Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/12ff71-9e6c-40d9-9df7-773cfc4333e1/1/DuXYAMFuUSSJuq6NarkZKwLLZro.roa
File: DuXYAMFuUSSJuq6NarkZKwLLZro.roa (raw, json)
Hash identifier: XqYcwKhdYlT+4uJjb/wlHuTnGgpN/BrGimPRIK9BfFU=
Subject key identifier: 0E:E5:D8:00:C1:6E:51:24:89:BA:AE:8D:6A:B9:19:2B:02:CB:66:BA
Certificate issuer: /CN=b62b967c52145e67a4b3206b1ca492853ca0df84
Certificate serial: 07E4716D
Authority key identifier: B6:2B:96:7C:52:14:5E:67:A4:B3:20:6B:1C:A4:92:85:3C:A0:DF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tiuWfFIUXmeksyBrHKSShTyg34Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/12ff71-9e6c-40d9-9df7-773cfc4333e1/1/DuXYAMFuUSSJuq6NarkZKwLLZro.roa
Signing time: Sat 01 Jan 2022 15:59:44 +0000
ROA not before: Sat 01 Jan 2022 15:59:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44980
IP address blocks: 195.242.156.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132411757 (0x7e4716d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62b967c52145e67a4b3206b1ca492853ca0df84
Validity
Not Before: Jan 1 15:59:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ee5d800c16e512489baae8d6ab9192b02cb66ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e8:c3:f8:6a:66:a3:5b:ee:a4:d8:9a:b3:40:
ca:05:75:f2:c0:aa:44:15:8b:fd:41:38:e1:b6:e3:
74:93:30:06:47:b3:77:b3:35:23:7a:cc:c1:84:7f:
06:7e:5e:fd:43:bf:5a:f9:a7:04:4f:ca:6f:5f:62:
53:d6:3d:66:ad:fc:24:4e:33:8b:c5:d0:4b:7c:b8:
dc:2b:fc:c0:de:b0:7b:f2:06:bc:65:1c:43:77:66:
13:2a:92:88:ac:4f:53:11:29:30:56:fa:2c:c5:db:
34:bd:cb:c2:87:7e:cd:8e:69:7d:da:e6:40:fc:6a:
de:dd:12:1e:ae:79:51:34:f3:68:8e:55:f3:65:ea:
41:75:f3:cf:18:28:ad:86:fe:83:48:6f:8f:20:1d:
7c:9e:34:90:26:1c:a5:86:cc:e8:6e:49:9a:04:d5:
f4:01:10:70:3c:61:a3:66:d2:90:e7:3b:8a:39:1c:
ac:32:98:f5:8a:4a:a4:a8:51:8c:9c:8b:72:71:30:
21:b9:72:5f:a4:b6:c6:66:89:b9:86:ea:00:6b:e7:
28:f1:27:36:1f:e3:4d:30:3c:e9:b6:20:12:2b:1e:
be:05:86:24:24:d6:26:24:11:83:c2:6e:8b:a6:c5:
14:a8:9f:15:2e:35:31:fb:0f:78:1b:74:3d:08:1f:
b7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E5:D8:00:C1:6E:51:24:89:BA:AE:8D:6A:B9:19:2B:02:CB:66:BA
X509v3 Authority Key Identifier:
keyid:B6:2B:96:7C:52:14:5E:67:A4:B3:20:6B:1C:A4:92:85:3C:A0:DF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tiuWfFIUXmeksyBrHKSShTyg34Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/12ff71-9e6c-40d9-9df7-773cfc4333e1/1/DuXYAMFuUSSJuq6NarkZKwLLZro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/12ff71-9e6c-40d9-9df7-773cfc4333e1/1/tiuWfFIUXmeksyBrHKSShTyg34Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.156.0/23
