Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/_Dfud38rZx7xRT5AgIjggbu4LdQ.roa
File: _Dfud38rZx7xRT5AgIjggbu4LdQ.roa (raw, json)
Hash identifier: sNZ7Ev3CSMfCtSvW37zRuKCdjAY8nuW8oNzuHTGWJP4=
Subject key identifier: FC:37:EE:77:7F:2B:67:1E:F1:45:3E:40:80:88:E0:81:BB:B8:2D:D4
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 405242A6
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/_Dfud38rZx7xRT5AgIjggbu4LdQ.roa
Signing time: Sat 01 Jan 2022 03:56:04 +0000
ROA not before: Sat 01 Jan 2022 03:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35038
IP address blocks: 194.117.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1079132838 (0x405242a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 1 03:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc37ee777f2b671ef1453e408088e081bbb82dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7f:7b:76:05:21:27:60:1d:00:61:e8:a8:63:
1a:b8:08:91:cd:80:62:b0:36:1a:26:34:59:21:05:
9c:01:7a:bc:fb:3b:b0:fd:38:70:11:29:de:6d:af:
8d:dd:82:a6:89:d4:e7:3f:b8:e8:ac:c9:b5:e2:2a:
f4:a0:94:db:1d:12:7c:a7:ef:c1:e8:d8:4d:9b:6d:
8e:1e:3d:4d:8e:51:49:ca:6e:99:ec:28:50:2c:ae:
f9:bc:89:b5:55:5c:2e:97:ec:b0:da:3f:fa:47:e4:
56:f1:5a:29:50:27:5e:73:07:b5:ef:27:55:8f:95:
ab:99:30:bd:ee:12:0a:f9:1b:a5:f7:e4:6e:19:10:
ae:64:2f:81:0b:3b:41:c4:7c:ee:f4:00:7b:74:45:
b3:ac:b4:f2:a8:df:ab:cf:af:9f:07:b8:8f:13:50:
55:0f:27:ca:32:95:43:20:ee:9f:9b:a9:b1:af:d8:
59:80:80:2c:e1:3c:8a:14:74:a1:f5:25:e6:ca:79:
15:a4:7b:15:12:bb:6f:27:e4:5c:93:0e:ee:56:b7:
de:2e:f5:45:19:24:4e:e1:74:6c:01:ad:14:e2:6f:
9f:8d:94:02:94:9f:a7:cd:5b:0a:fa:6d:e6:6b:f3:
8c:ec:49:f0:05:6c:3a:12:44:35:4a:c6:9d:02:87:
67:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:37:EE:77:7F:2B:67:1E:F1:45:3E:40:80:88:E0:81:BB:B8:2D:D4
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/_Dfud38rZx7xRT5AgIjggbu4LdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.24.0/21
Signature Algorithm: sha256WithRSAEncryption
14:c3:e8:7b:08:42:8b:c2:1d:de:f3:2d:c2:cf:0e:86:01:1c:
12:a3:15:7a:da:68:94:7a:5b:5d:0e:94:81:f7:84:f6:22:48:
51:62:35:f7:9c:9a:03:41:26:d7:7c:32:32:31:62:87:ae:6a:
ec:cb:de:be:b0:80:53:46:e7:2a:f1:88:9d:51:92:68:16:4c:
58:76:c1:aa:0a:d3:9b:2c:df:0a:8a:af:cf:2c:9b:fe:4b:2d:
3a:8c:b8:eb:59:99:9e:23:4d:7f:85:17:61:39:e7:10:6b:8a:
75:46:9a:d8:af:56:9a:85:04:a5:18:61:0d:85:b3:0f:5c:2f:
d3:5e:03:cb:da:a6:89:dc:eb:9f:49:5b:30:b3:3c:34:c3:ff:
5a:80:79:d5:60:32:ab:1d:1a:c2:bc:ee:54:0a:6a:2d:d6:c5:
e5:29:47:87:5c:34:d0:81:a4:ce:02:ff:f4:ef:cc:74:11:86:
cc:a3:1f:aa:39:2c:8f:98:a1:82:f9:01:58:31:78:a3:6c:f1:
1c:39:cc:46:75:fd:c0:9b:3a:91:ea:1e:9d:a0:fa:64:68:0e:
39:76:53:51:c0:17:a8:7a:18:66:1a:e7:29:ab:54:99:70:c9:
fb:f4:60:fd:c5:68:dc:e7:6a:fa:7c:35:fa:2f:24:1b:72:ae:
77:37:ae:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQFJCpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDRlZTE5M2IzMDE2NjViNTZmNjc4MGYyMjVmZDQ0ZDE0NDA5M2FmMB4XDTIyMDEw
MTAzNTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMzN2VlNzc3ZjJi
NjcxZWYxNDUzZTQwODA4OGUwODFiYmI4MmRkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJh/e3YFISdgHQBh6KhjGrgIkc2AYrA2GiY0WSEFnAF6vPs7
sP04cBEp3m2vjd2CponU5z+46KzJteIq9KCU2x0SfKfvwejYTZttjh49TY5RScpu
mewoUCyu+byJtVVcLpfssNo/+kfkVvFaKVAnXnMHte8nVY+Vq5kwve4SCvkbpffk
bhkQrmQvgQs7QcR87vQAe3RFs6y08qjfq8+vnwe4jxNQVQ8nyjKVQyDun5upsa/Y
WYCALOE8ihR0ofUl5sp5FaR7FRK7byfkXJMO7la33i71RRkkTuF0bAGtFOJvn42U
ApSfp81bCvpt5mvzjOxJ8AVsOhJENUrGnQKHZxMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8N+53fytnHvFFPkCAiOCBu7gt1DAfBgNVHSMEGDAWgBQNTuGTswFmW1b2
eA8iX9RNFECTrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RVN2hrN01CWmx0VzluZ1BJbF9VVFJSQWs2OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvMDk3MTExLTMwOTgtNGNmNy1hYzBmLTlmN2UwZjg2MmYxZS8x
L19EZnVkMzhyWng3eFJUNUFnSWpnZ2J1NExkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
MDk3MTExLTMwOTgtNGNmNy1hYzBmLTlmN2UwZjg2MmYxZS8xL0RVN2hrN01CWmx0
VzluZ1BJbF9VVFJSQWs2OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8J1GDANBgkqhkiG9w0BAQsFAAOC
AQEAFMPoewhCi8Id3vMtws8OhgEcEqMVetpolHpbXQ6UgfeE9iJIUWI195yaA0Em
13wyMjFih65q7MvevrCAU0bnKvGInVGSaBZMWHbBqgrTmyzfCoqvzyyb/kstOoy4
61mZniNNf4UXYTnnEGuKdUaa2K9WmoUEpRhhDYWzD1wv014Dy9qmidzrn0lbMLM8
NMP/WoB51WAyqx0awrzuVApqLdbF5SlHh1w00IGkzgL/9O/MdBGGzKMfqjksj5ih
gvkBWDF4o2zxHDnMRnX9wJs6keoenaD6ZGgOOXZTUcAXqHoYZhrnKatUmXDJ+/Rg
/cVo3Odq+nw1+i8kG3KudzeuTg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org