Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/X1l0tqyaRlt8z7eM7iTCMLfytNw.roa
File: X1l0tqyaRlt8z7eM7iTCMLfytNw.roa (raw, json)
Hash identifier: AK3FjJfih73nAsoqBqtESG6lkzTWWvRtmTNH+5HpVjE=
Subject key identifier: 5F:59:74:B6:AC:9A:46:5B:7C:CF:B7:8C:EE:24:C2:30:B7:F2:B4:DC
Certificate issuer: /CN=d4c7c4eab5c07948cbf44a8a01c6a827fdae9341
Certificate serial: 194C16B9
Authority key identifier: D4:C7:C4:EA:B5:C0:79:48:CB:F4:4A:8A:01:C6:A8:27:FD:AE:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MfE6rXAeUjL9EqKAcaoJ_2uk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/X1l0tqyaRlt8z7eM7iTCMLfytNw.roa
Signing time: Mon 14 Mar 2022 09:18:14 +0000
ROA not before: Mon 14 Mar 2022 09:18:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41346
IP address blocks: 195.114.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 424416953 (0x194c16b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c7c4eab5c07948cbf44a8a01c6a827fdae9341
Validity
Not Before: Mar 14 09:18:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f5974b6ac9a465b7ccfb78cee24c230b7f2b4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e9:2c:2a:c5:e9:42:b1:ca:63:16:71:e2:bc:
53:3c:fd:30:ae:f4:fa:eb:6d:95:0d:a4:7f:7e:4d:
e3:48:d1:5a:84:a0:c8:ee:db:f3:81:3b:6b:8e:35:
bf:f2:2c:af:dd:24:38:5f:73:55:90:e5:d6:43:69:
69:bc:cd:76:b8:f0:f5:bd:99:67:5b:19:36:20:98:
c9:fc:3a:a3:43:7b:cb:60:6d:cd:c5:2d:84:73:d5:
f9:0d:df:32:9d:f7:08:ce:ec:ac:f9:7f:4e:aa:f1:
68:9a:53:be:eb:a4:5d:cf:85:fe:8d:91:50:2d:a3:
08:1c:2c:5a:15:57:fd:e9:e4:ca:2b:0a:4e:d5:02:
bd:f6:ca:7e:47:4e:19:54:2c:c8:18:f7:6c:70:71:
98:1f:14:54:ed:2c:b1:39:13:b2:52:58:b6:27:37:
83:34:2c:3c:38:c5:2b:24:a3:77:17:38:e3:52:a2:
af:85:5b:94:03:74:3a:5f:26:26:7f:8b:c0:88:c6:
85:09:e6:c9:6d:ba:92:bf:1c:67:4c:31:c5:ea:3d:
85:d5:7c:a9:6c:12:2b:62:b7:1c:f5:d1:e9:16:24:
59:83:bb:19:bc:ea:38:b8:9b:15:9b:21:31:11:41:
ce:97:5f:65:77:54:9d:b3:5f:c9:28:22:f2:12:4a:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:59:74:B6:AC:9A:46:5B:7C:CF:B7:8C:EE:24:C2:30:B7:F2:B4:DC
X509v3 Authority Key Identifier:
keyid:D4:C7:C4:EA:B5:C0:79:48:CB:F4:4A:8A:01:C6:A8:27:FD:AE:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MfE6rXAeUjL9EqKAcaoJ_2uk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/X1l0tqyaRlt8z7eM7iTCMLfytNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/1MfE6rXAeUjL9EqKAcaoJ_2uk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.28.0/23
Signature Algorithm: sha256WithRSAEncryption
