Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/SNEZNf0oN2zIVvD8eZe3F1MbjIU.roa
File: SNEZNf0oN2zIVvD8eZe3F1MbjIU.roa (raw, json)
Hash identifier: 26U5lEG4I/8B5F5nef4AY88F2y3hMSMSH7DqboTT/Z8=
Subject key identifier: 48:D1:19:35:FD:28:37:6C:C8:56:F0:FC:79:97:B7:17:53:1B:8C:85
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0184946BAF7F6DF6AF3890858FDB8AE779E6
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/SNEZNf0oN2zIVvD8eZe3F1MbjIU.roa
Signing time: Sun 20 Nov 2022 09:43:16 +0000
ROA not before: Sun 20 Nov 2022 09:43:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 194.15.152.0/24 maxlen: 24
194.15.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:94:6b:af:7f:6d:f6:af:38:90:85:8f:db:8a:e7:79:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 20 09:43:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48d11935fd28376cc856f0fc7997b717531b8c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b5:e5:6e:23:65:29:d4:95:c2:37:4c:4d:07:
d3:3b:e5:dd:6f:64:61:96:d7:f7:62:68:78:0c:15:
f0:0c:e8:ce:1e:65:ee:d9:7d:b8:8e:73:e3:8f:4c:
84:8a:9c:0b:37:a0:af:57:7b:79:fd:c9:cd:e7:24:
d2:3a:fe:5f:0b:bb:60:01:71:80:1c:99:75:e0:7f:
00:a3:93:08:51:db:d5:16:56:8b:ac:d8:08:ac:b5:
32:6d:98:1d:9e:bd:7d:9a:6d:22:13:06:30:19:bb:
60:5d:c3:26:77:88:b9:3d:bd:dd:f5:12:f1:e6:e8:
da:a2:4e:06:ab:48:43:a7:c2:81:06:ea:94:f5:22:
1d:16:94:ab:98:b4:9e:76:30:b8:b7:56:9e:d7:36:
e0:99:c8:f3:fa:91:15:c3:20:3e:0b:b1:9f:43:f4:
79:8b:74:b8:fb:8f:e8:e3:4b:65:0e:79:25:78:0e:
3d:bf:5c:15:73:4e:00:65:22:f4:7c:f1:ef:d4:87:
26:dc:0d:47:b5:6f:c0:45:79:d8:4d:9f:76:2f:80:
31:e7:74:bf:f9:e6:e8:97:5c:18:6e:6f:6d:6b:6e:
3d:7d:d0:b6:ce:3c:87:3d:ad:55:c4:54:38:df:4f:
3c:ca:14:61:3d:94:58:af:da:97:34:f5:ac:da:45:
09:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D1:19:35:FD:28:37:6C:C8:56:F0:FC:79:97:B7:17:53:1B:8C:85
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/SNEZNf0oN2zIVvD8eZe3F1MbjIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.152.0/24
194.15.155.0/24
Signature Algorithm: sha256WithRSAEncryption
32:23:4f:5b:40:dc:a8:eb:e7:82:7e:ea:3f:45:1a:83:d7:8b:
c0:da:0b:32:d0:7d:91:be:2c:b6:07:d3:39:c3:a4:62:fa:37:
95:3d:5e:51:c5:91:63:29:81:b8:d7:34:cd:80:d2:9b:6e:b7:
19:9d:c5:55:7f:54:b2:41:ce:2a:87:eb:f9:3f:a9:01:04:93:
c1:09:06:cc:3a:ac:69:4c:31:71:ec:2b:03:fe:55:6c:8e:fd:
9a:e7:69:0d:12:44:0a:7e:22:06:b4:b3:9d:96:ae:f0:d2:8e:
e1:7e:15:a4:04:35:e5:99:89:4c:b1:27:68:1e:7c:90:07:c3:
f4:7a:71:66:c4:75:f3:ba:95:5b:54:53:98:b8:35:dd:30:16:
0d:3a:1f:5b:96:0f:ba:b6:e6:12:8d:af:86:d1:6f:3b:77:1a:
02:e6:21:ad:f5:60:2b:be:2f:59:83:23:e5:d1:54:56:8e:ff:
3f:e1:76:34:ed:57:9f:8f:e2:78:42:e9:f1:e5:27:15:70:c9:
10:9f:9a:2e:13:40:a8:87:d4:27:27:5a:12:1f:18:ee:30:0f:
32:24:52:12:26:aa:12:04:3d:cc:cd:3e:dd:21:a9:a2:5d:36:
ae:e7:1c:dd:c1:c8:ed:8e:d2:a9:64:70:0b:e8:e4:1e:41:37:
27:9a:d6:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSUa69/bfavOJCFj9uK53nmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTIwMDk0MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQxMTkzNWZkMjgzNzZjYzg1NmYwZmM3OTk3YjcxNzUzMWI4Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrXlbiNlKdSVwjdMTQfTO+Xdb2Rh
ltf3Ymh4DBXwDOjOHmXu2X24jnPjj0yEipwLN6CvV3t5/cnN5yTSOv5fC7tgAXGA
HJl14H8Ao5MIUdvVFlaLrNgIrLUybZgdnr19mm0iEwYwGbtgXcMmd4i5Pb3d9RLx
5ujaok4Gq0hDp8KBBuqU9SIdFpSrmLSedjC4t1ae1zbgmcjz+pEVwyA+C7GfQ/R5
i3S4+4/o40tlDnkleA49v1wVc04AZSL0fPHv1Icm3A1HtW/ARXnYTZ92L4Ax53S/
+ebol1wYbm9ta249fdC2zjyHPa1VxFQ43088yhRhPZRYr9qXNPWs2kUJSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEjRGTX9KDdsyFbw/HmXtxdTG4yFMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvU05FWk5mMG9OMnpJVnZEOGVaZTNGMU1iaklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwg+YAwQA
wg+bMA0GCSqGSIb3DQEBCwUAA4IBAQAyI09bQNyo6+eCfuo/RRqD14vA2gsy0H2R
viy2B9M5w6Ri+jeVPV5RxZFjKYG41zTNgNKbbrcZncVVf1SyQc4qh+v5P6kBBJPB
CQbMOqxpTDFx7CsD/lVsjv2a52kNEkQKfiIGtLOdlq7w0o7hfhWkBDXlmYlMsSdo
HnyQB8P0enFmxHXzupVbVFOYuDXdMBYNOh9blg+6tuYSja+G0W87dxoC5iGt9WAr
vi9ZgyPl0VRWjv8/4XY07Vefj+J4Qunx5ScVcMkQn5ouE0Coh9QnJ1oSHxjuMA8y
JFISJqoSBD3MzT7dIamiXTau5xzdwcjtjtKpZHAL6OQeQTcnmtZ/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:13 2023 by rpki-client on console-fra.rpki-client.org