Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/aTDBHCEjDp07Xh2S4ORy4xq5BEQ.roa
File: aTDBHCEjDp07Xh2S4ORy4xq5BEQ.roa (raw, json)
Hash identifier: duYLq//AyhJCbNOnVhlZqXy7oUDkDgnm8XAG3bVX9wA=
Subject key identifier: 69:30:C1:1C:21:23:0E:9D:3B:5E:1D:92:E0:E4:72:E3:1A:B9:04:44
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0184BFA08B18F20E1FD1F6CD685F72702E53
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/aTDBHCEjDp07Xh2S4ORy4xq5BEQ.roa
Signing time: Mon 28 Nov 2022 19:04:40 +0000
ROA not before: Mon 28 Nov 2022 19:04:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53363
IP address blocks: 194.4.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:a0:8b:18:f2:0e:1f:d1:f6:cd:68:5f:72:70:2e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 28 19:04:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6930c11c21230e9d3b5e1d92e0e472e31ab90444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3f:d1:0d:e9:59:bc:c7:14:b5:5f:bc:07:09:
85:94:2c:1a:8a:43:94:bf:79:6e:d4:c6:d4:71:a4:
2a:e4:e9:2d:f6:57:a5:d4:55:ab:7f:f2:98:f4:38:
72:dc:e0:39:47:95:0b:15:a4:a4:fb:c4:8e:ef:3d:
ff:4d:cd:3c:c2:f7:d5:a7:b1:4e:ba:f1:60:a6:f3:
21:a1:4a:db:94:4c:0e:20:85:a0:45:b9:a5:ec:61:
91:51:3b:a0:58:1f:0a:50:c7:9b:68:2e:29:f2:fc:
d2:38:b5:82:f1:0a:79:82:be:05:75:74:eb:f0:f1:
96:fb:3a:d4:fe:70:e4:7d:50:d8:75:94:f5:9d:59:
88:7b:47:52:43:83:73:81:3e:52:98:e4:9a:12:c6:
18:f8:51:c4:0f:4e:f1:ce:ce:0b:90:21:32:d4:a7:
e2:0a:e2:70:1d:6b:98:44:50:ba:49:fe:51:16:2a:
94:cd:00:4a:2e:bd:b2:ab:f6:cd:57:41:e6:b7:20:
a5:44:13:62:09:d3:50:e1:d2:48:bb:30:1b:aa:b8:
aa:fe:81:02:d7:b6:d1:e2:ac:d0:e6:db:58:89:fb:
3a:08:fd:f7:96:09:b6:7b:53:77:d4:68:33:23:a6:
ac:c9:3d:5b:e4:96:72:39:53:ff:c9:4b:5b:dc:ca:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:30:C1:1C:21:23:0E:9D:3B:5E:1D:92:E0:E4:72:E3:1A:B9:04:44
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/aTDBHCEjDp07Xh2S4ORy4xq5BEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.50.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a9:c5:54:79:01:0b:81:b9:0f:b2:9d:4c:4c:0b:ce:7e:ef:
58:28:ec:0c:89:42:d3:f1:d7:40:e9:f6:1f:c9:ff:37:84:f9:
17:eb:c1:d8:ef:28:21:1b:4f:4d:66:3a:35:8d:0c:1d:38:4f:
67:e1:7f:4d:1b:62:2a:77:9f:5f:0d:52:9f:e0:1c:e6:02:f6:
63:a5:f6:8a:97:4a:3d:61:c2:56:3c:6b:bc:cb:87:f9:55:bf:
aa:2d:ab:8a:26:ff:63:db:52:90:60:a3:97:34:7d:11:66:b8:
c0:d3:12:b1:c5:8d:9b:cc:94:7a:c0:bc:85:da:7c:c0:a7:1e:
91:26:d1:7a:0a:cf:40:e0:38:ab:4f:0c:8d:53:6d:64:c5:6a:
d5:c4:c2:c5:22:38:ee:89:3c:1f:4f:7f:df:74:ad:e0:d7:1b:
b7:bf:c4:b8:f7:41:30:5c:3e:f7:b5:6d:3e:e7:92:d3:2e:6e:
97:84:67:fe:b9:49:56:07:c5:37:58:96:b7:c8:5e:24:fb:bc:
5f:a4:01:44:61:f5:20:bb:36:91:41:38:ea:50:30:22:ff:ce:
84:85:03:f2:3c:45:df:02:43:8c:da:07:3b:6d:db:c6:00:16:
be:fa:97:dc:b3:75:2c:72:a9:fa:d3:e5:fb:e7:98:20:95:e4:
b6:0f:a4:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS/oIsY8g4f0fbNaF9ycC5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTI4MTkwNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMwYzExYzIxMjMwZTlkM2I1ZTFkOTJlMGU0NzJlMzFhYjkwNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT/RDelZvMcUtV+8BwmFlCwaikOU
v3lu1MbUcaQq5Okt9lel1FWrf/KY9Dhy3OA5R5ULFaSk+8SO7z3/Tc08wvfVp7FO
uvFgpvMhoUrblEwOIIWgRbml7GGRUTugWB8KUMebaC4p8vzSOLWC8Qp5gr4FdXTr
8PGW+zrU/nDkfVDYdZT1nVmIe0dSQ4NzgT5SmOSaEsYY+FHED07xzs4LkCEy1Kfi
CuJwHWuYRFC6Sf5RFiqUzQBKLr2yq/bNV0HmtyClRBNiCdNQ4dJIuzAbqriq/oEC
17bR4qzQ5ttYifs6CP33lgm2e1N31GgzI6asyT1b5JZyOVP/yUtb3Mpo2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkwwRwhIw6dO14dkuDkcuMauQREMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvYVREQkhDRWpEcDA3WGgyUzRPUnk0eHE1QkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgQyMA0G
CSqGSIb3DQEBCwUAA4IBAQAAqcVUeQELgbkPsp1MTAvOfu9YKOwMiULT8ddA6fYf
yf83hPkX68HY7yghG09NZjo1jQwdOE9n4X9NG2Iqd59fDVKf4BzmAvZjpfaKl0o9
YcJWPGu8y4f5Vb+qLauKJv9j21KQYKOXNH0RZrjA0xKxxY2bzJR6wLyF2nzApx6R
JtF6Cs9A4DirTwyNU21kxWrVxMLFIjjuiTwfT3/fdK3g1xu3v8S490EwXD73tW0+
55LTLm6XhGf+uUlWB8U3WJa3yF4k+7xfpAFEYfUguzaRQTjqUDAi/86EhQPyPEXf
AkOM2gc7bdvGABa++pfcs3Uscqn60+X755ggleS2D6Tk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:42 2023 by rpki-client on console-fra.rpki-client.org