Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/P-J5lbRc5-BJjJ1awmy7PrdMWSk.roa
File: P-J5lbRc5-BJjJ1awmy7PrdMWSk.roa (raw, json)
Hash identifier: UCJNMPBL+0hu2OiMX5chwnyQ9gX92gZ0t7UbR8huNGw=
Subject key identifier: 3F:E2:79:95:B4:5C:E7:E0:49:8C:9D:5A:C2:6C:BB:3E:B7:4C:59:29
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 5567B7
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/P-J5lbRc5-BJjJ1awmy7PrdMWSk.roa
Signing time: Sat 01 Jan 2022 02:52:02 +0000
ROA not before: Sat 01 Jan 2022 02:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54103
IP address blocks: 194.55.129.0/24 maxlen: 24
193.201.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5597111 (0x5567b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 02:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fe27995b45ce7e0498c9d5ac26cbb3eb74c5929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0f:e2:c5:4e:5c:fc:b6:9d:8f:52:af:b5:84:
cb:93:32:f3:de:a7:b4:19:d7:31:00:91:6f:9f:b2:
83:e9:5e:91:5a:82:c4:41:0c:e6:9d:f8:b6:b1:98:
b2:24:35:05:0d:3a:de:b4:ef:66:45:97:6e:58:cc:
70:b3:24:16:3b:fa:57:24:6a:81:f5:1e:20:68:bd:
4c:af:4b:8a:89:9e:73:3b:1e:2e:e4:00:93:3b:d6:
eb:45:24:60:ca:67:6d:b8:fe:2e:4c:0f:c8:95:68:
1a:66:65:be:8c:6b:a7:b0:72:34:bc:78:df:b8:96:
83:8d:cd:cd:df:b6:06:9e:dc:2a:0e:28:59:97:5d:
45:7f:2a:b2:0f:b3:57:0c:9e:74:db:3a:eb:38:6f:
f0:8f:d9:04:57:60:1a:f5:e9:70:ff:9a:4e:07:4c:
4c:50:50:ee:1f:24:f4:51:98:ea:83:c3:31:b7:c1:
22:ff:b0:8a:0b:98:4f:9b:af:7b:04:dc:0f:96:4f:
85:ad:8b:95:80:0a:a6:f1:d2:a3:f3:f6:8f:b1:08:
a2:ac:e5:fc:f7:02:56:9b:1c:4b:8c:5f:ce:ec:ac:
c9:37:6c:97:45:b3:9c:64:58:49:21:18:1a:51:43:
1f:86:37:63:a5:cf:3f:f9:c9:91:b0:79:7a:f1:d2:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E2:79:95:B4:5C:E7:E0:49:8C:9D:5A:C2:6C:BB:3E:B7:4C:59:29
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/P-J5lbRc5-BJjJ1awmy7PrdMWSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.203.0/24
194.55.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:81:a1:e2:40:ca:57:c5:6a:9c:cc:e4:35:ab:89:1b:70:4e:
34:c6:8c:13:da:96:6f:13:f6:24:88:9c:5c:64:c3:4c:33:c8:
da:a9:87:25:85:c5:5a:57:d5:10:f1:34:da:31:30:72:07:4e:
f1:0e:8e:18:2e:ee:31:be:99:ac:9e:69:2c:c8:a9:e5:55:f8:
dc:29:12:6e:31:e7:66:95:d7:b1:0f:89:70:1f:f5:bf:3e:d2:
09:4e:a2:fd:1c:43:d9:da:6d:5b:9a:c4:d8:70:14:ab:3b:63:
47:3b:5e:bd:9e:44:62:10:9a:36:6e:fc:95:10:32:e3:71:ed:
ca:59:c3:37:77:2f:a8:c6:b5:d8:8d:c1:92:ed:0d:31:7c:58:
60:34:94:0f:34:d5:4a:85:a7:a7:62:9b:0d:50:7a:2e:2e:42:
10:09:6b:2e:b6:1a:a5:d0:dc:7f:4e:1c:6a:09:e8:d8:5a:f3:
1d:ba:b3:1c:af:d4:c8:c7:25:ec:01:5d:7f:96:b7:cc:ba:23:
26:9a:89:3b:5e:34:08:b3:6b:c1:8b:90:db:01:0b:4b:ad:93:
6b:8a:ba:78:00:3f:68:d7:a5:66:dd:ec:b2:91:87:fa:9d:16:
38:fb:c1:f8:b2:61:bb:ab:8a:f0:aa:26:a2:f4:63:65:f7:2f:
22:b6:de:10
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDVWe3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
Mjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVlNzM2NjQwHhcNMjIwMTAx
MDI1MjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzZmUyNzk5NWI0NWNl
N2UwNDk4YzlkNWFjMjZjYmIzZWI3NGM1OTI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyg/ixU5c/Ladj1KvtYTLkzLz3qe0GdcxAJFvn7KD6V6RWoLE
QQzmnfi2sZiyJDUFDTretO9mRZduWMxwsyQWO/pXJGqB9R4gaL1Mr0uKiZ5zOx4u
5ACTO9brRSRgymdtuP4uTA/IlWgaZmW+jGunsHI0vHjfuJaDjc3N37YGntwqDihZ
l11FfyqyD7NXDJ502zrrOG/wj9kEV2Aa9elw/5pOB0xMUFDuHyT0UZjqg8Mxt8Ei
/7CKC5hPm697BNwPlk+FrYuVgAqm8dKj8/aPsQiirOX89wJWmxxLjF/O7KzJN2yX
RbOcZFhJIRgaUUMfhjdjpc8/+cmRsHl68dJ4BwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFD/ieZW0XOfgSYydWsJsuz63TFkpMB8GA1UdIwQYMBaAFA0pmQQsXiAGvVrr
egXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEv
UC1KNWxiUmM1LUJKakoxYXdteTdQcmRNV1NrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8y
YzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEvRFNtWkJDeGVJQWE5
V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwcnLAwQAwjeBMA0GCSqGSIb3DQEB
CwUAA4IBAQA7gaHiQMpXxWqczOQ1q4kbcE40xowT2pZvE/YkiJxcZMNMM8jaqYcl
hcVaV9UQ8TTaMTByB07xDo4YLu4xvpmsnmksyKnlVfjcKRJuMedmldexD4lwH/W/
PtIJTqL9HEPZ2m1bmsTYcBSrO2NHO169nkRiEJo2bvyVEDLjce3KWcM3dy+oxrXY
jcGS7Q0xfFhgNJQPNNVKhaenYpsNUHouLkIQCWsuthql0Nx/ThxqCejYWvMdurMc
r9TIxyXsAV1/lrfMuiMmmok7XjQIs2vBi5DbAQtLrZNrirp4AD9o16Vm3eyykYf6
nRY4+8H4smG7q4rwqiai9GNl9y8itt4Q
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org