Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pNg8yGZHmJ_seq9b4Vx0p_lPw6w.roa
File: pNg8yGZHmJ_seq9b4Vx0p_lPw6w.roa (raw, json)
Hash identifier: 1SYwmrZh0PrKntWsyZ1gHoH6UUP3lwfRBaUlNa98J28=
Subject key identifier: A4:D8:3C:C8:66:47:98:9F:EC:7A:AF:5B:E1:5C:74:A7:F9:4F:C3:AC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018467A7D73BBFC75E4D5A68DAC9B2830CB5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pNg8yGZHmJ_seq9b4Vx0p_lPw6w.roa
Signing time: Fri 11 Nov 2022 17:06:03 +0000
ROA not before: Fri 11 Nov 2022 17:06:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35619
IP address blocks: 193.58.239.0/24 maxlen: 24
2a10:ccc2::/36 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:67:a7:d7:3b:bf:c7:5e:4d:5a:68:da:c9:b2:83:0c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 11 17:06:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4d83cc86647989fec7aaf5be15c74a7f94fc3ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6c:99:51:e5:51:a5:d7:af:be:12:96:24:1f:
81:7c:33:52:9a:10:a8:39:76:06:36:4f:23:63:f7:
d4:27:02:d7:61:9f:75:f3:8e:37:70:96:e1:46:19:
3e:2f:53:88:6d:f5:b0:34:99:a1:4d:5a:27:35:20:
5d:e4:b7:14:53:67:ae:4f:ff:af:cb:1a:0b:5b:21:
9e:49:3e:43:f8:54:5a:f6:73:29:22:7c:f4:ac:f6:
df:57:31:34:f9:f8:c9:18:b0:fa:68:52:dd:47:7a:
ec:ca:83:6d:13:f6:96:01:27:0f:c4:32:c9:1c:8f:
69:79:8e:d1:00:9d:99:f5:ff:39:90:71:0d:18:6f:
67:8d:35:40:b7:1e:dc:ef:2a:a7:5b:f2:59:39:c0:
22:6f:6c:76:4b:e0:a6:e7:cd:f7:07:5b:45:4e:7c:
fb:97:d2:f2:e1:0f:a1:93:b7:e6:a0:95:58:2a:1c:
e5:34:c9:30:48:8e:95:16:79:1b:a9:b4:5b:1a:32:
b6:3e:c6:ee:28:1f:39:69:8f:5c:d3:02:40:c1:6c:
a9:2c:5c:f8:1a:af:14:2b:b4:00:14:18:dc:b1:77:
89:67:85:a8:4d:db:d5:c2:ed:a0:44:00:0c:55:ea:
d0:c0:c2:d2:ca:2d:06:fe:35:02:b5:87:ed:ee:3e:
1a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D8:3C:C8:66:47:98:9F:EC:7A:AF:5B:E1:5C:74:A7:F9:4F:C3:AC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pNg8yGZHmJ_seq9b4Vx0p_lPw6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.239.0/24
IPv6:
2a10:ccc2::/36
Signature Algorithm: sha256WithRSAEncryption
8a:22:95:7e:14:91:c1:4e:58:a9:df:1e:8c:f9:1a:11:a6:6f:
66:8b:0b:00:ae:a2:20:f1:32:47:3b:82:67:8b:ea:a1:38:d7:
67:fb:21:9e:d6:33:37:bb:10:c4:a2:06:f1:ae:ed:fc:2d:e7:
cd:c2:c8:8e:ea:bf:71:75:80:ff:fa:a9:b1:1f:43:ed:60:40:
2d:91:00:6f:17:b5:a2:c4:6e:23:cc:6c:f9:51:02:fe:c2:72:
6d:05:e5:36:f9:6d:12:02:61:66:3e:07:0c:1e:ab:37:96:f6:
3c:bb:cf:5c:12:fd:74:4b:2e:7c:66:b6:9f:95:42:1c:87:ea:
3f:95:6e:2f:61:d9:ad:ac:c6:b5:5e:a0:1a:c2:0b:2c:33:fd:
6c:9d:5a:ba:71:5d:6a:85:22:91:b1:f5:17:1f:f1:71:80:91:
aa:2a:1d:e9:ca:5d:ed:06:47:8d:67:58:d5:1e:93:5a:b1:f6:
ba:3d:7f:2a:28:5d:04:fc:f3:da:1f:82:c9:f8:a1:db:69:1d:
66:8a:c7:20:41:1f:f9:f2:bc:71:84:49:7d:37:33:62:cb:12:
23:c5:da:9d:84:c6:23:52:cb:68:e9:79:98:27:5a:c3:e5:9b:
38:94:4d:8f:0c:9d:55:a6:a9:ab:d1:fc:b9:0f:5b:d4:40:fc:
99:84:82:82
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYRnp9c7v8deTVpo2smygwy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTExMTcwNjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQ4M2NjODY2NDc5ODlmZWM3YWFmNWJlMTVjNzRhN2Y5NGZjM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWyZUeVRpdevvhKWJB+BfDNSmhCo
OXYGNk8jY/fUJwLXYZ918443cJbhRhk+L1OIbfWwNJmhTVonNSBd5LcUU2euT/+v
yxoLWyGeST5D+FRa9nMpInz0rPbfVzE0+fjJGLD6aFLdR3rsyoNtE/aWAScPxDLJ
HI9peY7RAJ2Z9f85kHENGG9njTVAtx7c7yqnW/JZOcAib2x2S+Cm5833B1tFTnz7
l9Ly4Q+hk7fmoJVYKhzlNMkwSI6VFnkbqbRbGjK2PsbuKB85aY9c0wJAwWypLFz4
Gq8UK7QAFBjcsXeJZ4WoTdvVwu2gRAAMVerQwMLSyi0G/jUCtYft7j4aEwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKTYPMhmR5if7HqvW+FcdKf5T8OsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcE5nOHlHWkhtSl9zZXE5YjRWeDBwX2xQdzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwTrvMA4E
AgACMAgDBgQqEMzCADANBgkqhkiG9w0BAQsFAAOCAQEAiiKVfhSRwU5Yqd8ejPka
EaZvZosLAK6iIPEyRzuCZ4vqoTjXZ/shntYzN7sQxKIG8a7t/C3nzcLIjuq/cXWA
//qpsR9D7WBALZEAbxe1osRuI8xs+VEC/sJybQXlNvltEgJhZj4HDB6rN5b2PLvP
XBL9dEsufGa2n5VCHIfqP5VuL2HZrazGtV6gGsILLDP9bJ1aunFdaoUikbH1Fx/x
cYCRqiod6cpd7QZHjWdY1R6TWrH2uj1/KihdBPzz2h+Cyfih22kdZorHIEEf+fK8
cYRJfTczYssSI8XanYTGI1LLaOl5mCdaw+WbOJRNjwydVaapq9H8uQ9b1ED8mYSC
gg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org