Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0aDrMIbYzNyLeUNjNTAucGRz09w.roa
File: 0aDrMIbYzNyLeUNjNTAucGRz09w.roa (raw, json)
Hash identifier: 3v7qgQMeu6bWqKAInkDv/pIssSGdssL7dtJAzYTgCvg=
Subject key identifier: D1:A0:EB:30:86:D8:CC:DC:8B:79:43:63:35:30:2E:70:64:73:D3:DC
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 37091DC9
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0aDrMIbYzNyLeUNjNTAucGRz09w.roa
Signing time: Sat 01 Jan 2022 11:00:23 +0000
ROA not before: Sat 01 Jan 2022 11:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204846
IP address blocks: 188.130.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923344329 (0x37091dc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 1 11:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1a0eb3086d8ccdc8b79436335302e706473d3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:50:ac:53:41:fe:32:86:42:3c:7f:9b:4a:2f:
25:94:6c:42:fe:29:f0:08:56:22:db:e0:c9:12:3f:
0f:2c:8e:1b:e8:07:cc:ca:4a:2e:66:da:50:04:64:
8d:2d:81:1a:b7:da:f5:02:eb:eb:5a:f3:1f:5f:07:
40:72:45:c4:d1:53:21:cd:ea:b9:64:d2:60:94:67:
54:eb:a4:df:77:81:87:b0:97:e8:27:f1:00:7d:d2:
2e:27:36:d3:c9:41:8a:45:0d:29:bb:c6:25:40:30:
22:a1:32:dc:92:bc:b8:6f:00:fc:f7:51:60:69:77:
aa:31:d7:c2:31:28:3a:24:05:91:c2:a5:82:51:cc:
45:91:f1:f7:d5:26:eb:3b:00:4c:7c:60:90:26:00:
6a:c0:36:cc:9a:b5:b1:e8:92:a8:d9:1d:84:ae:d4:
b0:4a:93:74:be:12:aa:7f:9a:c0:36:01:40:83:c2:
95:5f:28:c7:4d:00:67:2c:3a:0a:88:93:17:1a:cc:
a5:fa:4f:8a:f6:e1:75:be:a8:22:ed:01:17:29:92:
83:62:1f:76:f3:7f:a8:cf:90:be:16:34:2d:7e:e9:
97:fe:1d:36:91:0d:21:a8:5e:fd:9b:d4:3a:15:5c:
c3:a0:de:cc:89:d4:5d:31:f9:88:b3:38:00:ae:b9:
51:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A0:EB:30:86:D8:CC:DC:8B:79:43:63:35:30:2E:70:64:73:D3:DC
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0aDrMIbYzNyLeUNjNTAucGRz09w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.153.0/24
Signature Algorithm: sha256WithRSAEncryption
75:16:e8:93:a3:94:b8:9e:ec:75:40:e6:68:a0:31:1f:7b:dc:
31:c5:dd:f5:61:c5:c7:e1:42:d7:be:c0:b6:b0:92:53:17:2d:
ba:92:dd:96:78:78:14:6c:6b:07:a6:e5:8c:5d:c0:83:d8:34:
ed:83:d5:9c:19:b5:74:71:0d:df:cf:99:71:23:f5:bb:cb:21:
4d:88:81:9e:c9:ef:83:2e:62:3a:12:f6:56:90:d3:90:59:53:
f3:b9:e0:9e:c9:55:95:6e:79:01:f2:2d:bb:7a:5a:64:16:b5:
be:29:43:d7:e6:d5:15:4c:02:f4:84:a7:59:3a:d8:79:c3:68:
84:da:52:cb:d5:7a:f6:54:32:b1:73:41:bd:a4:0d:72:5e:1d:
02:11:bf:53:c2:81:4d:76:a4:93:e9:e2:29:28:28:e6:e4:ff:
d3:27:4f:39:49:7b:53:a5:14:9f:37:a2:f8:9f:ac:85:54:e0:
c7:e0:dc:11:fd:c3:66:be:64:07:5b:40:5d:98:0f:6e:f1:96:
80:56:4b:f5:af:d7:81:a1:d6:f8:93:8e:5f:c8:d1:31:d4:20:
5c:fc:6b:9a:2f:fd:a0:26:c0:00:fc:6a:18:30:ff:48:23:48:
a1:99:4a:db:af:54:5d:3e:a8:89:8c:39:58:f4:4f:fa:18:53:
b9:90:a2:ed
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENwkdyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODViODU3NzA2ZGFjNTRlMjBjYTBkMTFiZDY0MTZjYjYzNDIwM2I0MB4XDTIyMDEw
MTExMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFhMGViMzA4NmQ4
Y2NkYzhiNzk0MzYzMzUzMDJlNzA2NDczZDNkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtQrFNB/jKGQjx/m0ovJZRsQv4p8AhWItvgyRI/DyyOG+gH
zMpKLmbaUARkjS2BGrfa9QLr61rzH18HQHJFxNFTIc3quWTSYJRnVOuk33eBh7CX
6CfxAH3SLic208lBikUNKbvGJUAwIqEy3JK8uG8A/PdRYGl3qjHXwjEoOiQFkcKl
glHMRZHx99Um6zsATHxgkCYAasA2zJq1seiSqNkdhK7UsEqTdL4Sqn+awDYBQIPC
lV8ox00AZyw6CoiTFxrMpfpPivbhdb6oIu0BFymSg2IfdvN/qM+QvhY0LX7pl/4d
NpENIahe/ZvUOhVcw6DezInUXTH5iLM4AK65UQcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRoOswhtjM3It5Q2M1MC5wZHPT3DAfBgNVHSMEGDAWgBSIW4V3BtrFTiDK
DRG9ZBbLY0IDtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8x
LzBhRHJNSWJZek55TGVVTmpOVEF1Y0dSejA5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8xL2lGdUZkd2JheFU0
Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALyCmTANBgkqhkiG9w0BAQsFAAOC
AQEAdRbok6OUuJ7sdUDmaKAxH3vcMcXd9WHFx+FC177AtrCSUxctupLdlnh4FGxr
B6bljF3Ag9g07YPVnBm1dHEN38+ZcSP1u8shTYiBnsnvgy5iOhL2VpDTkFlT87ng
nslVlW55AfItu3paZBa1vilD1+bVFUwC9ISnWTrYecNohNpSy9V69lQysXNBvaQN
cl4dAhG/U8KBTXakk+niKSgo5uT/0ydPOUl7U6UUnzei+J+shVTgx+DcEf3DZr5k
B1tAXZgPbvGWgFZL9a/XgaHW+JOOX8jRMdQgXPxrmi/9oCbAAPxqGDD/SCNIoZlK
269UXT6oiYw5WPRP+hhTuZCi7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org