Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/49aba4-e63d-4e06-8a12-96f216893dec/1/bXG4gB5ftRFQUVQ1V2-JscvSRMg.roa
File: bXG4gB5ftRFQUVQ1V2-JscvSRMg.roa (raw, json)
Hash identifier: z7zl9V7sB/mwJWYIEIt3MhXjEvEN9qD8MvZUdMR6uPo=
Subject key identifier: 6D:71:B8:80:1E:5F:B5:11:50:51:54:35:57:6F:89:B1:CB:D2:44:C8
Certificate issuer: /CN=ef78a6bcc85ec8ade6ecce880ee073d637707965
Certificate serial: 0183D6D3B643387A16FF274F6FEAA197F77D
Authority key identifier: EF:78:A6:BC:C8:5E:C8:AD:E6:EC:CE:88:0E:E0:73:D6:37:70:79:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73imvMheyK3m7M6IDuBz1jdweWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/49aba4-e63d-4e06-8a12-96f216893dec/1/bXG4gB5ftRFQUVQ1V2-JscvSRMg.roa
Signing time: Fri 14 Oct 2022 14:09:02 +0000
ROA not before: Fri 14 Oct 2022 14:09:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15987
IP address blocks: 194.39.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:d3:b6:43:38:7a:16:ff:27:4f:6f:ea:a1:97:f7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef78a6bcc85ec8ade6ecce880ee073d637707965
Validity
Not Before: Oct 14 14:09:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d71b8801e5fb51150515435576f89b1cbd244c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b6:19:42:7f:c5:ba:70:4a:92:87:b9:02:4c:
de:d4:ff:a6:fc:b5:b2:1a:7c:72:46:59:72:7e:ee:
1c:38:d6:ad:19:11:96:0c:11:1f:27:97:30:90:20:
f0:a6:c4:ec:5f:ca:79:26:ab:3b:a9:69:e6:c1:87:
88:4c:bb:81:96:87:56:9c:93:81:eb:e3:99:16:6f:
7c:d0:8b:b3:5e:c5:62:63:58:ef:fd:52:03:a1:f3:
96:6a:f0:ef:ef:86:34:73:ea:e7:6f:60:30:9b:37:
fc:5d:7d:31:d7:32:c6:c2:4e:97:97:c2:76:b6:c8:
ab:85:ef:15:4b:7f:b6:9f:6a:0a:bc:42:aa:34:35:
d2:ab:58:c8:1b:a8:55:8b:81:da:73:ba:bd:f8:48:
13:15:14:1e:11:2e:35:0c:0d:7b:9b:1e:ec:8e:ed:
e1:aa:d8:ff:9f:7e:d0:a5:e5:fb:3b:d7:c4:df:10:
ac:10:3f:8f:42:01:c2:77:4b:38:ac:8f:83:dd:4b:
f7:14:0b:b0:a6:89:ab:0a:87:c6:33:33:a5:de:1d:
72:9a:61:e6:22:48:7d:ec:3d:15:d8:c3:6e:9b:15:
1f:ea:17:a5:51:0c:c8:4e:6d:70:2d:51:e5:19:f5:
04:5d:b9:17:73:09:23:af:e4:c1:70:90:d8:fd:70:
ea:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:71:B8:80:1E:5F:B5:11:50:51:54:35:57:6F:89:B1:CB:D2:44:C8
X509v3 Authority Key Identifier:
keyid:EF:78:A6:BC:C8:5E:C8:AD:E6:EC:CE:88:0E:E0:73:D6:37:70:79:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73imvMheyK3m7M6IDuBz1jdweWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/49aba4-e63d-4e06-8a12-96f216893dec/1/bXG4gB5ftRFQUVQ1V2-JscvSRMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/49aba4-e63d-4e06-8a12-96f216893dec/1/73imvMheyK3m7M6IDuBz1jdweWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.186.0/24
