Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pPicHk6ZVsoI9hTc_5jPlanIwqk.roa
File: pPicHk6ZVsoI9hTc_5jPlanIwqk.roa (raw, json)
Hash identifier: cBH3b9ZQQrYWwVWb+a15vOXvGDXhlaOrR8mBM7l987Y=
Subject key identifier: A4:F8:9C:1E:4E:99:56:CA:08:F6:14:DC:FF:98:CF:95:A9:C8:C2:A9
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A89F5B
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pPicHk6ZVsoI9hTc_5jPlanIwqk.roa
Signing time: Sat 01 Jan 2022 07:57:08 +0000
ROA not before: Sat 01 Jan 2022 07:57:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 94.158.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94936923 (0x5a89f5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4f89c1e4e9956ca08f614dcff98cf95a9c8c2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5d:4c:81:eb:e7:c7:2a:79:fc:69:67:c6:5c:
b2:09:43:4a:12:95:ce:76:bd:5c:94:cf:c3:d4:7c:
8e:d2:31:f0:98:90:64:60:67:b2:0f:0d:97:33:42:
e2:33:95:0a:9f:1e:e6:98:b7:ea:d7:59:63:5c:0e:
67:6b:db:c6:1b:c2:26:fc:75:db:d0:ca:b2:bf:f9:
57:ae:d6:03:b5:73:18:e7:00:8d:70:19:35:ed:fe:
a5:c4:c5:91:28:66:bf:b6:33:b2:6d:4f:27:bf:ce:
10:69:f5:22:4f:7a:2c:2a:69:63:11:2d:3a:ec:17:
6f:d7:6f:4d:8f:c9:4a:b4:c4:2f:e8:b2:7a:a5:8a:
46:e0:51:58:76:02:9c:5d:45:46:74:86:16:92:4a:
d4:85:d8:86:a6:6c:23:62:38:4e:a0:99:30:db:6f:
ef:a9:e7:21:ff:78:de:57:e8:90:65:02:d0:e4:b7:
81:0c:a2:3c:45:a6:7f:f2:99:26:8b:58:57:8e:c0:
55:c6:f4:e0:1e:a5:47:df:5c:2c:69:57:eb:8d:c9:
26:55:ec:39:e5:4e:c7:87:36:12:ef:54:8e:bc:04:
26:41:e2:f4:6f:85:84:90:40:5c:ae:01:10:e7:ae:
b2:8c:ff:91:d9:9f:ee:04:7e:91:8f:3e:fd:1d:2d:
24:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F8:9C:1E:4E:99:56:CA:08:F6:14:DC:FF:98:CF:95:A9:C8:C2:A9
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pPicHk6ZVsoI9hTc_5jPlanIwqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.21.0/24
Signature Algorithm: sha256WithRSAEncryption
39:91:9f:b4:2e:60:ef:4c:24:1d:9c:51:32:8e:8a:ff:70:48:
82:b6:78:4c:3d:10:64:5d:76:37:e3:95:83:b6:54:f1:f2:22:
ae:1e:39:4c:33:a5:ef:84:da:0e:48:80:bb:9b:0f:21:6f:8c:
98:c5:1c:41:27:07:de:36:9d:24:aa:48:80:fa:f5:1d:39:52:
64:d2:4f:78:2f:85:23:d2:1c:54:42:79:0d:49:28:78:9c:ac:
8b:06:ed:21:1c:9d:df:28:21:5b:d7:ef:ee:08:25:83:9c:a0:
a0:18:40:3e:cc:ba:51:e0:5e:1d:fb:5f:b4:2d:bf:a8:5f:50:
31:49:ae:00:66:19:a1:6a:5d:24:d9:87:24:ef:3f:3c:8d:2b:
3b:90:c1:86:65:32:a5:59:bb:ff:cf:de:75:9e:1a:c2:16:38:
21:8d:19:f8:b0:7c:7a:59:4f:b1:52:47:7c:b5:9f:7b:c5:a2:
08:f8:2b:96:8b:59:18:61:29:45:db:32:8f:5c:a7:62:ce:25:
b0:51:36:4f:d7:4f:3a:82:47:22:6e:b7:85:8b:c6:93:4f:cb:
a5:93:ac:bb:ce:b6:b2:8c:bb:e8:81:1b:67:1d:09:44:6c:76:
9e:78:44:a3:ca:bb:46:ed:63:3e:9c:5e:d2:f2:43:26:12:b3:
c6:5b:22:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaifWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRmODljMWU0ZTk5
NTZjYTA4ZjYxNGRjZmY5OGNmOTVhOWM4YzJhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpdTIHr58cqefxpZ8ZcsglDShKVzna9XJTPw9R8jtIx8JiQ
ZGBnsg8NlzNC4jOVCp8e5pi36tdZY1wOZ2vbxhvCJvx129DKsr/5V67WA7VzGOcA
jXAZNe3+pcTFkShmv7Yzsm1PJ7/OEGn1Ik96LCppYxEtOuwXb9dvTY/JSrTEL+iy
eqWKRuBRWHYCnF1FRnSGFpJK1IXYhqZsI2I4TqCZMNtv76nnIf943lfokGUC0OS3
gQyiPEWmf/KZJotYV47AVcb04B6lR99cLGlX643JJlXsOeVOx4c2Eu9UjrwEJkHi
9G+FhJBAXK4BEOeusoz/kdmf7gR+kY8+/R0tJGsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSk+JweTplWygj2FNz/mM+VqcjCqTAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3BQaWNIazZaVnNvSTloVGNfNWpQbGFuSXdxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF6eFTANBgkqhkiG9w0BAQsFAAOC
AQEAOZGftC5g70wkHZxRMo6K/3BIgrZ4TD0QZF12N+OVg7ZU8fIirh45TDOl74Ta
DkiAu5sPIW+MmMUcQScH3jadJKpIgPr1HTlSZNJPeC+FI9IcVEJ5DUkoeJysiwbt
IRyd3yghW9fv7gglg5ygoBhAPsy6UeBeHftftC2/qF9QMUmuAGYZoWpdJNmHJO8/
PI0rO5DBhmUypVm7/8/edZ4awhY4IY0Z+LB8ellPsVJHfLWfe8WiCPgrlotZGGEp
Rdsyj1ynYs4lsFE2T9dPOoJHIm63hYvGk0/LpZOsu862soy76IEbZx0JRGx2nnhE
o8q7Ru1jPpxe0vJDJhKzxlsipw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-fra.rpki-client.org