Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/RHKmVYcdbMQvC31gBPdSkzAuD1k.roa
File: RHKmVYcdbMQvC31gBPdSkzAuD1k.roa (raw, json)
Hash identifier: 75uU3KLvw1WdhWdsjXC5Jhu+9+KNIUqdmxbFvzL7rzQ=
Subject key identifier: 44:72:A6:55:87:1D:6C:C4:2F:0B:7D:60:04:F7:52:93:30:2E:0F:59
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 01842DAFD87C30A8E831D0300CE54146DC23
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/RHKmVYcdbMQvC31gBPdSkzAuD1k.roa
Signing time: Mon 31 Oct 2022 10:56:49 +0000
ROA not before: Mon 31 Oct 2022 10:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 195.242.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:af:d8:7c:30:a8:e8:31:d0:30:0c:e5:41:46:dc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 31 10:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4472a655871d6cc42f0b7d6004f75293302e0f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:66:97:d5:1e:08:36:f8:8c:43:c5:70:8d:dc:
a9:8e:b4:b7:21:c2:3a:f6:b2:33:d6:d0:29:47:48:
a8:01:6c:df:1b:28:00:74:d5:6b:5d:6c:bf:48:5d:
6f:ed:35:d9:ff:a0:0c:00:f6:3f:0f:a9:75:bf:5d:
71:a8:f3:d6:b6:ab:8d:93:02:24:76:c3:cd:78:c0:
80:20:96:89:84:ad:0d:4c:7b:b9:71:74:2a:0f:a8:
76:33:e1:a9:45:f8:04:cb:22:b3:a2:95:f3:9f:d6:
a7:ee:3e:57:d5:9a:23:b9:f0:41:57:d0:e4:6b:e8:
ee:dd:e4:2c:cc:37:67:c3:b5:f4:c8:4c:50:43:cd:
ef:b8:c7:9f:8b:65:c7:1b:1a:3f:8f:83:71:26:c9:
34:cf:43:8d:0b:5c:68:79:9d:4b:1f:73:03:9e:1a:
b0:94:95:a6:3b:e4:92:22:30:7f:f6:99:e9:3d:29:
c9:87:df:9a:fb:e7:c0:c2:24:0e:26:3f:05:9b:5f:
d6:59:71:98:f1:77:72:27:df:88:a5:d0:f3:54:ff:
ec:c2:b7:46:15:ce:8b:1f:27:67:8f:3b:39:e4:8a:
c8:34:c3:44:c1:18:90:70:96:48:b6:e0:ce:7a:68:
c2:3c:35:8e:48:b4:02:55:63:4e:b0:d0:a4:26:66:
7c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:72:A6:55:87:1D:6C:C4:2F:0B:7D:60:04:F7:52:93:30:2E:0F:59
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/RHKmVYcdbMQvC31gBPdSkzAuD1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.243.0/24
Signature Algorithm: sha256WithRSAEncryption
88:51:77:bc:ed:33:85:7a:55:4d:25:24:b4:77:aa:d2:2b:4f:
fa:c7:fa:61:9e:68:d7:82:84:e2:84:ae:a6:47:00:2f:5d:c5:
c3:be:1e:47:97:33:9e:2d:a6:87:83:e5:94:86:fe:b3:2c:0e:
f8:06:61:3f:e8:83:22:d9:15:e7:4f:10:64:6b:2e:70:41:8e:
43:5b:92:b6:0a:6e:64:2d:f2:57:89:3b:65:56:0c:de:f0:9d:
db:80:fe:f1:35:f5:fb:d0:f7:c7:c0:93:be:93:f1:fe:cd:b4:
00:50:5c:04:18:1d:f9:b4:73:a4:1a:a6:c8:ec:76:fd:dd:b3:
64:70:45:e7:02:f4:72:4e:a4:48:0b:38:46:02:39:c3:ed:8b:
f7:ba:a7:30:a2:4b:40:e3:2f:7e:93:e2:68:6c:be:d0:bf:34:
56:00:7e:7a:32:4e:6a:39:da:3f:fd:fe:5d:25:47:22:3e:29:
ac:86:8f:d2:a1:74:13:98:e3:80:4f:39:fe:bc:76:e9:a4:f2:
cb:33:a8:8b:f2:e3:1e:95:3a:fd:01:98:48:70:97:fd:3f:6b:
6e:97:b1:47:98:c3:12:86:92:73:40:43:60:6c:03:47:24:73:
11:04:88:10:a5:03:6b:78:d8:55:81:ed:b7:62:c0:ab:a1:ca:
e5:aa:5d:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQtr9h8MKjoMdAwDOVBRtwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIxMDMxMTA1NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDcyYTY1NTg3MWQ2Y2M0MmYwYjdkNjAwNGY3NTI5MzMwMmUwZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGaX1R4INviMQ8VwjdypjrS3IcI6
9rIz1tApR0ioAWzfGygAdNVrXWy/SF1v7TXZ/6AMAPY/D6l1v11xqPPWtquNkwIk
dsPNeMCAIJaJhK0NTHu5cXQqD6h2M+GpRfgEyyKzopXzn9an7j5X1ZojufBBV9Dk
a+ju3eQszDdnw7X0yExQQ83vuMefi2XHGxo/j4NxJsk0z0ONC1xoeZ1LH3MDnhqw
lJWmO+SSIjB/9pnpPSnJh9+a++fAwiQOJj8Fm1/WWXGY8XdyJ9+IpdDzVP/swrdG
Fc6LHydnjzs55IrINMNEwRiQcJZItuDOemjCPDWOSLQCVWNOsNCkJmZ8NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERyplWHHWzELwt9YAT3UpMwLg9ZMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvUkhLbVZZY2RiTVF2QzMxZ0JQZFNrekF1RDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/LzMA0G
CSqGSIb3DQEBCwUAA4IBAQCIUXe87TOFelVNJSS0d6rSK0/6x/phnmjXgoTihK6m
RwAvXcXDvh5HlzOeLaaHg+WUhv6zLA74BmE/6IMi2RXnTxBkay5wQY5DW5K2Cm5k
LfJXiTtlVgze8J3bgP7xNfX70PfHwJO+k/H+zbQAUFwEGB35tHOkGqbI7Hb93bNk
cEXnAvRyTqRICzhGAjnD7Yv3uqcwoktA4y9+k+JobL7QvzRWAH56Mk5qOdo//f5d
JUciPimsho/SoXQTmOOATzn+vHbppPLLM6iL8uMelTr9AZhIcJf9P2tul7FHmMMS
hpJzQENgbANHJHMRBIgQpQNreNhVge23YsCrocrlql3x
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:04 2023 by rpki-client on console-ams.rpki-client.org