Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/F_Gy5kdT67uJgDVC2lswS1d1f84.roa
File: F_Gy5kdT67uJgDVC2lswS1d1f84.roa (raw, json)
Hash identifier: owmXf+gEMH59V73ERPPhQLePIfgXexFT8/itbIH5Yno=
Subject key identifier: 17:F1:B2:E6:47:53:EB:BB:89:80:35:42:DA:5B:30:4B:57:75:7F:CE
Certificate issuer: /CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Certificate serial: 01854FB8FF536BE7610DD72B05D62ABB90C6
Authority key identifier: 09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/F_Gy5kdT67uJgDVC2lswS1d1f84.roa
Signing time: Mon 26 Dec 2022 18:36:41 +0000
ROA not before: Mon 26 Dec 2022 18:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201128
IP address blocks: 194.110.168.0/24 maxlen: 24
194.110.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4f:b8:ff:53:6b:e7:61:0d:d7:2b:05:d6:2a:bb:90:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Validity
Not Before: Dec 26 18:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17f1b2e64753ebbb89803542da5b304b57757fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:9f:bd:be:fe:94:38:d7:22:4e:88:ab:90:
5e:e9:9b:7c:9d:5d:66:ad:17:c1:1d:a6:2e:ea:8c:
09:fa:f9:43:33:8b:cf:5b:2c:17:bc:df:43:a3:61:
e1:58:87:99:98:c8:6f:c5:e7:cc:86:4a:1e:d1:2b:
7e:b1:aa:f1:33:29:c0:c3:81:c1:c7:42:c4:7b:84:
ae:1e:c8:cd:c9:b7:1e:db:6b:fa:21:0b:89:13:25:
cd:b7:0e:45:21:21:d1:1d:54:c0:6c:14:36:07:6a:
6a:9e:bf:f9:ed:a2:47:55:41:cc:c9:30:a8:07:4c:
3f:33:28:00:e0:49:65:84:59:57:d8:37:a2:99:89:
4b:29:ae:d3:aa:8e:9a:2b:5f:76:1f:4d:44:ed:f7:
b8:dc:4b:55:e1:08:7b:28:06:66:b0:10:ca:db:a0:
89:e2:1b:f4:29:d3:44:0c:bc:60:0b:93:62:7a:ea:
88:94:da:bb:72:9e:0f:dd:48:14:8c:c0:2c:3d:74:
ce:cd:d7:0e:ea:e1:9c:db:de:dd:6d:02:0f:d6:ef:
d6:af:a1:8e:75:13:12:cc:2e:60:67:ee:2f:6e:13:
dd:ff:f1:c7:a8:d0:e7:ed:ca:b4:c9:73:21:38:70:
50:3d:a1:eb:11:b5:b8:0e:94:5c:15:2f:24:c6:6b:
f3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F1:B2:E6:47:53:EB:BB:89:80:35:42:DA:5B:30:4B:57:75:7F:CE
X509v3 Authority Key Identifier:
keyid:09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/F_Gy5kdT67uJgDVC2lswS1d1f84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.168.0/24
194.110.170.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:a4:b8:14:f6:d7:14:cc:a3:e8:0c:88:c8:11:7a:93:58:c4:
bf:4d:ef:74:9b:11:77:71:22:d3:86:83:14:2d:b3:4d:7b:6f:
2d:69:ed:51:07:dd:c2:d9:b1:62:9f:ef:e2:e3:0e:74:e1:fe:
1d:6e:b3:24:1f:1c:da:f4:fa:21:8d:a7:af:11:48:6b:ad:70:
46:85:d2:fb:e1:b0:97:0c:f0:67:83:5d:7f:df:bc:f4:d6:5d:
db:56:38:be:69:0f:b8:6d:ea:7d:46:d4:2c:53:12:d3:90:b3:
2c:19:10:13:38:4c:e4:56:63:50:f6:34:97:af:cf:a5:e8:9c:
7a:98:43:93:62:1f:e2:67:b7:03:d3:a7:07:d2:ef:eb:c0:17:
39:76:6f:b8:66:b2:ec:b7:06:ec:fa:eb:33:4d:0c:ca:b9:35:
50:7e:05:36:7d:44:b9:57:90:07:10:93:07:ef:8b:93:11:8d:
8e:a2:04:11:5c:7d:97:57:b4:d8:00:1c:f9:2d:dc:ee:53:1e:
c9:95:99:3d:14:f7:cf:34:ed:45:9e:65:6f:9f:48:3d:68:42:
35:b8:c3:33:70:53:63:ce:1a:f0:dd:c5:a0:3f:62:68:5e:78:
5a:84:31:8d:7f:63:46:f8:0b:d7:b8:5e:cf:25:d6:69:e5:e3:
dc:45:33:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVPuP9Ta+dhDdcrBdYqu5DGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MjUzODg2YTAyNTBhMDRlYzY5YmUwMGJiZjg0MzNjMmYw
MTRiN2MwHhcNMjIxMjI2MTgzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2YxYjJlNjQ3NTNlYmJiODk4MDM1NDJkYTViMzA0YjU3NzU3ZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQSfvb7+lDjXIk6Iq5Be6Zt8nV1m
rRfBHaYu6owJ+vlDM4vPWywXvN9Do2HhWIeZmMhvxefMhkoe0St+sarxMynAw4HB
x0LEe4SuHsjNybce22v6IQuJEyXNtw5FISHRHVTAbBQ2B2pqnr/57aJHVUHMyTCo
B0w/MygA4EllhFlX2DeimYlLKa7Tqo6aK192H01E7fe43EtV4Qh7KAZmsBDK26CJ
4hv0KdNEDLxgC5NieuqIlNq7cp4P3UgUjMAsPXTOzdcO6uGc297dbQIP1u/Wr6GO
dRMSzC5gZ+4vbhPd//HHqNDn7cq0yXMhOHBQPaHrEbW4DpRcFS8kxmvzmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBfxsuZHU+u7iYA1QtpbMEtXdX/OMB8GA1UdIwQY
MBaAFAklOIagJQoE7Gm+ALv4QzwvAUt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAt
MTE0YWQ0MWNmMzMxLzEvRl9HeTVrZFQ2N3VKZ0RWQzJsc3dTMWQxZjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAtMTE0YWQ0MWNmMzMx
LzEvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwm6oAwQA
wm6qMA0GCSqGSIb3DQEBCwUAA4IBAQC7pLgU9tcUzKPoDIjIEXqTWMS/Te90mxF3
cSLThoMULbNNe28tae1RB93C2bFin+/i4w504f4dbrMkHxza9PohjaevEUhrrXBG
hdL74bCXDPBng11/37z01l3bVji+aQ+4bep9RtQsUxLTkLMsGRATOEzkVmNQ9jSX
r8+l6Jx6mEOTYh/iZ7cD06cH0u/rwBc5dm+4ZrLstwbs+uszTQzKuTVQfgU2fUS5
V5AHEJMH74uTEY2OogQRXH2XV7TYABz5LdzuUx7JlZk9FPfPNO1FnmVvn0g9aEI1
uMMzcFNjzhrw3cWgP2JoXnhahDGNf2NG+AvXuF7PJdZp5ePcRTNy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org