Pxu/4LViJ7GgPU+WN
8WRjnlsaiBcQQkVJx/H6/FkswtJgZcJefXoj9FTmdHwkOiVDhXOpXFw0I4aIKz0Q
xDGOwCO9ipz9ssP2nbx6PMmfAsSt6VfNVyxxvA/h4pP310w0hx3jPW6olkE3GI8A
QmkOTJlFCgK1ehHNuKkVfmxv4EmMWd9dsUL6J057SHai+Imc2PByoYjkU/myGp2I
e7YM83qFV2kmNAYUtSo2aziKGc8mz1N5Ym0cX7k/4QGsH0wACIZ9utdDmpQ4bmKU
+u+w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org