Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/CaIDrjRQAdNyjq-mwjuLDyBqt0E.roa
File: CaIDrjRQAdNyjq-mwjuLDyBqt0E.roa (raw, json)
Hash identifier: cAiJa5ikMmOF3G8t3iNvFWj+BFdOo1hr5ga9IDWKIi4=
Subject key identifier: 09:A2:03:AE:34:50:01:D3:72:8E:AF:A6:C2:3B:8B:0F:20:6A:B7:41
Certificate issuer: /CN=3e482fb3c9f9af470e4e48b6df382d3d50154661
Certificate serial: 06946AA1
Authority key identifier: 3E:48:2F:B3:C9:F9:AF:47:0E:4E:48:B6:DF:38:2D:3D:50:15:46:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pkgvs8n5r0cOTki23zgtPVAVRmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/CaIDrjRQAdNyjq-mwjuLDyBqt0E.roa
Signing time: Sat 01 Jan 2022 02:55:14 +0000
ROA not before: Sat 01 Jan 2022 02:55:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56655
IP address blocks: 193.200.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110389921 (0x6946aa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e482fb3c9f9af470e4e48b6df382d3d50154661
Validity
Not Before: Jan 1 02:55:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09a203ae345001d3728eafa6c23b8b0f206ab741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:43:b9:15:05:c9:66:85:f1:90:60:0d:d4:49:
5c:a1:83:98:ef:ab:16:61:60:35:9e:1c:1c:75:db:
1f:b2:18:4d:33:2e:d9:cb:58:6f:9f:5b:65:58:bc:
22:2a:24:20:91:df:72:62:bd:a1:a6:19:37:76:c6:
de:27:ec:3d:e5:e2:1a:9f:3f:3c:32:1a:cc:27:f8:
78:af:79:bb:5b:42:fb:7c:9d:b9:5e:82:e8:c1:46:
19:4c:ff:b0:3d:f7:c4:71:58:c7:15:f4:0c:d7:a6:
83:93:89:b4:6a:07:7e:de:c3:fe:e3:74:a6:b2:42:
8e:bd:44:28:e8:36:70:d2:f4:45:54:99:a4:dd:39:
b9:e8:f4:6d:f8:d7:e4:db:04:3b:02:c3:81:de:09:
32:a8:7c:58:fc:62:5f:25:87:44:b4:2a:e8:cb:b5:
b4:4a:47:e4:59:d6:08:00:04:1b:51:99:05:62:99:
df:cf:16:64:74:88:6c:56:9f:89:4b:62:b5:30:b4:
4b:68:24:e9:b0:f9:46:41:1e:bd:bb:dd:41:40:df:
b7:ef:0f:7c:15:e7:2c:c5:c0:ee:06:d3:1d:e7:71:
76:7f:8b:d4:96:b2:b4:70:e0:28:97:a5:d5:2b:e7:
11:3c:ed:87:21:43:8d:93:a3:ca:1f:f8:1c:4c:43:
d7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A2:03:AE:34:50:01:D3:72:8E:AF:A6:C2:3B:8B:0F:20:6A:B7:41
X509v3 Authority Key Identifier:
keyid:3E:48:2F:B3:C9:F9:AF:47:0E:4E:48:B6:DF:38:2D:3D:50:15:46:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pkgvs8n5r0cOTki23zgtPVAVRmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/CaIDrjRQAdNyjq-mwjuLDyBqt0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/Pkgvs8n5r0cOTki23zgtPVAVRmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.238.0/24
Signature Algorithm: sha256WithRSAEncryption
