Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/DTw_Tmxb_smO77IJhQg3hvTROKo.roa
File: DTw_Tmxb_smO77IJhQg3hvTROKo.roa (raw, json)
Hash identifier: AzJsHmTP2sgaWyjRwi4hWT0YCvXJdU/orWEcioorz1w=
Subject key identifier: 0D:3C:3F:4E:6C:5B:FE:C9:8E:EF:B2:09:85:08:37:86:F4:D1:38:AA
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018332ECE7513E2FEE3F350E3180EE01220A
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/DTw_Tmxb_smO77IJhQg3hvTROKo.roa
Signing time: Mon 12 Sep 2022 18:18:49 +0000
ROA not before: Mon 12 Sep 2022 18:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35758
IP address blocks: 195.242.240.0/24 maxlen: 24
195.242.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:ec:e7:51:3e:2f:ee:3f:35:0e:31:80:ee:01:22:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Sep 12 18:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d3c3f4e6c5bfec98eefb20985083786f4d138aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f3:75:34:d3:b1:0c:be:46:41:22:6e:97:04:
2e:e4:ba:3d:b8:a9:e6:d7:dd:af:1a:b4:47:9c:d0:
8f:63:4d:80:d1:71:4e:db:62:42:9b:80:63:1c:6c:
ee:97:54:b3:36:4c:d7:3f:ff:35:a9:13:08:d3:67:
fb:ef:27:68:67:b6:22:eb:de:0e:d0:4d:b2:c3:34:
d3:89:6e:49:69:46:c6:22:73:2e:03:74:14:db:2a:
54:bc:f5:b5:d0:70:f8:8d:08:e4:63:6b:d9:0e:0d:
d5:ae:fc:f1:d5:82:cd:67:20:43:a3:5c:f2:f5:dd:
7a:2c:8a:28:38:b6:61:fb:2f:d1:41:99:07:00:3b:
09:16:04:8d:09:d8:34:97:d1:59:70:b1:eb:ac:7f:
15:00:db:87:b3:db:2f:f7:c0:ab:75:b7:a5:c2:71:
e5:b9:f9:82:be:f4:43:17:e6:40:9c:58:9f:93:08:
ea:ac:7c:0b:83:3f:e6:86:d4:36:e4:5a:a4:ec:5a:
8a:85:b4:59:be:8e:9e:83:c9:aa:d5:b8:ce:fc:57:
d0:0b:48:1a:20:3c:c9:80:e8:41:22:2a:32:4a:cd:
68:31:fe:46:87:74:3f:a8:11:c6:5c:77:3c:24:7c:
42:20:ad:c3:8e:45:bb:49:66:ea:10:30:f1:be:dd:
3f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:3C:3F:4E:6C:5B:FE:C9:8E:EF:B2:09:85:08:37:86:F4:D1:38:AA
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/DTw_Tmxb_smO77IJhQg3hvTROKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.240.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:67:8b:45:50:1b:dd:cc:43:da:66:2c:d4:b1:27:a2:86:2c:
90:d3:d9:90:63:36:42:05:97:00:e9:b9:43:fa:2d:54:8e:b1:
28:39:b3:fe:de:df:bd:75:de:98:e9:52:dc:d7:ba:1c:f1:f3:
ae:7e:65:d7:c0:f8:54:bb:31:83:ca:60:4c:34:21:d1:cd:53:
1d:fa:90:1a:af:44:4f:3b:b2:39:80:10:ee:01:4d:aa:96:1e:
a9:37:53:34:77:3a:84:32:31:4e:68:17:d2:f3:82:a1:3e:54:
06:91:65:c9:80:0d:b3:14:b0:cb:4f:2a:7d:6d:75:4a:83:f7:
4e:76:0c:7c:83:23:43:bc:9b:f1:79:24:f0:d9:85:59:dd:2d:
ad:94:42:a1:13:94:b7:97:f0:af:a9:af:3b:17:2c:21:94:6a:
17:b9:a9:89:60:1e:39:72:09:7f:61:98:7b:37:13:a5:f0:2e:
67:79:c6:78:4a:a6:48:04:8d:92:7e:bf:79:6e:c0:ee:91:8d:
f4:f7:af:31:b9:3f:26:32:72:41:4a:21:a6:bc:1d:86:f0:7f:
40:38:36:df:91:49:54:0a:1e:98:a3:42:1a:10:eb:ef:40:a6:
e1:25:93:31:9a:10:8e:06:ee:21:a8:6a:48:87:2f:05:5b:2a:
61:50:38:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMy7OdRPi/uPzUOMYDuASIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIwOTEyMTgxODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDNjM2Y0ZTZjNWJmZWM5OGVlZmIyMDk4NTA4Mzc4NmY0ZDEzOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvN1NNOxDL5GQSJulwQu5Lo9uKnm
192vGrRHnNCPY02A0XFO22JCm4BjHGzul1SzNkzXP/81qRMI02f77ydoZ7Yi694O
0E2ywzTTiW5JaUbGInMuA3QU2ypUvPW10HD4jQjkY2vZDg3Vrvzx1YLNZyBDo1zy
9d16LIooOLZh+y/RQZkHADsJFgSNCdg0l9FZcLHrrH8VANuHs9sv98CrdbelwnHl
ufmCvvRDF+ZAnFifkwjqrHwLgz/mhtQ25Fqk7FqKhbRZvo6eg8mq1bjO/FfQC0ga
IDzJgOhBIioySs1oMf5Gh3Q/qBHGXHc8JHxCIK3DjkW7SWbqEDDxvt0/OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA08P05sW/7Jju+yCYUIN4b00TiqMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvRFR3X1RteGJfc21PNzdJSmhRZzNodlRST0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/LwMA0G
CSqGSIb3DQEBCwUAA4IBAQAbZ4tFUBvdzEPaZizUsSeihiyQ09mQYzZCBZcA6blD
+i1UjrEoObP+3t+9dd6Y6VLc17oc8fOufmXXwPhUuzGDymBMNCHRzVMd+pAar0RP
O7I5gBDuAU2qlh6pN1M0dzqEMjFOaBfS84KhPlQGkWXJgA2zFLDLTyp9bXVKg/dO
dgx8gyNDvJvxeSTw2YVZ3S2tlEKhE5S3l/Cvqa87FywhlGoXuamJYB45cgl/YZh7
NxOl8C5necZ4SqZIBI2Sfr95bsDukY30968xuT8mMnJBSiGmvB2G8H9AODbfkUlU
Ch6Yo0IaEOvvQKbhJZMxmhCOBu4hqGpIhy8FWyphUDgr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:04 2023 by rpki-client on console-ams.rpki-client.org