Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/k-5asSGPf8CnR7j7ZBPKR4hPItY.roa
File: k-5asSGPf8CnR7j7ZBPKR4hPItY.roa (raw, json)
Hash identifier: Z1f+R3um2gykkYIPmiDJmJ/GNSZs/lljdz+vQdKIfGg=
Subject key identifier: 93:EE:5A:B1:21:8F:7F:C0:A7:47:B8:FB:64:13:CA:47:88:4F:22:D6
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0184655F2F18A4BCC6ECBFD52BC09DF42730
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/k-5asSGPf8CnR7j7ZBPKR4hPItY.roa
Signing time: Fri 11 Nov 2022 06:27:27 +0000
ROA not before: Fri 11 Nov 2022 06:27:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 194.15.96.0/22 maxlen: 24
188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:5f:2f:18:a4:bc:c6:ec:bf:d5:2b:c0:9d:f4:27:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Nov 11 06:27:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93ee5ab1218f7fc0a747b8fb6413ca47884f22d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:86:4b:5d:34:21:12:2d:88:d4:29:7f:44:11:
4b:75:d5:2e:e0:26:6a:48:a6:43:cb:ea:4d:3d:0c:
ac:bf:1e:15:8a:52:2c:67:62:e5:37:80:85:42:2e:
6c:8d:08:b0:72:a9:4e:00:cd:48:8e:96:52:8c:fb:
6f:d3:d4:4e:31:b4:08:5e:f8:a1:2a:01:18:1a:ff:
a8:d0:66:39:09:2e:46:29:11:03:64:b6:61:f6:5b:
bb:e8:67:e4:b8:09:84:a6:68:a9:f8:7d:dc:1c:5e:
00:59:33:b0:bd:f2:96:d7:33:f0:20:4f:38:20:12:
f2:0c:bd:7a:84:4b:2e:3f:88:ba:f6:a7:b5:75:c2:
7c:8d:62:f2:a9:d1:ad:4c:60:0c:e8:86:a9:00:5d:
91:8b:c7:38:32:9c:f2:44:0a:ef:8a:d6:4f:5e:14:
87:c1:b5:77:91:1d:65:a8:8a:0c:bc:8f:f4:29:73:
1f:01:fa:53:83:3e:f3:29:44:52:74:a5:d2:ab:cf:
06:05:f5:ac:d3:16:e5:69:4f:10:b1:ab:9f:40:a3:
bc:87:33:0a:f7:3c:a4:9c:b5:d3:00:95:ef:3e:e8:
f3:d9:ff:81:45:e3:a0:bd:e9:0f:a1:04:48:32:ee:
c1:19:76:39:e6:8f:86:bb:26:db:8d:b9:a9:ea:95:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:EE:5A:B1:21:8F:7F:C0:A7:47:B8:FB:64:13:CA:47:88:4F:22:D6
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/k-5asSGPf8CnR7j7ZBPKR4hPItY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
194.15.96.0/22
Signature Algorithm: sha256WithRSAEncryption
96:52:ff:68:c4:5d:63:0b:ab:c0:02:e7:92:4b:25:6c:f1:b0:
39:a6:f9:ae:d8:1f:50:04:ae:b8:40:dd:8a:8e:9a:d5:84:a7:
22:54:be:2b:e4:6b:24:18:a0:57:2d:a5:92:ec:d2:a5:50:33:
d9:ca:91:4b:6f:ff:a4:d1:97:8d:f5:5a:3a:f7:96:eb:07:6f:
99:87:97:0c:00:a4:79:f5:88:d3:01:5e:36:38:65:68:a9:1c:
f1:c5:c4:1e:87:6a:7e:66:a4:32:8d:33:c4:2d:63:7d:c0:5f:
07:81:46:bf:0f:de:cc:33:d7:4f:02:97:87:60:93:36:4c:56:
73:d6:43:b9:5e:39:d2:51:1c:a1:ce:29:ff:84:8e:4a:4e:3a:
ea:75:20:e5:38:e0:2a:d6:64:60:58:cb:e4:2b:e4:63:a1:39:
46:a1:70:73:f0:69:af:eb:2e:71:f4:29:60:87:16:44:f9:1f:
98:05:4e:57:a2:dd:47:fb:65:33:1c:f0:69:5b:15:f7:12:37:
72:39:29:e2:2f:cb:72:80:35:0d:e1:e3:d9:14:9d:27:0f:88:
16:98:f7:99:a0:a1:44:2d:35:29:79:15:12:df:85:87:12:b8:
ac:19:3f:74:87:27:12:e3:af:7b:47:f8:50:c0:4e:98:88:9b:
43:8b:af:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRlXy8YpLzG7L/VK8Cd9CcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIxMTExMDYyNzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2VlNWFiMTIxOGY3ZmMwYTc0N2I4ZmI2NDEzY2E0Nzg4NGYyMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIZLXTQhEi2I1Cl/RBFLddUu4CZq
SKZDy+pNPQysvx4VilIsZ2LlN4CFQi5sjQiwcqlOAM1IjpZSjPtv09ROMbQIXvih
KgEYGv+o0GY5CS5GKREDZLZh9lu76GfkuAmEpmip+H3cHF4AWTOwvfKW1zPwIE84
IBLyDL16hEsuP4i69qe1dcJ8jWLyqdGtTGAM6IapAF2Ri8c4MpzyRArvitZPXhSH
wbV3kR1lqIoMvI/0KXMfAfpTgz7zKURSdKXSq88GBfWs0xblaU8QsaufQKO8hzMK
9zyknLXTAJXvPujz2f+BReOgvekPoQRIMu7BGXY55o+Guybbjbmp6pUSRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJPuWrEhj3/Ap0e4+2QTykeITyLWMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvay01YXNTR1BmOENuUjdqN1pCUEtSNGhQSXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQC
wg9gMA0GCSqGSIb3DQEBCwUAA4IBAQCWUv9oxF1jC6vAAueSSyVs8bA5pvmu2B9Q
BK64QN2KjprVhKciVL4r5GskGKBXLaWS7NKlUDPZypFLb/+k0ZeN9Vo695brB2+Z
h5cMAKR59YjTAV42OGVoqRzxxcQeh2p+ZqQyjTPELWN9wF8HgUa/D97MM9dPApeH
YJM2TFZz1kO5XjnSURyhzin/hI5KTjrqdSDlOOAq1mRgWMvkK+RjoTlGoXBz8Gmv
6y5x9ClghxZE+R+YBU5Xot1H+2UzHPBpWxX3EjdyOSniL8tygDUN4ePZFJ0nD4gW
mPeZoKFELTUpeRUS34WHErisGT90hycS4697R/hQwE6YiJtDi6/Q
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:14 2023 by rpki-client on console-fra.rpki-client.org