Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/R7mh3nIH58I41h43ABVKcsDlfeg.roa
File: R7mh3nIH58I41h43ABVKcsDlfeg.roa (raw, json)
Hash identifier: qYOXh+AKtK4iiXhm8GEaXRKRAjlDYFgKFj5+z4YSSEk=
Subject key identifier: 47:B9:A1:DE:72:07:E7:C2:38:D6:1E:37:00:15:4A:72:C0:E5:7D:E8
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 059669B9
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/R7mh3nIH58I41h43ABVKcsDlfeg.roa
Signing time: Sat 01 Jan 2022 06:05:27 +0000
ROA not before: Sat 01 Jan 2022 06:05:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213250
IP address blocks: 134.255.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93743545 (0x59669b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 1 06:05:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47b9a1de7207e7c238d61e3700154a72c0e57de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b2:af:4f:84:59:d4:1b:db:30:a2:a7:f3:87:
e2:fc:a4:71:b9:18:8e:d4:f7:e3:12:d1:e0:4d:d2:
50:16:45:24:45:84:c5:11:fc:fd:62:3f:b3:50:0d:
35:8e:f7:f5:fc:08:0a:09:4e:58:a5:e5:87:4c:e9:
a2:52:df:e4:75:68:38:17:da:ec:ad:6a:1e:eb:d9:
20:9a:76:24:c8:86:c7:65:bd:1b:b9:a9:f2:f6:ca:
4e:28:4d:dd:72:67:c8:48:62:e4:87:75:52:fa:d6:
51:e2:46:50:a6:1a:67:0b:9b:b7:1a:12:67:bc:05:
e8:3d:96:e7:d5:91:62:75:b1:b1:e0:8b:8c:13:fe:
1c:e9:48:3f:ac:59:46:92:65:80:ab:59:fa:e3:1e:
eb:ba:18:dc:ae:bf:b8:81:8c:93:bf:ef:20:90:10:
3b:76:1e:ac:cd:6f:5c:ab:54:18:db:2f:ae:79:55:
d4:64:02:57:7d:3c:dc:d6:51:54:43:57:26:5d:2c:
f3:3b:be:56:e2:9c:19:92:c3:af:46:1e:3a:ec:77:
8c:ed:7d:e7:35:d9:c2:bd:06:60:98:95:f5:a3:19:
b5:d5:e6:38:54:c6:16:bf:ac:3d:4a:dd:b8:c6:fe:
a3:2c:1c:76:35:61:f0:d3:75:93:6f:ad:bd:90:c6:
3c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B9:A1:DE:72:07:E7:C2:38:D6:1E:37:00:15:4A:72:C0:E5:7D:E8
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/R7mh3nIH58I41h43ABVKcsDlfeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.255.235.0/24
Signature Algorithm: sha256WithRSAEncryption
37:63:9e:c1:11:f6:fd:d7:19:d4:70:bb:47:94:75:ec:9f:56:
95:95:e1:d1:02:6a:f7:4d:ba:e5:c1:64:66:50:fe:c3:90:0e:
45:39:3d:be:b3:0c:e3:c2:b9:d6:a7:71:35:37:d9:88:0d:f1:
5c:54:dd:ea:29:d2:6c:28:4f:58:71:89:ae:d1:9a:8b:f6:31:
8d:24:63:bc:8f:a4:a9:80:fd:bb:77:77:d9:80:66:6d:86:11:
c1:7d:24:ab:82:33:1a:06:e2:0c:55:2d:76:6d:04:97:0d:a4:
2c:a4:ad:cd:4a:ba:3e:92:58:1b:e7:5e:f8:7b:cb:c7:aa:08:
6c:a7:b5:e3:99:79:fb:b1:e8:70:13:df:af:da:e4:3b:65:df:
fb:a6:90:5f:af:ce:9f:ae:c0:69:4c:b4:d6:a1:c7:a1:ab:7b:
5d:84:43:b9:12:8a:dd:e1:79:9f:7e:7d:48:16:48:c1:d2:f0:
ac:85:96:cf:77:5e:aa:52:77:1f:4a:ed:32:1c:c4:5c:e9:f0:
1c:65:1a:0a:ba:bf:89:23:d1:85:30:e4:66:ab:14:4e:7f:fb:
67:37:46:9c:18:fc:4b:f8:b5:0b:c3:75:a2:5e:d7:ca:95:f9:
cb:57:f6:7f:01:e0:22:d8:28:ef:9b:7d:5c:f5:75:d2:66:e7:
f1:f2:e8:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZZpuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTM3NmM4MDA4ZDZhYmQ5NjIzNDE1NjNkZDJhNGRjY2FmMTUzY2JhMB4XDTIyMDEw
MTA2MDUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdiOWExZGU3MjA3
ZTdjMjM4ZDYxZTM3MDAxNTRhNzJjMGU1N2RlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGyr0+EWdQb2zCip/OH4vykcbkYjtT34xLR4E3SUBZFJEWE
xRH8/WI/s1ANNY739fwICglOWKXlh0zpolLf5HVoOBfa7K1qHuvZIJp2JMiGx2W9
G7mp8vbKTihN3XJnyEhi5Id1UvrWUeJGUKYaZwubtxoSZ7wF6D2W59WRYnWxseCL
jBP+HOlIP6xZRpJlgKtZ+uMe67oY3K6/uIGMk7/vIJAQO3YerM1vXKtUGNsvrnlV
1GQCV3083NZRVENXJl0s8zu+VuKcGZLDr0YeOux3jO195zXZwr0GYJiV9aMZtdXm
OFTGFr+sPUrduMb+oywcdjVh8NN1k2+tvZDGPM0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRHuaHecgfnwjjWHjcAFUpywOV96DAfBgNVHSMEGDAWgBRaN2yACNar2WI0
FWPdKk3MrxU8ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dqZHNnQWpXcTlsaU5CVmozU3BOeks4VlBMby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvY2FhNzQzLTFjMTMtNGEyNS05ZjZhLTY1YmU1NTAzMTY1ZC8x
L1I3bWgzbklINThJNDFoNDNBQlZLY3NEbGZlZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
Y2FhNzQzLTFjMTMtNGEyNS05ZjZhLTY1YmU1NTAzMTY1ZC8xL1dqZHNnQWpXcTls
aU5CVmozU3BOeks4VlBMby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIb/6zANBgkqhkiG9w0BAQsFAAOC
AQEAN2OewRH2/dcZ1HC7R5R17J9WlZXh0QJq90265cFkZlD+w5AORTk9vrMM48K5
1qdxNTfZiA3xXFTd6inSbChPWHGJrtGai/YxjSRjvI+kqYD9u3d32YBmbYYRwX0k
q4IzGgbiDFUtdm0Elw2kLKStzUq6PpJYG+de+HvLx6oIbKe145l5+7HocBPfr9rk
O2Xf+6aQX6/On67AaUy01qHHoat7XYRDuRKK3eF5n359SBZIwdLwrIWWz3deqlJ3
H0rtMhzEXOnwHGUaCrq/iSPRhTDkZqsUTn/7ZzdGnBj8S/i1C8N1ol7XypX5y1f2
fwHgItgo75t9XPV10mbn8fLo1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org