Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/PHAUiytG9TwogRwudNIEimcCvjY.roa
File: PHAUiytG9TwogRwudNIEimcCvjY.roa (raw, json)
Hash identifier: YGgvEBsvj9cWX/xGdAuA8V6zSGve0yWbuMLqoB5Vxrk=
Subject key identifier: 3C:70:14:8B:2B:46:F5:3C:28:81:1C:2E:74:D2:04:8A:67:02:BE:36
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 03270F08
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/PHAUiytG9TwogRwudNIEimcCvjY.roa
Signing time: Sat 01 Jan 2022 12:02:32 +0000
ROA not before: Sat 01 Jan 2022 12:02:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56514
IP address blocks: 109.95.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52891400 (0x3270f08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 1 12:02:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c70148b2b46f53c28811c2e74d2048a6702be36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b9:43:e7:4b:4e:f1:15:85:bf:c3:a9:5a:51:
14:ef:66:79:d7:91:49:2e:22:48:55:61:1a:01:e5:
ab:78:ca:55:e4:50:fc:3b:80:d1:c6:c0:bc:b7:fb:
c3:21:ad:bd:2f:57:55:34:f0:17:4e:ba:76:c7:bc:
f3:8d:48:b6:00:3f:8f:45:19:8e:98:fc:44:52:96:
5c:bd:c2:c7:69:53:9f:b0:12:7e:86:3b:89:0c:e4:
7d:be:10:22:f1:cc:68:38:03:82:ef:e7:99:e9:cf:
f5:7d:98:fe:f1:bb:9d:a9:0d:56:1e:28:d1:0c:fc:
e5:0d:1e:6b:9e:44:38:05:9b:f3:a3:5b:4b:9f:30:
e7:41:13:e3:f4:d6:1e:d9:19:c4:30:9f:23:3e:fe:
61:ce:e0:d0:34:e6:c7:58:eb:85:27:1e:cd:0d:8a:
b2:1a:cd:89:fa:75:be:e7:7e:72:22:c4:16:20:2f:
db:2c:1f:6a:79:fc:6d:94:44:8c:60:e0:57:03:84:
72:28:af:36:01:0b:c7:6a:17:96:e1:3c:57:1d:4d:
f6:39:e5:31:03:9a:96:22:db:a2:d2:9e:10:14:b4:
70:d5:6c:07:03:55:de:f0:66:03:5b:d0:bd:94:0c:
e1:81:69:42:49:80:f5:36:59:a8:1b:10:e9:ed:21:
0c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:70:14:8B:2B:46:F5:3C:28:81:1C:2E:74:D2:04:8A:67:02:BE:36
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/PHAUiytG9TwogRwudNIEimcCvjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.15.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:cf:a6:70:c2:3c:6f:00:67:85:1a:69:c0:1d:71:af:9b:1c:
b4:d3:2a:6b:b7:33:8b:1e:37:c4:0c:10:91:0a:02:bb:87:bb:
07:db:24:8d:ec:c4:85:ef:1a:60:ec:b1:68:94:a4:58:df:94:
7f:63:33:d7:0b:70:89:e0:57:7a:3a:78:cd:2d:b8:2e:21:50:
49:0b:80:17:3f:8c:f1:98:34:87:2f:8c:2f:0f:41:be:5a:a5:
20:4a:71:65:ac:39:e4:27:9e:08:ec:04:e1:0a:bd:2b:b2:7c:
64:99:fb:fd:89:90:00:24:cb:bf:7b:56:f1:ef:7e:27:81:60:
7d:98:65:fa:1a:e6:07:c5:71:bd:47:7c:a6:fa:7d:42:28:8f:
ad:47:74:62:e8:8e:a1:10:9c:73:b0:d0:82:06:8e:d8:3e:af:
1f:03:d9:fd:26:bb:25:67:85:b9:c8:8d:9e:84:67:c5:65:b2:
8e:83:0d:67:2b:1e:39:df:7a:29:f5:2d:0a:31:75:96:fc:eb:
c0:0f:24:bc:d0:b1:fd:4b:c4:79:51:db:31:34:90:c3:1e:e2:
f9:45:8c:80:ff:32:d3:0c:2c:10:9e:1f:dd:d6:62:d5:a7:97:
9e:3a:24:c8:73:c0:62:ca:a3:38:0b:8b:28:f3:22:d1:65:66:
b8:f4:11:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAycPCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDhhZjQ4NWI0ZmQwZjAzNzE3Y2Q0YTcwOWVmMTFjNjFkM2VmNDZlMB4XDTIyMDEw
MTEyMDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M3MDE0OGIyYjQ2
ZjUzYzI4ODExYzJlNzRkMjA0OGE2NzAyYmUzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO25Q+dLTvEVhb/DqVpRFO9medeRSS4iSFVhGgHlq3jKVeRQ
/DuA0cbAvLf7wyGtvS9XVTTwF066dse8841ItgA/j0UZjpj8RFKWXL3Cx2lTn7AS
foY7iQzkfb4QIvHMaDgDgu/nmenP9X2Y/vG7nakNVh4o0Qz85Q0ea55EOAWb86Nb
S58w50ET4/TWHtkZxDCfIz7+Yc7g0DTmx1jrhScezQ2KshrNifp1vud+ciLEFiAv
2ywfann8bZREjGDgVwOEciivNgELx2oXluE8Vx1N9jnlMQOaliLbotKeEBS0cNVs
BwNV3vBmA1vQvZQM4YFpQkmA9TZZqBsQ6e0hDA0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ8cBSLK0b1PCiBHC500gSKZwK+NjAfBgNVHSMEGDAWgBRAivSFtP0PA3F8
1KcJ7xHGHT70bjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJcjBoYlQ5RHdOeGZOU25DZThSeGgwLTlHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZTExNzFjLTUyNzAtNDljZC05Mzc5LWI5NWIwOGEyM2FlMS8x
L1BIQVVpeXRHOVR3b2dSd3VkTklFaW1jQ3ZqWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZTExNzFjLTUyNzAtNDljZC05Mzc5LWI5NWIwOGEyM2FlMS8xL1FJcjBoYlQ5RHdO
eGZOU25DZThSeGgwLTlHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG1fDzANBgkqhkiG9w0BAQsFAAOC
AQEAn8+mcMI8bwBnhRppwB1xr5sctNMqa7czix43xAwQkQoCu4e7B9skjezEhe8a
YOyxaJSkWN+Uf2Mz1wtwieBXejp4zS24LiFQSQuAFz+M8Zg0hy+MLw9BvlqlIEpx
Zaw55CeeCOwE4Qq9K7J8ZJn7/YmQACTLv3tW8e9+J4FgfZhl+hrmB8VxvUd8pvp9
QiiPrUd0YuiOoRCcc7DQggaO2D6vHwPZ/Sa7JWeFuciNnoRnxWWyjoMNZyseOd96
KfUtCjF1lvzrwA8kvNCx/UvEeVHbMTSQwx7i+UWMgP8y0wwsEJ4f3dZi1aeXnjok
yHPAYsqjOAuLKPMi0WVmuPQRyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:27 2024 by rpki-client on console-fra.rpki-client.org