Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/xkZApUWmxsy2gnd7UPD5YW8RvsY.roa
File: xkZApUWmxsy2gnd7UPD5YW8RvsY.roa (raw, json)
Hash identifier: PYzb6OnnJBMhQxEdmpvfwwVAORt8mU0YllAatfPsBuY=
Subject key identifier: C6:46:40:A5:45:A6:C6:CC:B6:82:77:7B:50:F0:F9:61:6F:11:BE:C6
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01843F3B6DAB4415E96A9295DE1948F80250
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/xkZApUWmxsy2gnd7UPD5YW8RvsY.roa
Signing time: Thu 03 Nov 2022 20:42:50 +0000
ROA not before: Thu 03 Nov 2022 20:42:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 188.191.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3f:3b:6d:ab:44:15:e9:6a:92:95:de:19:48:f8:02:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Nov 3 20:42:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c64640a545a6c6ccb682777b50f0f9616f11bec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:a0:d0:b0:93:9c:d7:e2:77:bc:1c:8a:55:
af:50:15:4e:e0:62:ba:b0:06:f9:f2:5b:21:35:81:
b0:77:e5:02:ec:c6:b4:5c:6c:43:a3:d7:ad:6c:1f:
ce:e1:c3:6c:77:c6:18:8c:fd:a2:01:dd:ab:6f:13:
76:ab:35:bc:2c:0d:9d:48:a2:df:74:c7:d3:fd:30:
96:f2:3b:cf:a2:1d:e5:32:7a:1f:62:f1:3e:b9:ad:
34:3d:26:2f:34:db:55:6a:8a:c0:c7:39:fa:80:81:
bd:58:ba:5a:d2:f0:bb:d6:d1:a8:63:c7:88:d2:a2:
37:1d:4f:e0:14:7c:c3:e1:8a:75:80:14:2d:0e:d2:
0d:fe:4a:b1:f1:3d:a6:3d:6e:c6:69:f5:ac:9b:75:
3d:57:7f:0f:e2:09:10:25:d9:a3:a8:6d:c7:24:eb:
0b:d0:f0:75:81:5a:8c:3d:32:ea:10:f4:0d:e7:50:
28:a6:aa:ee:73:d2:03:dc:c0:7d:b8:45:fc:a1:a9:
b1:4d:9b:3a:5c:aa:a9:09:26:00:ab:3f:a8:e0:a8:
66:44:5f:62:a4:6b:de:e0:4b:ca:ca:50:50:ef:53:
1f:87:f7:01:d1:63:ca:27:23:16:6c:8a:3d:f8:2e:
bf:2e:66:81:53:1a:52:57:d4:5d:f3:bb:e0:8f:ea:
95:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:46:40:A5:45:A6:C6:CC:B6:82:77:7B:50:F0:F9:61:6F:11:BE:C6
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/xkZApUWmxsy2gnd7UPD5YW8RvsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.102.0/24
Signature Algorithm: sha256WithRSAEncryption
27:4c:5c:71:fd:9d:c1:b5:ba:32:8a:1f:36:93:69:5d:6f:1c:
eb:d2:41:87:d3:32:49:42:6c:b1:13:94:40:7b:0f:57:94:e8:
d6:29:7d:3e:ad:41:09:10:af:44:4e:79:78:00:52:76:ef:a4:
f1:65:a0:9a:8a:46:8a:a2:9f:98:24:48:a1:8d:b1:39:9e:eb:
9a:c8:08:7a:d9:74:81:5d:3b:f5:f9:69:e0:65:0b:70:fa:31:
6f:cb:8a:90:fc:6f:3a:29:6e:a9:32:42:47:85:56:a9:fe:9f:
b3:65:16:ed:3e:48:35:de:73:30:e8:9d:f9:bd:a5:bd:f5:8a:
30:1b:7d:c2:43:47:5d:bd:85:63:1e:7d:bc:d4:c8:0b:e9:8b:
6b:0c:69:d9:ab:6f:1d:da:ab:c3:7f:6f:7c:84:3c:a7:b2:2d:
26:bc:f7:9e:f9:23:5d:0b:99:d8:71:fd:84:ad:38:02:20:06:
21:88:92:7d:86:20:a3:01:3f:c9:1d:0d:30:ac:d6:68:0a:5f:
fd:4e:38:dd:08:5c:ab:ff:88:6f:86:0a:33:e4:22:13:f3:f4:
70:57:a6:ed:d3:24:e1:2c:72:5b:56:cd:57:eb:53:71:94:8d:
04:76:b8:19:c1:fb:5f:65:62:04:bd:58:4c:51:6e:d2:5d:70:
4d:8a:e5:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ/O22rRBXpapKV3hlI+AJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMTAzMjA0MjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ2NDBhNTQ1YTZjNmNjYjY4Mjc3N2I1MGYwZjk2MTZmMTFiZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzug0LCTnNfid7wcilWvUBVO4GK6
sAb58lshNYGwd+UC7Ma0XGxDo9etbB/O4cNsd8YYjP2iAd2rbxN2qzW8LA2dSKLf
dMfT/TCW8jvPoh3lMnofYvE+ua00PSYvNNtVaorAxzn6gIG9WLpa0vC71tGoY8eI
0qI3HU/gFHzD4Yp1gBQtDtIN/kqx8T2mPW7GafWsm3U9V38P4gkQJdmjqG3HJOsL
0PB1gVqMPTLqEPQN51Aopqruc9ID3MB9uEX8oamxTZs6XKqpCSYAqz+o4KhmRF9i
pGve4EvKylBQ71Mfh/cB0WPKJyMWbIo9+C6/LmaBUxpSV9Rd87vgj+qVSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZGQKVFpsbMtoJ3e1Dw+WFvEb7GMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEveGtaQXBVV214c3kyZ25kN1VQRDVZVzhSdnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9mMA0G
CSqGSIb3DQEBCwUAA4IBAQAnTFxx/Z3Btboyih82k2ldbxzr0kGH0zJJQmyxE5RA
ew9XlOjWKX0+rUEJEK9ETnl4AFJ276TxZaCaikaKop+YJEihjbE5nuuayAh62XSB
XTv1+WngZQtw+jFvy4qQ/G86KW6pMkJHhVap/p+zZRbtPkg13nMw6J35vaW99Yow
G33CQ0ddvYVjHn281MgL6YtrDGnZq28d2qvDf298hDynsi0mvPee+SNdC5nYcf2E
rTgCIAYhiJJ9hiCjAT/JHQ0wrNZoCl/9TjjdCFyr/4hvhgoz5CIT8/RwV6bt0yTh
LHJbVs1X61NxlI0EdrgZwftfZWIEvVhMUW7SXXBNiuUt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org