Signature Algorithm: sha256WithRSAEncryption
59:c7:35:c2:eb:44:c7:cd:fd:6a:2d:51:a2:18:51:27:7f:b4:
24:ca:36:d9:2f:2c:5c:41:c2:30:ff:8e:0b:45:41:25:d4:4e:
30:f4:74:4b:cd:96:77:06:98:f1:40:5a:5f:00:51:53:78:8f:
77:86:0f:eb:dd:67:6c:40:c1:eb:eb:6d:9a:f2:31:76:17:4a:
2a:75:f8:15:2a:0f:0d:a0:99:82:5a:27:06:80:20:64:ea:cb:
b7:10:4d:41:d0:94:91:6d:0b:63:15:8d:e6:9e:bf:8d:93:5a:
03:c1:b7:32:96:64:46:4d:3b:d2:75:ce:d5:c5:5b:04:57:b8:
f0:d9:c6:87:ad:b2:23:c2:c8:3f:a5:53:ea:68:a9:d0:cc:2d:
0b:2b:24:2f:e8:78:17:98:d2:f8:f0:97:ac:90:f6:dc:92:2c:
fb:da:ae:6d:2d:22:1e:30:d3:6e:b9:18:c8:7d:b1:15:f9:f3:
d7:b7:30:e5:89:16:48:7d:aa:c2:fa:6a:1f:52:d2:c9:1a:17:
64:5e:f2:da:5d:02:9d:ea:5e:0c:d0:49:52:b0:c1:fe:e9:de:
a1:4b:e4:1b:e2:0f:e3:69:d6:2d:6e:a2:3b:28:8f:67:27:70:
84:02:21:d3:f2:13:47:9c:61:95:3e:75:02:96:4b:ca:d6:18:
8c:e6:69:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPW07ZDOHoW/ydPb+qhl/d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNzhhNmJjYzg1ZWM4YWRlNmVjY2U4ODBlZTA3M2Q2Mzc3
MDc5NjUwHhcNMjIxMDE0MTQwOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDcxYjg4MDFlNWZiNTExNTA1MTU0MzU1NzZmODliMWNiZDI0NGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLYZQn/FunBKkoe5Akze1P+m/LWy
GnxyRllyfu4cONatGRGWDBEfJ5cwkCDwpsTsX8p5Jqs7qWnmwYeITLuBlodWnJOB
6+OZFm980IuzXsViY1jv/VIDofOWavDv74Y0c+rnb2Awmzf8XX0x1zLGwk6Xl8J2
tsirhe8VS3+2n2oKvEKqNDXSq1jIG6hVi4Hac7q9+EgTFRQeES41DA17mx7sju3h
qtj/n37QpeX7O9fE3xCsED+PQgHCd0s4rI+D3Uv3FAuwpomrCofGMzOl3h1ymmHm
Ikh97D0V2MNumxUf6helUQzITm1wLVHlGfUEXbkXcwkjr+TBcJDY/XDqIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1xuIAeX7URUFFUNVdvibHL0kTIMB8GA1UdIwQY
MBaAFO94przIXsit5uzOiA7gc9Y3cHllMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNpbXZNaGV5SzNtN002SUR1QnoxamR3ZVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80OWFiYTQtZTYzZC00ZTA2LThhMTIt
OTZmMjE2ODkzZGVjLzEvYlhHNGdCNWZ0UkZRVVZRMVYyLUpzY3ZTUk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80OWFiYTQtZTYzZC00ZTA2LThhMTItOTZmMjE2ODkzZGVj
LzEvNzNpbXZNaGV5SzNtN002SUR1QnoxamR3ZVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwie6MA0G
CSqGSIb3DQEBCwUAA4IBAQBZxzXC60THzf1qLVGiGFEnf7QkyjbZLyxcQcIw/44L
RUEl1E4w9HRLzZZ3BpjxQFpfAFFTeI93hg/r3WdsQMHr622a8jF2F0oqdfgVKg8N
oJmCWicGgCBk6su3EE1B0JSRbQtjFY3mnr+Nk1oDwbcylmRGTTvSdc7VxVsEV7jw
2caHrbIjwsg/pVPqaKnQzC0LKyQv6HgXmNL48JeskPbckiz72q5tLSIeMNNuuRjI
fbEV+fPXtzDliRZIfarC+mofUtLJGhdkXvLaXQKd6l4M0ElSsMH+6d6hS+Qb4g/j
adYtbqI7KI9nJ3CEAiHT8hNHnGGVPnUClkvK1hiM5mnS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:58 2023 by rpki-client on console-fra.rpki-client.org