49:2a:02:db:b7:b7:fb:2d:6a:b9:81:54:b8:ba:d3:38:04:d4:
f4:2d:c2:db:4a:98:3d:1b:2f:e8:97:7f:ea:0c:ce:ca:fc:b1:
0e:1e:79:02:44:0d:55:dd:65:b2:37:4a:aa:08:63:c2:ac:60:
ff:7e:0c:e8:e7:5f:c8:81:ef:f6:15:2e:cb:f9:40:78:00:8b:
a9:17:e0:bb:1d:a1:82:92:8e:5b:38:ec:e0:ee:dc:34:1b:cd:
e6:de:c7:3c:8b:66:8b:1f:8f:c9:28:83:5e:61:a4:7c:ab:b7:
75:b7:3f:c7:e6:78:49:f3:e9:2b:ed:45:11:15:a9:e7:02:a7:
5f:cf:31:81:ce:13:88:56:34:ca:4b:c3:f7:45:53:fc:04:49:
de:26:fb:bf:30:6e:8c:86:83:4e:d5:12:2d:4b:e0:db:ff:74:
2b:d0:9c:14:3e:73:25:7e:88:cb:ad:83:7e:f5:83:f9:12:29:
2a:48:89:24:a7:79:33:47:08:ba:64:8c:09:e8:64:61:0d:54:
d4:73:a2:0e:f1:63:23:26:3b:7b:62:89:36:2f:0d:ed:e4:22:
5b:62:a2:81:af:c1:b9:33:20:a9:db:c3:21:64:09:1a:dc:98:
4f:14:44:2f:1f:f9:9c:75:66:3f:98:a8:8e:95:1c:f1:74:95:
23:5f:c4:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGUwWuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGM3YzRlYWI1YzA3OTQ4Y2JmNDRhOGEwMWM2YTgyN2ZkYWU5MzQxMB4XDTIyMDMx
NDA5MTgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY1OTc0YjZhYzlh
NDY1YjdjY2ZiNzhjZWUyNGMyMzBiN2YyYjRkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnpLCrF6UKxymMWceK8Uzz9MK70+uttlQ2kf35N40jRWoSg
yO7b84E7a441v/Isr90kOF9zVZDl1kNpabzNdrjw9b2ZZ1sZNiCYyfw6o0N7y2Bt
zcUthHPV+Q3fMp33CM7srPl/TqrxaJpTvuukXc+F/o2RUC2jCBwsWhVX/enkyisK
TtUCvfbKfkdOGVQsyBj3bHBxmB8UVO0ssTkTslJYtic3gzQsPDjFKySjdxc441Ki
r4VblAN0Ol8mJn+LwIjGhQnmyW26kr8cZ0wxxeo9hdV8qWwSK2K3HPXR6RYkWYO7
GbzqOLibFZshMRFBzpdfZXdUnbNfySgi8hJKbfkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfWXS2rJpGW3zPt4zuJMIwt/K03DAfBgNVHSMEGDAWgBTUx8TqtcB5SMv0
SooBxqgn/a6TQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNZkU2clhBZVVqTDlFcUtBY2FvSl8ydWswRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNTg2M2VhLTQxOWEtNGMyOS04ZTNlLThkNTI1YTU2M2U2MS8x
L1gxbDB0cXlhUmx0OHo3ZU03aVRDTUxmeXROdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NTg2M2VhLTQxOWEtNGMyOS04ZTNlLThkNTI1YTU2M2U2MS8xLzFNZkU2clhBZVVq
TDlFcUtBY2FvSl8ydWswRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcNyHDANBgkqhkiG9w0BAQsFAAOC
AQEASSoC27e3+y1quYFUuLrTOATU9C3C20qYPRsv6Jd/6gzOyvyxDh55AkQNVd1l
sjdKqghjwqxg/34M6OdfyIHv9hUuy/lAeACLqRfgux2hgpKOWzjs4O7cNBvN5t7H
PItmix+PySiDXmGkfKu3dbc/x+Z4SfPpK+1FERWp5wKnX88xgc4TiFY0ykvD90VT
/ARJ3ib7vzBujIaDTtUSLUvg2/90K9CcFD5zJX6Iy62DfvWD+RIpKkiJJKd5M0cI
umSMCehkYQ1U1HOiDvFjIyY7e2KJNi8N7eQiW2Kiga/BuTMgqdvDIWQJGtyYTxRE
Lx/5nHVmP5iojpUc8XSVI1/Ehg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:06 2023 by rpki-client on console-fra.rpki-client.org