Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/CDNl0wHbGJBfikrCjEvWYt7zn58.roa
File: CDNl0wHbGJBfikrCjEvWYt7zn58.roa (raw, json)
Hash identifier: dFe8uF5jc0k3UQqf+9dpbosmyRs0z2nHjk0K/yzd0n0=
Subject key identifier: 08:33:65:D3:01:DB:18:90:5F:8A:4A:C2:8C:4B:D6:62:DE:F3:9F:9F
Certificate issuer: /CN=a93f3231c787f71dd2484ee002da73a7175bd249
Certificate serial: 03EE949D
Authority key identifier: A9:3F:32:31:C7:87:F7:1D:D2:48:4E:E0:02:DA:73:A7:17:5B:D2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qT8yMceH9x3SSE7gAtpzpxdb0kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/CDNl0wHbGJBfikrCjEvWYt7zn58.roa
Signing time: Sat 01 Jan 2022 12:02:24 +0000
ROA not before: Sat 01 Jan 2022 12:02:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209620
IP address blocks: 78.31.196.0/22 maxlen: 24
2a06:6880::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65967261 (0x3ee949d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a93f3231c787f71dd2484ee002da73a7175bd249
Validity
Not Before: Jan 1 12:02:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=083365d301db18905f8a4ac28c4bd662def39f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:db:1c:2b:a3:d9:4f:cb:97:fa:4e:26:c6:ab:
9c:d1:c7:95:24:01:c7:17:02:4f:ee:8f:c3:91:c5:
34:28:2d:89:8a:60:da:b7:f4:21:4e:59:7d:39:63:
a0:b0:8b:a5:e1:42:a4:78:12:d4:6d:ba:15:aa:a4:
6a:af:3c:3c:78:79:5d:d0:74:4c:6f:1a:ec:11:77:
5d:04:ce:4f:48:af:63:bd:fe:27:44:ed:69:01:29:
9a:ae:af:55:7a:96:bc:1c:7a:a3:79:e8:e2:be:d1:
a8:6c:bd:38:6c:e4:c6:41:9d:a9:87:e3:ef:f7:79:
48:cd:2a:ec:68:f5:32:1e:e4:40:4e:34:b7:07:a8:
5e:27:5e:0c:24:12:be:3c:1b:75:9b:a8:80:99:3e:
fc:8e:39:f1:f6:38:72:f0:2d:93:59:d5:78:36:4b:
79:14:b5:6c:d0:e5:6a:b1:5a:67:6b:7f:3f:73:87:
84:92:ec:d7:77:fb:c8:d1:85:06:c4:95:1c:66:0d:
13:8f:e6:a3:22:43:fa:b3:15:1f:e2:94:cd:bc:d3:
74:83:11:91:1c:d5:89:55:d8:75:db:ad:71:a5:fc:
f6:0d:ef:e9:df:5f:f3:4d:69:8b:0e:fb:b9:58:8e:
c5:3d:ea:ee:52:45:84:dc:a9:4b:d7:e0:cb:d0:c2:
12:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:33:65:D3:01:DB:18:90:5F:8A:4A:C2:8C:4B:D6:62:DE:F3:9F:9F
X509v3 Authority Key Identifier:
keyid:A9:3F:32:31:C7:87:F7:1D:D2:48:4E:E0:02:DA:73:A7:17:5B:D2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qT8yMceH9x3SSE7gAtpzpxdb0kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/CDNl0wHbGJBfikrCjEvWYt7zn58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/qT8yMceH9x3SSE7gAtpzpxdb0kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.196.0/22
IPv6:
2a06:6880::/29
Signature Algorithm: sha256WithRSAEncryption
