Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/rFZ2IKVdhBI9l95nCZlPcBxMZEg.roa
File: rFZ2IKVdhBI9l95nCZlPcBxMZEg.roa (raw, json)
Hash identifier: zy/9NLlT+3+ntvoXeWAm0fkql52dbcXgJ7cV7d12NqQ=
Subject key identifier: AC:56:76:20:A5:5D:84:12:3D:97:DE:67:09:99:4F:70:1C:4C:64:48
Certificate issuer: /CN=60325c21d2fafe743398dc1e5574433280110469
Certificate serial: 0506784F
Authority key identifier: 60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/rFZ2IKVdhBI9l95nCZlPcBxMZEg.roa
Signing time: Sat 01 Jan 2022 02:55:01 +0000
ROA not before: Sat 01 Jan 2022 02:55:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 195.10.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84310095 (0x506784f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60325c21d2fafe743398dc1e5574433280110469
Validity
Not Before: Jan 1 02:55:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac567620a55d84123d97de6709994f701c4c6448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d3:80:d8:7b:42:39:2e:c2:06:7c:a2:1a:26:
38:9b:5a:17:8e:36:11:4a:f4:dd:e9:5e:2e:e3:f8:
8a:62:df:d1:68:bd:c9:30:f1:2c:d3:ec:78:f8:39:
57:22:fb:fd:23:a9:5f:c4:36:a9:09:07:29:c7:63:
81:ee:cb:bb:ff:79:5e:df:96:7c:e7:2b:0c:5d:fd:
01:18:bc:38:70:92:e4:9b:aa:09:30:a0:90:2f:62:
be:33:38:ae:33:bb:29:ad:47:b4:67:f8:2a:62:57:
f9:eb:36:5e:f2:ab:a8:54:24:3f:80:c4:81:35:f0:
fe:45:8a:b4:69:f8:b9:71:4b:3f:03:4c:42:5d:6e:
78:45:4c:e4:be:6d:f5:a8:1b:08:11:bb:e7:11:08:
fc:4f:d8:0d:a8:3a:d2:07:08:3e:ac:72:c5:8a:01:
c0:9f:fc:af:a4:77:bb:a9:41:62:d6:1e:67:9f:af:
b2:a3:bc:f6:95:28:81:fa:c5:53:f5:c5:7f:5e:e8:
67:cd:a3:11:09:92:46:d9:6b:01:71:f3:4d:6c:9c:
e8:08:54:18:8f:0b:6a:98:85:d5:a0:13:b0:59:65:
0b:bd:8b:ca:91:e3:a8:d4:4f:ee:f8:63:32:48:4c:
97:2f:92:47:84:d7:24:36:68:32:43:83:31:89:74:
ae:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:56:76:20:A5:5D:84:12:3D:97:DE:67:09:99:4F:70:1C:4C:64:48
X509v3 Authority Key Identifier:
keyid:60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/rFZ2IKVdhBI9l95nCZlPcBxMZEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/YDJcIdL6_nQzmNweVXRDMoARBGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.10.217.0/24
Signature Algorithm: sha256WithRSAEncryption
09:b5:92:ad:12:5e:a5:72:04:ed:e4:00:c6:ad:5d:a2:00:43:
bb:6e:4e:d5:40:6b:a6:6e:36:7c:f3:cb:43:a5:6b:8d:87:fd:
c1:6c:12:9f:f8:3f:df:da:f3:05:95:5b:8f:52:00:6a:b8:b0:
c1:4a:3c:d4:0f:d1:13:4d:88:03:89:fe:f8:30:86:4b:f6:5d:
f0:3b:37:b7:35:d4:2f:1c:43:0e:85:b9:0e:56:85:31:02:62:
20:37:dd:d4:1c:75:fb:14:1d:a3:af:38:8a:9f:2b:f1:75:3f:
79:75:e7:81:3a:9d:4a:7e:35:92:dd:c3:59:c9:50:38:63:87:
68:42:e9:c1:cd:5a:f2:1f:d3:2a:1f:b3:49:c7:71:b2:09:0a:
2c:ed:ce:aa:3e:01:40:6c:16:42:ac:96:25:42:4b:4c:30:64:
4b:bc:c1:8d:17:65:bb:59:7b:46:ff:aa:fc:d9:09:f4:4c:69:
ab:66:6b:6a:ce:1c:f7:d7:84:81:1d:7f:f3:2a:e4:04:2a:aa:
ff:d8:d6:7f:86:58:8b:df:38:ee:07:f5:06:0b:82:13:f3:48:
c3:66:74:a9:71:0d:6b:66:ee:1a:bd:26:87:dc:6a:94:7b:09:
41:9f:d4:20:b1:49:a9:2c:9b:4b:f7:80:c8:5a:3e:bc:ad:a5:
ce:0a:0f:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQZ4TzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDMyNWMyMWQyZmFmZTc0MzM5OGRjMWU1NTc0NDMzMjgwMTEwNDY5MB4XDTIyMDEw
MTAyNTUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM1Njc2MjBhNTVk
ODQxMjNkOTdkZTY3MDk5OTRmNzAxYzRjNjQ0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPTgNh7QjkuwgZ8ohomOJtaF442EUr03eleLuP4imLf0Wi9
yTDxLNPsePg5VyL7/SOpX8Q2qQkHKcdjge7Lu/95Xt+WfOcrDF39ARi8OHCS5Juq
CTCgkC9ivjM4rjO7Ka1HtGf4KmJX+es2XvKrqFQkP4DEgTXw/kWKtGn4uXFLPwNM
Ql1ueEVM5L5t9agbCBG75xEI/E/YDag60gcIPqxyxYoBwJ/8r6R3u6lBYtYeZ5+v
sqO89pUogfrFU/XFf17oZ82jEQmSRtlrAXHzTWyc6AhUGI8LapiF1aATsFllC72L
ypHjqNRP7vhjMkhMly+SR4TXJDZoMkODMYl0rosCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsVnYgpV2EEj2X3mcJmU9wHExkSDAfBgNVHSMEGDAWgBRgMlwh0vr+dDOY
3B5VdEMygBEEaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lESmNJZEw2X25Rem1Od2VWWFJETW9BUkJHay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvZjI3NzBiLWRhMTktNDc5MC1hNDk0LWM1OGU5NWNkNDI3Ny8x
L3JGWjJJS1ZkaEJJOWw5NW5DWmxQY0J4TVpFZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
ZjI3NzBiLWRhMTktNDc5MC1hNDk0LWM1OGU5NWNkNDI3Ny8xL1lESmNJZEw2X25R
em1Od2VWWFJETW9BUkJHay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMK2TANBgkqhkiG9w0BAQsFAAOC
AQEACbWSrRJepXIE7eQAxq1dogBDu25O1UBrpm42fPPLQ6VrjYf9wWwSn/g/39rz
BZVbj1IAariwwUo81A/RE02IA4n++DCGS/Zd8Ds3tzXULxxDDoW5DlaFMQJiIDfd
1Bx1+xQdo684ip8r8XU/eXXngTqdSn41kt3DWclQOGOHaELpwc1a8h/TKh+zScdx
sgkKLO3Oqj4BQGwWQqyWJUJLTDBkS7zBjRdlu1l7Rv+q/NkJ9Expq2Zras4c99eE
gR1/8yrkBCqq/9jWf4ZYi9847gf1BguCE/NIw2Z0qXENa2buGr0mh9xqlHsJQZ/U
ILFJqSybS/eAyFo+vK2lzgoP2w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:48 2023 by rpki-client on console-ams.rpki-client.org