Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/45a823-d1a8-4ffa-a7c5-bba95cc7a44f/1/kjVfNWHFwQjlsiWgV_ojDQRmURE.roa
File: kjVfNWHFwQjlsiWgV_ojDQRmURE.roa (raw, json)
Hash identifier: 0ssHatZKy72c5NP2EeygqFrBQTucOTGBy7zaZIRjiUU=
Subject key identifier: 92:35:5F:35:61:C5:C1:08:E5:B2:25:A0:57:FA:23:0D:04:66:51:11
Certificate issuer: /CN=4171e5ad27a51f64eec84287b2b04bd6fd2028f6
Certificate serial: 01852EB97DB08D5977220BBC7D0EAF9312DD
Authority key identifier: 41:71:E5:AD:27:A5:1F:64:EE:C8:42:87:B2:B0:4B:D6:FD:20:28:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXHlrSelH2TuyEKHsrBL1v0gKPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/45a823-d1a8-4ffa-a7c5-bba95cc7a44f/1/kjVfNWHFwQjlsiWgV_ojDQRmURE.roa
Signing time: Tue 20 Dec 2022 08:49:46 +0000
ROA not before: Tue 20 Dec 2022 08:49:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44632
IP address blocks: 194.8.95.0/24 maxlen: 24
194.8.94.0/23 maxlen: 23
194.8.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:b9:7d:b0:8d:59:77:22:0b:bc:7d:0e:af:93:12:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4171e5ad27a51f64eec84287b2b04bd6fd2028f6
Validity
Not Before: Dec 20 08:49:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92355f3561c5c108e5b225a057fa230d04665111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4b:21:ec:15:88:d1:f0:58:13:1b:1e:c7:be:
d8:2f:7b:7d:8b:87:bf:d2:d1:16:4e:e6:77:c1:1c:
08:a3:83:8d:7f:08:e6:ea:77:4b:dc:2e:e5:11:b8:
d3:98:3a:6f:ee:20:34:c5:0a:12:b6:8b:01:70:f7:
4a:a3:f6:64:d7:77:0b:9d:0f:09:24:aa:d3:7e:2b:
86:a6:aa:64:5e:9f:7c:f5:c8:c7:18:d5:f0:7c:0a:
c3:20:c7:60:74:f8:ee:59:0b:91:ee:9d:01:a8:f6:
88:2b:43:64:80:c6:34:88:d3:49:d5:18:43:0a:47:
8e:3e:7c:02:e7:98:cd:d0:8c:2d:25:b8:36:19:52:
ec:bf:77:4f:21:38:22:eb:80:ce:1a:92:17:81:30:
40:5f:e3:33:8b:fa:1a:5f:8e:92:7a:73:de:07:5c:
88:48:78:48:89:3a:8d:df:94:47:06:db:63:08:65:
55:c3:d7:ac:4f:1b:ac:07:7b:a2:6e:d9:9c:e3:30:
61:99:4f:51:24:68:5a:bf:45:f9:51:20:bf:f1:c4:
ad:44:07:e3:33:37:67:03:68:56:ec:29:6d:7d:42:
cf:01:00:7f:97:5a:a8:c0:2d:1e:69:c4:32:06:69:
66:dc:7c:d1:e1:57:72:26:07:90:36:2a:9d:83:49:
e1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:35:5F:35:61:C5:C1:08:E5:B2:25:A0:57:FA:23:0D:04:66:51:11
X509v3 Authority Key Identifier:
keyid:41:71:E5:AD:27:A5:1F:64:EE:C8:42:87:B2:B0:4B:D6:FD:20:28:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXHlrSelH2TuyEKHsrBL1v0gKPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/45a823-d1a8-4ffa-a7c5-bba95cc7a44f/1/kjVfNWHFwQjlsiWgV_ojDQRmURE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/45a823-d1a8-4ffa-a7c5-bba95cc7a44f/1/QXHlrSelH2TuyEKHsrBL1v0gKPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.94.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:c8:8d:7b:34:62:fe:af:50:3d:77:e4:43:da:8b:18:d0:08:
