Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/aHMjxZq7aiPTGHnS7x9hw2-TikA.roa
File: aHMjxZq7aiPTGHnS7x9hw2-TikA.roa (raw, json)
Hash identifier: vOioH1A4Q1hOjpXxRaKxECS0gjn5dM9OQkERi9PJ6q8=
Subject key identifier: 68:73:23:C5:9A:BB:6A:23:D3:18:79:D2:EF:1F:61:C3:6F:93:8A:40
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018355A59B0BAFA1B3510D39A5FE281CFD2F
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/aHMjxZq7aiPTGHnS7x9hw2-TikA.roa
Signing time: Mon 19 Sep 2022 12:07:39 +0000
ROA not before: Mon 19 Sep 2022 12:07:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29604
IP address blocks: 188.255.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:a5:9b:0b:af:a1:b3:51:0d:39:a5:fe:28:1c:fd:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Sep 19 12:07:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=687323c59abb6a23d31879d2ef1f61c36f938a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d2:c3:6f:4d:65:36:5b:4d:81:50:ac:81:23:
49:96:d3:27:c9:42:9d:cf:89:9c:2f:03:ed:e1:3e:
a1:68:85:1d:21:9e:28:3b:c4:4b:98:76:46:96:dd:
21:3f:b8:9c:f4:40:a2:09:93:c5:d1:a3:33:c0:30:
d2:99:88:e9:67:58:3e:a4:00:c2:02:0c:03:90:05:
1c:d2:bd:27:73:25:34:bf:73:e7:1f:0e:8b:73:47:
e3:4a:4e:65:42:90:f2:a7:b1:6c:d5:9a:c7:61:02:
8a:05:eb:bb:e6:7c:3b:98:c7:4a:e2:79:e5:9e:2d:
85:74:52:41:0b:fd:40:3e:c4:d7:d0:59:7e:4a:13:
37:ec:e3:37:02:fb:41:90:5b:1f:f5:95:30:38:bb:
3a:ed:2b:4c:29:af:25:b7:26:5f:15:a0:fc:e9:87:
3b:6c:fd:38:27:22:ad:fc:fa:f8:db:7f:dc:b3:a5:
96:02:87:e6:d0:aa:e0:02:7d:2d:aa:94:5f:c3:6a:
39:73:a2:a0:b5:39:4d:de:19:74:65:9c:1f:e5:52:
16:a6:04:1f:fb:e6:c3:9f:52:3e:39:e3:fe:47:94:
6c:05:57:cb:38:ca:1f:86:13:13:b4:13:50:0a:c4:
c3:88:58:ff:a4:84:05:9b:bf:30:71:00:77:41:8f:
de:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:73:23:C5:9A:BB:6A:23:D3:18:79:D2:EF:1F:61:C3:6F:93:8A:40
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/aHMjxZq7aiPTGHnS7x9hw2-TikA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.255.210.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:a1:26:97:28:89:a2:e1:d6:da:52:36:d1:92:d8:94:6e:5c:
19:b2:8b:40:a3:1f:c1:43:9a:e4:2c:62:b8:6f:99:38:89:5d:
b1:ce:e5:98:22:11:f9:de:94:3f:86:d8:7a:81:46:fa:cf:5c:
25:f4:b9:85:51:95:cd:d3:f5:de:31:4d:b9:58:e6:c7:0f:96:
54:69:75:01:b1:51:97:40:a2:eb:b5:09:cd:7c:9c:ed:c4:74:
dc:0b:79:70:c7:94:e0:ec:ad:5f:2c:94:03:97:4a:68:4b:45:
8e:b3:17:93:4f:d0:52:76:88:2d:59:6f:cc:1d:3a:ed:22:ba:
25:03:c1:06:ae:a5:d0:cb:1f:0c:61:62:7f:c3:d9:ab:68:13:
db:2f:67:f4:ee:b9:5c:f0:d0:9c:fe:a8:8c:8c:bb:55:65:b8:
5f:91:30:cc:cb:89:fa:49:8b:b8:26:f3:cb:22:03:e9:e7:ce:
fe:d6:23:57:89:d8:1f:ca:c3:69:e1:bb:36:cc:bd:d1:dd:92:
38:48:65:17:93:4e:c2:36:41:50:3a:d4:a3:3e:b9:46:d0:c1:
05:35:6f:91:2c:ec:6c:e4:0d:f2:4e:c6:39:eb:73:e6:e5:99:
37:a5:c3:36:e8:a7:f7:26:ba:b9:de:fa:a5:c8:dd:8c:6d:85:
d6:40:ff:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNVpZsLr6GzUQ05pf4oHP0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwOTE5MTIwNzM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODczMjNjNTlhYmI2YTIzZDMxODc5ZDJlZjFmNjFjMzZmOTM4YTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNLDb01lNltNgVCsgSNJltMnyUKd
z4mcLwPt4T6haIUdIZ4oO8RLmHZGlt0hP7ic9ECiCZPF0aMzwDDSmYjpZ1g+pADC
AgwDkAUc0r0ncyU0v3PnHw6Lc0fjSk5lQpDyp7Fs1ZrHYQKKBeu75nw7mMdK4nnl
ni2FdFJBC/1APsTX0Fl+ShM37OM3AvtBkFsf9ZUwOLs67StMKa8ltyZfFaD86Yc7
bP04JyKt/Pr423/cs6WWAofm0KrgAn0tqpRfw2o5c6KgtTlN3hl0ZZwf5VIWpgQf
++bDn1I+OeP+R5RsBVfLOMofhhMTtBNQCsTDiFj/pIQFm78wcQB3QY/e0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhzI8Wau2oj0xh50u8fYcNvk4pAMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYUhNanhacTdhaVBUR0huUzd4OWh3Mi1UaWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvP/SMA0G
CSqGSIb3DQEBCwUAA4IBAQBtoSaXKImi4dbaUjbRktiUblwZsotAox/BQ5rkLGK4
b5k4iV2xzuWYIhH53pQ/hth6gUb6z1wl9LmFUZXN0/XeMU25WObHD5ZUaXUBsVGX
QKLrtQnNfJztxHTcC3lwx5Tg7K1fLJQDl0poS0WOsxeTT9BSdogtWW/MHTrtIrol
A8EGrqXQyx8MYWJ/w9mraBPbL2f07rlc8NCc/qiMjLtVZbhfkTDMy4n6SYu4JvPL
IgPp587+1iNXidgfysNp4bs2zL3R3ZI4SGUXk07CNkFQOtSjPrlG0MEFNW+RLOxs
5A3yTsY563Pm5Zk3pcM26Kf3Jrq53vqlyN2MbYXWQP83
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org