Signature Algorithm: sha256WithRSAEncryption
78:33:b1:43:30:ee:fb:f2:4f:aa:03:a8:91:06:3f:cb:cb:a2:
07:d3:4a:2f:fb:3a:01:51:83:97:cb:f7:13:3b:98:55:b2:fd:
b4:bd:61:cc:4a:72:74:c2:77:27:8e:d1:c2:6a:8b:ca:6e:8d:
72:67:98:78:86:32:a9:22:ff:3a:d5:7d:55:09:fa:b3:97:86:
5a:91:dd:4d:e7:da:51:40:c7:77:67:0f:c7:e8:86:c9:52:b5:
f7:56:98:50:5d:31:8d:b9:ab:75:cc:2f:3b:cc:ed:11:1c:b4:
61:d7:e5:ec:0f:8d:56:b5:42:28:cc:71:43:62:1e:c5:62:13:
d1:a7:1f:30:c3:7e:54:7c:78:e1:d3:cc:ae:31:9d:96:01:f1:
c4:ce:a9:5b:c7:d4:56:a6:79:ba:c0:58:42:21:2b:9c:b1:db:
18:98:51:a1:26:54:c2:b8:ef:d2:53:5a:ae:ab:f7:99:13:9c:
8f:ae:b6:73:9b:d6:f2:5c:8c:19:c9:ce:4b:e2:c8:35:33:27:
99:8d:4e:63:0f:0b:aa:da:e9:a7:80:4a:1b:26:6d:ed:21:2b:
df:6c:8a:34:8f:f7:99:19:ad:2b:5e:6e:e0:ea:41:d9:79:f2:
3f:5b:00:dc:94:70:13:d9:92:c1:01:56:fd:6f:c8:7c:09:fa:
59:50:41:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB+RxbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjJiOTY3YzUyMTQ1ZTY3YTRiMzIwNmIxY2E0OTI4NTNjYTBkZjg0MB4XDTIyMDEw
MTE1NTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGVlNWQ4MDBjMTZl
NTEyNDg5YmFhZThkNmFiOTE5MmIwMmNiNjZiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfow/hqZqNb7qTYmrNAygV18sCqRBWL/UE44bbjdJMwBkez
d7M1I3rMwYR/Bn5e/UO/WvmnBE/Kb19iU9Y9Zq38JE4zi8XQS3y43Cv8wN6we/IG
vGUcQ3dmEyqSiKxPUxEpMFb6LMXbNL3Lwod+zY5pfdrmQPxq3t0SHq55UTTzaI5V
82XqQXXzzxgorYb+g0hvjyAdfJ40kCYcpYbM6G5JmgTV9AEQcDxho2bSkOc7ijkc
rDKY9YpKpKhRjJyLcnEwIblyX6S2xmaJuYbqAGvnKPEnNh/jTTA86bYgEisevgWG
JCTWJiQRg8Jui6bFFKifFS41MfsPeBt0PQgftz0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQO5dgAwW5RJIm6ro1quRkrAstmujAfBgNVHSMEGDAWgBS2K5Z8UhReZ6Sz
IGscpJKFPKDfhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RpdVdmRklVWG1la3N5QnJIS1NTaFR5ZzM0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvMTJmZjcxLTllNmMtNDBkOS05ZGY3LTc3M2NmYzQzMzNlMS8x
L0R1WFlBTUZ1VVNTSnVxNk5hcmtaS3dMTFpyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
MTJmZjcxLTllNmMtNDBkOS05ZGY3LTc3M2NmYzQzMzNlMS8xL3RpdVdmRklVWG1l
a3N5QnJIS1NTaFR5ZzM0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcPynDANBgkqhkiG9w0BAQsFAAOC
AQEAeDOxQzDu+/JPqgOokQY/y8uiB9NKL/s6AVGDl8v3EzuYVbL9tL1hzEpydMJ3
J47RwmqLym6NcmeYeIYyqSL/OtV9VQn6s5eGWpHdTefaUUDHd2cPx+iGyVK191aY
UF0xjbmrdcwvO8ztERy0Ydfl7A+NVrVCKMxxQ2IexWIT0acfMMN+VHx44dPMrjGd
lgHxxM6pW8fUVqZ5usBYQiErnLHbGJhRoSZUwrjv0lNarqv3mROcj662c5vW8lyM
GcnOS+LINTMnmY1OYw8Lqtrpp4BKGyZt7SEr32yKNI/3mRmtK15u4OpB2XnyP1sA
3JRwE9mSwQFW/W/IfAn6WVBBJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:37 2024 by rpki-client on console-ams.rpki-client.org