Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/2znNHxIsChSCls4ae3czmrrlwmU.roa
File: 2znNHxIsChSCls4ae3czmrrlwmU.roa (raw, json)
Hash identifier: etLA9TQEDGTP1Xj+hJwc4N2L6z7xvAGgKzCiexJSscI=
Subject key identifier: DB:39:CD:1F:12:2C:0A:14:82:96:CE:1A:7B:77:33:9A:BA:E5:C2:65
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01840DBCF15A8108F32CDEDD9E514800840A
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/2znNHxIsChSCls4ae3czmrrlwmU.roa
Signing time: Tue 25 Oct 2022 06:03:17 +0000
ROA not before: Tue 25 Oct 2022 06:03:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60503
IP address blocks: 194.15.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:bc:f1:5a:81:08:f3:2c:de:dd:9e:51:48:00:84:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Oct 25 06:03:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db39cd1f122c0a148296ce1a7b77339abae5c265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3f:39:12:1b:69:4f:ae:23:54:bd:3f:7e:51:
49:55:eb:4a:94:51:cd:d2:55:0b:e7:1f:53:eb:e5:
5a:e7:70:6b:5b:4f:9b:19:dc:e2:b5:a8:90:6e:94:
54:0d:13:2e:22:ff:9a:58:1d:78:76:14:b5:28:15:
06:d5:e0:28:c3:6a:8d:29:8d:6d:06:b0:09:71:71:
95:f5:c8:32:ba:c3:ef:72:f3:0e:a0:bf:1c:32:05:
4d:db:13:2e:8c:1b:38:00:8b:04:26:43:d4:a3:a7:
32:fa:61:e8:95:98:42:90:7d:cb:5b:99:80:2d:3a:
ec:b5:52:8e:14:80:fa:13:2a:1c:35:33:99:d6:b1:
48:73:a4:ff:57:0f:44:88:b0:85:6c:d7:cc:b7:50:
65:44:da:97:83:e1:9b:2d:c8:9f:96:31:cf:ce:90:
41:87:2f:6c:a1:07:09:77:84:95:31:49:f6:61:bd:
cd:e1:aa:52:34:26:20:ef:04:f9:99:56:41:b3:da:
e1:ba:90:b5:08:94:09:77:4a:3b:72:a1:dc:55:e5:
66:08:2d:ff:f2:9f:e3:90:72:f6:44:1f:8c:6b:33:
b8:70:a9:58:95:f3:47:4a:80:42:d4:a6:63:1a:65:
f0:7b:15:8e:ae:65:b1:e2:7b:1a:c8:a2:bb:23:c9:
aa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:39:CD:1F:12:2C:0A:14:82:96:CE:1A:7B:77:33:9A:BA:E5:C2:65
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/2znNHxIsChSCls4ae3czmrrlwmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.154.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:31:05:c2:4b:15:7e:db:ff:eb:83:07:dd:5d:b8:0d:4f:12:
3e:b9:a2:6e:f2:c6:70:7d:38:83:90:1f:48:c5:a3:4b:f9:fd:
25:f9:76:00:00:2c:9f:9b:4d:a7:0f:01:ab:4b:70:f4:74:de:
45:70:09:df:a9:9c:86:2b:1e:3d:93:ce:e6:e6:e5:2a:e3:a9:
6b:37:86:4c:1c:cb:f3:6d:e1:be:2e:6a:de:e6:96:d0:f6:f0:
e6:d7:03:89:00:03:4a:56:13:e4:9f:b7:91:62:c2:e4:77:5a:
4e:44:4e:94:eb:dd:89:8e:22:29:66:10:cd:07:95:09:10:33:
75:75:0c:3f:d9:ff:7c:6f:56:b5:49:91:7d:94:47:bd:c1:23:
50:07:fe:91:61:81:42:eb:c3:b9:d4:bb:33:29:5b:70:bb:12:
b5:4d:c0:b8:39:10:18:da:24:d0:1c:05:99:9a:be:d7:99:64:
a5:37:6e:8e:8a:e8:39:21:cd:24:c4:aa:3f:b6:1f:90:55:13:
9a:28:87:2e:23:dd:5f:7e:db:c9:93:0a:2b:ba:6c:a5:54:01:
4f:5d:47:5f:1b:a0:54:6e:59:24:51:2b:97:ec:62:93:9f:d8:
d4:46:34:d5:93:65:1e:3e:54:04:38:3e:08:c7:97:42:a4:46:
5f:f4:18:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQNvPFagQjzLN7dnlFIAIQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMDI1MDYwMzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM5Y2QxZjEyMmMwYTE0ODI5NmNlMWE3Yjc3MzM5YWJhZTVjMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT85EhtpT64jVL0/flFJVetKlFHN
0lUL5x9T6+Va53BrW0+bGdzitaiQbpRUDRMuIv+aWB14dhS1KBUG1eAow2qNKY1t
BrAJcXGV9cgyusPvcvMOoL8cMgVN2xMujBs4AIsEJkPUo6cy+mHolZhCkH3LW5mA
LTrstVKOFID6EyocNTOZ1rFIc6T/Vw9EiLCFbNfMt1BlRNqXg+GbLcifljHPzpBB
hy9soQcJd4SVMUn2Yb3N4apSNCYg7wT5mVZBs9rhupC1CJQJd0o7cqHcVeVmCC3/
8p/jkHL2RB+MazO4cKlYlfNHSoBC1KZjGmXwexWOrmWx4nsayKK7I8mqtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNs5zR8SLAoUgpbOGnt3M5q65cJlMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvMnpuTkh4SXNDaFNDbHM0YWUzY3ptcnJsd21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg+aMA0G
CSqGSIb3DQEBCwUAA4IBAQCKMQXCSxV+2//rgwfdXbgNTxI+uaJu8sZwfTiDkB9I
xaNL+f0l+XYAACyfm02nDwGrS3D0dN5FcAnfqZyGKx49k87m5uUq46lrN4ZMHMvz
beG+Lmre5pbQ9vDm1wOJAANKVhPkn7eRYsLkd1pORE6U692JjiIpZhDNB5UJEDN1
dQw/2f98b1a1SZF9lEe9wSNQB/6RYYFC68O51LszKVtwuxK1TcC4ORAY2iTQHAWZ
mr7XmWSlN26Oiug5Ic0kxKo/th+QVROaKIcuI91fftvJkworumylVAFPXUdfG6BU
blkkUSuX7GKTn9jURjTVk2UePlQEOD4Ix5dCpEZf9BjG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:54 2023 by rpki-client on console-ams.rpki-client.org