Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/iLMhxyR5iQR1EU6A1vVVbUh7dpw.roa
File: iLMhxyR5iQR1EU6A1vVVbUh7dpw.roa (raw, json)
Hash identifier: R+bnWr7Ac/hngQLNUWjOoB0iJ0cUn65bJFUMaranRMA=
Subject key identifier: 88:B3:21:C7:24:79:89:04:75:11:4E:80:D6:F5:55:6D:48:7B:76:9C
Certificate issuer: /CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Certificate serial: 0A4774A5
Authority key identifier: FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/iLMhxyR5iQR1EU6A1vVVbUh7dpw.roa
Signing time: Sat 01 Jan 2022 15:56:09 +0000
ROA not before: Sat 01 Jan 2022 15:56:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56575
IP address blocks: 194.36.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172455077 (0xa4774a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Validity
Not Before: Jan 1 15:56:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88b321c72479890475114e80d6f5556d487b769c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:08:25:9e:3b:57:ea:80:0d:da:c4:65:6d:9b:
89:72:bf:5c:84:fc:7d:a4:aa:de:1f:af:64:02:88:
18:68:29:5b:b5:d7:da:e1:ce:06:f6:e2:dc:6c:a5:
94:01:f2:e3:25:ee:f3:55:af:13:da:3b:64:a0:cd:
ca:1d:32:f0:9a:60:09:7f:14:6c:6a:a1:65:93:b5:
cf:6a:17:1d:03:81:e4:38:36:46:7b:4e:49:60:aa:
c8:56:f0:83:b9:6d:45:5b:d5:d9:be:72:4b:4c:a1:
47:40:96:2a:46:5e:70:d7:47:54:f1:a8:69:14:b7:
c3:70:17:c9:d4:16:02:72:3a:61:a1:53:08:19:a8:
53:45:ea:27:85:3d:29:ef:f5:c6:f9:d8:a7:48:fe:
ee:d3:ae:b8:cb:81:3d:62:5e:5f:f9:c4:14:f1:79:
1d:a2:57:89:8d:2e:12:b2:82:5a:63:31:6f:7c:37:
1c:26:42:79:e4:26:1b:82:e4:d3:a7:86:77:6a:2d:
9e:a2:22:e7:b2:65:18:82:00:9c:aa:fc:67:1f:3d:
fb:1f:c8:77:e7:75:b0:a8:8d:2b:77:6e:c5:e3:94:
74:00:4c:d4:a7:ee:06:eb:ea:f4:6b:23:8d:13:ce:
d6:28:aa:c6:e1:26:f2:f0:73:72:e2:2d:d8:95:4e:
00:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B3:21:C7:24:79:89:04:75:11:4E:80:D6:F5:55:6D:48:7B:76:9C
X509v3 Authority Key Identifier:
keyid:FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/iLMhxyR5iQR1EU6A1vVVbUh7dpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:41:e1:4d:93:a6:b1:cb:8f:ab:d5:65:db:1e:da:4e:f8:1d:
c0:09:6b:8e:39:1e:14:62:f4:c3:7f:14:01:44:04:87:04:b8:
d3:d0:bb:b0:ee:ff:ea:ec:b2:6c:bf:9e:9e:8d:78:a5:f3:28:
ce:0d:52:3e:34:57:e8:bb:46:60:d4:2b:fd:ad:b8:55:31:ee:
de:b1:e1:30:3a:3b:cd:14:63:c7:10:0e:b8:f3:ba:09:67:a0:
fe:62:92:db:36:6a:b7:94:68:43:3b:85:7b:08:3a:4c:94:38:
bd:08:67:44:ef:a2:c2:0b:0a:fb:de:83:a6:31:4e:05:e0:a8:
bf:4c:63:c5:ff:39:74:7b:b2:ff:8b:26:20:3e:21:84:74:a3:
2b:d7:25:66:6b:85:f9:5f:58:57:d3:36:6c:39:01:1d:bb:85:
56:b9:90:00:fd:fa:e2:bc:f1:c7:f9:ea:b2:dc:44:d6:6a:a0:
75:e2:b7:2f:f7:85:7b:ad:2a:33:79:10:9b:fc:08:e8:2b:56:
4d:4f:c4:31:ac:a2:93:7f:f5:f4:cc:84:de:c3:fd:37:57:23:
a8:5b:27:87:08:96:50:8f:09:d6:fa:21:30:cd:64:e2:ea:fe:
97:f7:06:d4:3a:5c:45:1f:f8:75:7f:95:e8:52:0d:a1:62:8b:
aa:f8:42:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECkd0pTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDExYzQ2NTRhZjcwMmU1OTZlYjUwZDEzZmE0ODZkYjRkOWJjZTBhMB4XDTIyMDEw
MTE1NTYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhiMzIxYzcyNDc5
ODkwNDc1MTE0ZTgwZDZmNTU1NmQ0ODdiNzY5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8IJZ47V+qADdrEZW2biXK/XIT8faSq3h+vZAKIGGgpW7XX
2uHOBvbi3GyllAHy4yXu81WvE9o7ZKDNyh0y8JpgCX8UbGqhZZO1z2oXHQOB5Dg2
RntOSWCqyFbwg7ltRVvV2b5yS0yhR0CWKkZecNdHVPGoaRS3w3AXydQWAnI6YaFT
CBmoU0XqJ4U9Ke/1xvnYp0j+7tOuuMuBPWJeX/nEFPF5HaJXiY0uErKCWmMxb3w3
HCZCeeQmG4Lk06eGd2otnqIi57JlGIIAnKr8Zx89+x/Id+d1sKiNK3duxeOUdABM
1KfuBuvq9GsjjRPO1iiqxuEm8vBzcuIt2JVOAE8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSIsyHHJHmJBHURToDW9VVtSHt2nDAfBgNVHSMEGDAWgBT9EcRlSvcC5Zbr
UNE/pIbbTZvOCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19SSEVaVXIzQXVXVzYxRFJQNlNHMjAyYnpnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvNWUzMTg1LTM4YzUtNGE1Yi1iZjI0LWM5NTNlMzM5OGM2My8x
L2lMTWh4eVI1aVFSMUVVNkExdlZWYlVoN2Rwdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
NWUzMTg1LTM4YzUtNGE1Yi1iZjI0LWM5NTNlMzM5OGM2My8xL19SSEVaVXIzQXVX
VzYxRFJQNlNHMjAyYnpnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsIkzDANBgkqhkiG9w0BAQsFAAOC
AQEArEHhTZOmscuPq9Vl2x7aTvgdwAlrjjkeFGL0w38UAUQEhwS409C7sO7/6uyy
bL+eno14pfMozg1SPjRX6LtGYNQr/a24VTHu3rHhMDo7zRRjxxAOuPO6CWeg/mKS
2zZqt5RoQzuFewg6TJQ4vQhnRO+iwgsK+96DpjFOBeCov0xjxf85dHuy/4smID4h
hHSjK9clZmuF+V9YV9M2bDkBHbuFVrmQAP364rzxx/nqstxE1mqgdeK3L/eFe60q
M3kQm/wI6CtWTU/EMayik3/19MyE3sP9N1cjqFsnhwiWUI8J1vohMM1k4ur+l/cG
1DpcRR/4dX+V6FINoWKLqvhCyQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:30 2023 by rpki-client on console-fra.rpki-client.org