Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-uKqcrZXsZZOU7tP4r_2yugH6A8.roa
File: 1-uKqcrZXsZZOU7tP4r_2yugH6A8.roa (raw, json)
Hash identifier: mqxLdxke8Cng73pt5f0LXRYYH3PSeFIaQLeB+U1TTIw=
Subject key identifier: FA:E2:AA:72:B6:57:B1:96:4E:53:BB:4F:E2:BF:F6:CA:E8:07:E8:0F
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0184391864B4E8F63FBAFD8392BB6AFBFE79
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-uKqcrZXsZZOU7tP4r_2yugH6A8.roa
Signing time: Wed 02 Nov 2022 16:06:50 +0000
ROA not before: Wed 02 Nov 2022 16:06:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50564
IP address blocks: 176.227.156.0/24 maxlen: 24
178.156.77.0/24 maxlen: 24
86.104.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:39:18:64:b4:e8:f6:3f:ba:fd:83:92:bb:6a:fb:fe:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Nov 2 16:06:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fae2aa72b657b1964e53bb4fe2bff6cae807e80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b3:78:98:ee:81:78:cb:0e:68:e6:07:ea:6b:
52:ad:d9:c9:33:0c:4b:f0:d7:8d:1a:f1:ed:ba:5d:
8d:d4:7d:10:34:10:ee:c1:92:f1:4a:c5:58:58:ff:
b3:19:b2:45:3b:91:dc:7c:f3:49:24:e7:81:5c:c5:
26:fb:7d:39:85:a4:c4:45:fe:02:0a:cd:ce:5f:8f:
37:e4:a3:71:c1:e9:4a:e8:0a:41:cd:ad:0d:ed:16:
f4:84:1e:29:18:03:30:5b:f0:87:bb:28:f7:70:b3:
b9:29:5c:8a:6d:36:d5:c0:85:1c:7c:9a:17:12:0f:
c8:ff:13:26:39:4d:db:43:ce:61:61:73:c3:66:b5:
30:98:0e:9f:66:b3:9f:ee:fd:ae:1e:df:bd:97:af:
f3:e7:05:27:05:42:10:8d:9c:7a:aa:b0:da:95:75:
5f:59:02:68:4b:01:fa:28:3e:f4:22:45:30:f3:d4:
25:b4:e1:bb:54:cc:6c:28:47:24:e4:b4:c8:f5:b0:
28:7e:6a:20:bf:be:48:98:23:86:d7:90:21:5c:fb:
a7:2a:78:9e:da:2d:20:dd:12:f8:d3:ea:0a:5f:a8:
00:f5:10:2e:d7:78:7f:8c:de:e7:69:2a:22:cd:76:
99:82:18:95:f4:c2:19:cb:e9:45:8b:d7:99:0e:69:
e3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E2:AA:72:B6:57:B1:96:4E:53:BB:4F:E2:BF:F6:CA:E8:07:E8:0F
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-uKqcrZXsZZOU7tP4r_2yugH6A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.25.0/24
176.227.156.0/24
178.156.77.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:7d:95:74:e3:f1:51:b4:21:e8:83:7f:4f:bf:9d:09:de:1c:
ee:b7:96:43:92:b0:6b:d3:a1:4e:17:b7:c0:bd:9c:ec:ea:6c:
10:68:53:65:f2:d5:ee:bb:3c:80:a9:51:7d:a1:a5:d4:95:09:
a7:91:34:ba:2d:3d:0d:ac:09:06:2f:a0:c8:4b:38:b0:e8:32:
4d:e2:e5:0b:f2:68:3c:fa:ba:cc:a4:7b:c1:ab:f3:87:27:4a:
62:cc:4b:19:a7:eb:09:b6:3f:08:04:79:17:50:7b:fc:9e:d4:
cc:67:2a:5b:8f:b8:63:ab:03:49:c6:50:59:d5:c2:81:de:7a:
cc:07:02:ae:df:30:72:d9:c7:d0:04:c6:85:67:54:01:32:9a:
ea:94:0e:55:37:b9:1e:af:e2:cd:b7:0f:a3:67:76:ed:b8:46:
10:9b:bc:60:cd:d5:98:dc:55:83:da:2d:de:29:ba:cf:9a:07:
b6:f0:73:35:1a:ed:cb:0f:d1:e6:f3:96:5d:e2:7e:30:1d:36:
6e:cd:cf:80:40:1d:a8:a4:96:20:ca:78:a5:c7:51:ec:4c:f7:
6e:a7:6d:34:c0:3b:e2:e8:f8:00:27:fa:69:8e:d4:6c:f7:70:
eb:55:43:fd:69:3c:e2:f9:4e:b1:bd:c4:62:a6:f2:90:f4:70:
34:61:c5:15
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYQ5GGS06PY/uv2Dkrtq+/55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjIxMTAyMTYwNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWUyYWE3MmI2NTdiMTk2NGU1M2JiNGZlMmJmZjZjYWU4MDdlODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bN4mO6BeMsOaOYH6mtSrdnJMwxL
8NeNGvHtul2N1H0QNBDuwZLxSsVYWP+zGbJFO5HcfPNJJOeBXMUm+305haTERf4C
Cs3OX4835KNxwelK6ApBza0N7Rb0hB4pGAMwW/CHuyj3cLO5KVyKbTbVwIUcfJoX
Eg/I/xMmOU3bQ85hYXPDZrUwmA6fZrOf7v2uHt+9l6/z5wUnBUIQjZx6qrDalXVf
WQJoSwH6KD70IkUw89QltOG7VMxsKEck5LTI9bAofmogv75ImCOG15AhXPunKnie
2i0g3RL40+oKX6gA9RAu13h/jN7naSoizXaZghiV9MIZy+lFi9eZDmnjUwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPriqnK2V7GWTlO7T+K/9sroB+gPMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvMS11S3FjclpYc1paT1U3dFA0cl8yeXVnSDZBOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2Jh
MS8xLzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFZoGQME
ALDjnAMEALKcTTANBgkqhkiG9w0BAQsFAAOCAQEAKn2VdOPxUbQh6IN/T7+dCd4c
7reWQ5Kwa9OhThe3wL2c7OpsEGhTZfLV7rs8gKlRfaGl1JUJp5E0ui09DawJBi+g
yEs4sOgyTeLlC/JoPPq6zKR7wavzhydKYsxLGafrCbY/CAR5F1B7/J7UzGcqW4+4
Y6sDScZQWdXCgd56zAcCrt8wctnH0ATGhWdUATKa6pQOVTe5Hq/izbcPo2d27bhG
EJu8YM3VmNxVg9ot3im6z5oHtvBzNRrtyw/R5vOWXeJ+MB02bs3PgEAdqKSWIMp4
pcdR7Ez3bqdtNMA74uj4ACf6aY7UbPdw61VD/Wk84vlOsb3EYqbykPRwNGHFFQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org