92:4f:22:20:c1:6d:6e:72:a1:a0:fe:1f:5e:8f:22:da:a3:e1:
5a:2c:1d:2b:1d:d5:86:80:8e:06:5f:e6:d9:4a:b9:ed:c6:39:
eb:7a:95:ec:b5:4c:24:c0:32:4f:81:28:f9:b1:1d:1b:cc:4f:
c0:5a:c9:30:ad:d3:aa:61:ac:34:ad:6a:7e:5d:30:09:ad:c7:
4c:46:21:d1:10:d5:ac:fa:d8:39:7c:de:78:49:0a:c9:a3:7d:
b3:41:61:d4:2f:b6:19:9a:26:3d:bf:37:7d:1c:6d:2e:0c:c3:
54:0c:08:83:9d:4d:13:d0:24:9c:b9:b2:95:e9:29:73:fe:36:
70:92:ef:6c:4c:be:d8:e2:2b:34:aa:39:33:bc:e1:3d:d6:d1:
e8:09:27:02:be:d4:41:bc:90:f9:ee:6d:92:d9:85:05:39:94:
98:83:f2:32:e1:b3:49:f7:e4:e2:fd:65:e0:ea:3b:cf:19:9a:
3b:db:0f:f7:1d:91:21:9e:c7:a7:b4:78:cc:22:fa:e5:6f:1e:
c3:f4:ce:48:81:ab:72:82:6e:74:e0:36:44:19:22:71:73:10:
66:4e:90:4b:9a:bf:d0:96:03:66:ff:5d:2e:96:1f:a6:9f:45:
be:5d:8b:3a:01:5c:3a:91:31:ad:e4:29:ab:ce:41:04:9c:48:
78:b3:86:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA+6UnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OTNmMzIzMWM3ODdmNzFkZDI0ODRlZTAwMmRhNzNhNzE3NWJkMjQ5MB4XDTIyMDEw
MTEyMDIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgzMzY1ZDMwMWRi
MTg5MDVmOGE0YWMyOGM0YmQ2NjJkZWYzOWY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7bHCuj2U/Ll/pOJsarnNHHlSQBxxcCT+6Pw5HFNCgtiYpg
2rf0IU5ZfTljoLCLpeFCpHgS1G26Faqkaq88PHh5XdB0TG8a7BF3XQTOT0ivY73+
J0TtaQEpmq6vVXqWvBx6o3no4r7RqGy9OGzkxkGdqYfj7/d5SM0q7Gj1Mh7kQE40
tweoXideDCQSvjwbdZuogJk+/I458fY4cvAtk1nVeDZLeRS1bNDlarFaZ2t/P3OH
hJLs13f7yNGFBsSVHGYNE4/moyJD+rMVH+KUzbzTdIMRkRzViVXYddutcaX89g3v
6d9f801piw77uViOxT3q7lJFhNypS9fgy9DCErUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQIM2XTAdsYkF+KSsKMS9Zi3vOfnzAfBgNVHSMEGDAWgBSpPzIxx4f3HdJI
TuAC2nOnF1vSSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FUOHlNY2VIOXgzU1NFN2dBdHB6cHhkYjBray5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNGRjNzk1LTg5NTYtNDQwOC1hNWNjLWI1NGJjYWUxN2Q0MC8x
L0NETmwwd0hiR0pCZmlrckNqRXZXWXQ3em41OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NGRjNzk1LTg5NTYtNDQwOC1hNWNjLWI1NGJjYWUxN2Q0MC8xL3FUOHlNY2VIOXgz
U1NFN2dBdHB6cHhkYjBray5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAk4fxDANBAIAAjAHAwUDKgZogDAN
BgkqhkiG9w0BAQsFAAOCAQEAkk8iIMFtbnKhoP4fXo8i2qPhWiwdKx3VhoCOBl/m
2Uq57cY563qV7LVMJMAyT4Eo+bEdG8xPwFrJMK3TqmGsNK1qfl0wCa3HTEYh0RDV
rPrYOXzeeEkKyaN9s0Fh1C+2GZomPb83fRxtLgzDVAwIg51NE9AknLmylekpc/42
cJLvbEy+2OIrNKo5M7zhPdbR6AknAr7UQbyQ+e5tktmFBTmUmIPyMuGzSffk4v1l
4Oo7zxmaO9sP9x2RIZ7Hp7R4zCL65W8ew/TOSIGrcoJudOA2RBkicXMQZk6QS5q/
0JYDZv9dLpYfpp9Fvl2LOgFcOpExreQpq85BBJxIeLOG7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:11 2024 by rpki-client on console-fra.rpki-client.org