62:96:39:41:a6:14:92:4c:e8:43:01:11:29:9d:81:af:fb:30:
70:22:3d:38:3b:0e:86:b2:2c:66:d3:c4:29:86:97:30:30:56:
31:e7:7c:8c:10:c2:ac:da:52:52:45:6a:f0:e8:34:9f:4e:40:
ea:0d:2f:af:f8:3f:ee:06:fc:3b:78:f8:d9:bd:e3:4a:9f:c4:
5d:eb:8d:76:96:ca:05:47:1e:7e:5a:59:e3:76:89:98:37:72:
c5:23:b3:45:63:fb:e6:74:8e:d9:b2:55:c2:ed:e5:dc:4e:7f:
ad:f4:fe:19:e4:5f:7d:ca:31:2a:ce:cb:b1:1f:3f:70:ff:32:
3b:f9:88:b5:38:47:00:ae:b0:77:39:54:d7:bb:b2:a7:b9:6f:
c9:5d:18:8a:4d:ee:dc:40:7e:15:18:01:d7:95:f3:64:0a:36:
72:d0:91:2a:18:6c:fb:7f:31:20:8d:7a:d9:25:04:ff:b0:f4:
90:02:0f:14:45:e9:87:11:d8:13:9d:52:b0:4c:96:9b:e2:36:
1b:d6:31:f2:3d:43:86:89:0d:be:60:af:f2:17:82:3d:88:46:
c3:54:f6:1b:aa:41:dd:35:d6:9c:df:48:62:3b:96:08:67:16:
a0:1d:1d:55:b0:af:5b:82:51:60:00:4e:a3:fa:bf:ff:a9:e9:
1f:d2:98:d3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBpRqoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTQ4MmZiM2M5ZjlhZjQ3MGU0ZTQ4YjZkZjM4MmQzZDUwMTU0NjYxMB4XDTIyMDEw
MTAyNTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlhMjAzYWUzNDUw
MDFkMzcyOGVhZmE2YzIzYjhiMGYyMDZhYjc0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9DuRUFyWaF8ZBgDdRJXKGDmO+rFmFgNZ4cHHXbH7IYTTMu
2ctYb59bZVi8IiokIJHfcmK9oaYZN3bG3ifsPeXiGp8/PDIazCf4eK95u1tC+3yd
uV6C6MFGGUz/sD33xHFYxxX0DNemg5OJtGoHft7D/uN0prJCjr1EKOg2cNL0RVSZ
pN05uej0bfjX5NsEOwLDgd4JMqh8WPxiXyWHRLQq6Mu1tEpH5FnWCAAEG1GZBWKZ
388WZHSIbFafiUtitTC0S2gk6bD5RkEevbvdQUDft+8PfBXnLMXA7gbTHedxdn+L
1JaytHDgKJel1SvnETzthyFDjZOjyh/4HExD140CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJogOuNFAB03KOr6bCO4sPIGq3QTAfBgNVHSMEGDAWgBQ+SC+zyfmvRw5O
SLbfOC09UBVGYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BrZ3ZzOG41cjBjT1RraTIzemd0UFZBVlJtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvNTQzYjE1LWZiMWItNDQ1Zi04YWE0LWRiNGQ3MTQ4NTliNS8x
L0NhSURyalJRQWROeWpxLW13anVMRHlCcXQwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
NTQzYjE1LWZiMWItNDQ1Zi04YWE0LWRiNGQ3MTQ4NTliNS8xL1BrZ3ZzOG41cjBj
T1RraTIzemd0UFZBVlJtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHI7jANBgkqhkiG9w0BAQsFAAOC
AQEAYpY5QaYUkkzoQwERKZ2Br/swcCI9ODsOhrIsZtPEKYaXMDBWMed8jBDCrNpS
UkVq8Og0n05A6g0vr/g/7gb8O3j42b3jSp/EXeuNdpbKBUceflpZ43aJmDdyxSOz
RWP75nSO2bJVwu3l3E5/rfT+GeRffcoxKs7LsR8/cP8yO/mItThHAK6wdzlU17uy
p7lvyV0Yik3u3EB+FRgB15XzZAo2ctCRKhhs+38xII162SUE/7D0kAIPFEXphxHY
E51SsEyWm+I2G9Yx8j1DhokNvmCv8heCPYhGw1T2G6pB3TXWnN9IYjuWCGcWoB0d
VbCvW4JRYABOo/q//6npH9KY0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:12 2024 by rpki-client on console-fra.rpki-client.org