5b:e6:49:e5:63:04:80:15:88:02:98:3e:5c:1e:3e:65:38:48:
64:cf:46:47:74:42:a0:7f:5f:10:c5:05:27:17:20:68:f6:1b:
e1:ec:7e:7e:fb:e9:8d:c3:3a:0b:70:1a:e2:97:9c:79:b7:86:
da:9e:61:81:34:d4:dc:ba:17:dd:4a:cc:ca:19:d2:c1:66:c3:
ca:1c:c0:2d:b0:55:a2:51:69:87:f6:9c:1b:da:f0:da:28:58:
f8:e0:23:37:9f:78:b9:0b:1e:e5:26:21:c5:66:ec:80:dc:46:
af:be:8c:80:16:6c:7e:79:23:6b:af:85:3f:dc:71:89:3e:d9:
6a:cc:d0:4d:c2:1f:8a:1a:12:b2:48:4d:3e:02:23:22:2c:6a:
17:b7:46:0c:74:0f:f5:c8:b4:b7:c8:fb:b2:66:31:13:64:fb:
bd:5e:54:6b:3c:bf:35:6c:f2:12:39:4b:92:70:38:e5:24:fb:
d8:02:b3:c3:ce:af:99:f8:01:17:ca:9e:b4:dc:97:1a:b5:1e:
19:3d:55:b0:73:10:5b:88:7d:b7:0c:08:15:48:39:29:09:fc:
21:b2:0d:21:61:bb:a2:56:ab:ae:d3:1e:5e:7d:fb:05:b7:67:
03:1a:d3:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUuuX2wjVl3Igu8fQ6vkxLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzFlNWFkMjdhNTFmNjRlZWM4NDI4N2IyYjA0YmQ2ZmQy
MDI4ZjYwHhcNMjIxMjIwMDg0OTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjM1NWYzNTYxYzVjMTA4ZTViMjI1YTA1N2ZhMjMwZDA0NjY1MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0sh7BWI0fBYExsex77YL3t9i4e/
0tEWTuZ3wRwIo4ONfwjm6ndL3C7lEbjTmDpv7iA0xQoStosBcPdKo/Zk13cLnQ8J
JKrTfiuGpqpkXp989cjHGNXwfArDIMdgdPjuWQuR7p0BqPaIK0NkgMY0iNNJ1RhD
CkeOPnwC55jN0IwtJbg2GVLsv3dPITgi64DOGpIXgTBAX+Mzi/oaX46SenPeB1yI
SHhIiTqN35RHBttjCGVVw9esTxusB3uibtmc4zBhmU9RJGhav0X5USC/8cStRAfj
MzdnA2hW7CltfULPAQB/l1qowC0eacQyBmlm3HzR4VdyJgeQNiqdg0nhpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJI1XzVhxcEI5bIloFf6Iw0EZlERMB8GA1UdIwQY
MBaAFEFx5a0npR9k7shCh7KwS9b9ICj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhIbHJTZWxIMlR1eUVLSHNyQkwxdjBnS1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80NWE4MjMtZDFhOC00ZmZhLWE3YzUt
YmJhOTVjYzdhNDRmLzEva2pWZk5XSEZ3UWpsc2lXZ1Zfb2pEUVJtVVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80NWE4MjMtZDFhOC00ZmZhLWE3YzUtYmJhOTVjYzdhNDRm
LzEvUVhIbHJTZWxIMlR1eUVLSHNyQkwxdjBnS1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgheMA0G
CSqGSIb3DQEBCwUAA4IBAQBPyI17NGL+r1A9d+RD2osY0Ahb5knlYwSAFYgCmD5c
Hj5lOEhkz0ZHdEKgf18QxQUnFyBo9hvh7H5+++mNwzoLcBril5x5t4banmGBNNTc
uhfdSszKGdLBZsPKHMAtsFWiUWmH9pwb2vDaKFj44CM3n3i5Cx7lJiHFZuyA3Eav
voyAFmx+eSNrr4U/3HGJPtlqzNBNwh+KGhKySE0+AiMiLGoXt0YMdA/1yLS3yPuy
ZjETZPu9XlRrPL81bPISOUuScDjlJPvYArPDzq+Z+AEXyp603JcatR4ZPVWwcxBb
iH23DAgVSDkpCfwhsg0hYbuiVquu0x5effsFt2cDGtPB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org