Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/bR0VtyS6M3enOfF2WlQbU1X0uiw.roa
File: bR0VtyS6M3enOfF2WlQbU1X0uiw.roa (raw, json)
Hash identifier: cxbwJEPl/1hkWFGc28FEk8Q4VcpOLcKoTkYfjOZvnqk=
Subject key identifier: 6D:1D:15:B7:24:BA:33:77:A7:39:F1:76:5A:54:1B:53:55:F4:BA:2C
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AB79429
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/bR0VtyS6M3enOfF2WlQbU1X0uiw.roa
Signing time: Sat 01 Jan 2022 16:03:08 +0000
ROA not before: Sat 01 Jan 2022 16:03:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52117
IP address blocks: 195.33.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448238633 (0x1ab79429)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d1d15b724ba3377a739f1765a541b5355f4ba2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:26:6f:4b:a8:0a:37:76:21:49:a5:1e:f9:f3:
55:7f:8d:06:23:3d:01:15:2a:6a:a1:6f:0c:35:8e:
48:f9:dc:13:e2:53:f1:1f:d8:22:18:97:06:8f:4c:
ff:03:64:93:74:3b:64:cf:06:c9:3e:9e:54:de:22:
18:db:33:99:af:1f:16:a0:2a:82:db:75:ff:e3:7a:
e8:57:57:f8:02:1c:2e:01:70:69:e1:22:63:17:79:
c3:0a:83:67:0d:86:68:f7:07:e1:49:fc:55:2c:a6:
f2:96:99:a6:08:9d:04:4b:28:d8:53:f4:7a:1c:24:
1b:ff:b0:dd:a3:ce:11:6f:a4:ca:e2:3e:57:5a:6a:
21:f0:de:40:fb:6d:45:16:22:a8:20:0d:82:06:c0:
70:a3:09:1b:19:23:58:39:86:db:e7:40:31:98:da:
ea:b2:59:bf:5e:6b:48:39:f1:d0:71:af:c8:f0:dd:
21:29:05:63:ea:4f:64:35:f5:4a:ce:8e:40:e3:20:
b2:12:d9:1e:50:33:83:b6:d3:03:47:d2:00:68:e9:
7a:60:d8:9c:6a:bb:93:55:3b:4d:e3:62:09:e0:64:
9e:1a:1e:0c:8e:02:73:71:8d:ec:1c:b8:5d:9f:d5:
67:5f:47:f7:99:ae:66:4f:25:f5:fe:5b:e2:c5:02:
0c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1D:15:B7:24:BA:33:77:A7:39:F1:76:5A:54:1B:53:55:F4:BA:2C
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/bR0VtyS6M3enOfF2WlQbU1X0uiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.33.239.0/24
Signature Algorithm: sha256WithRSAEncryption
79:0d:57:06:1e:27:27:35:df:45:89:da:68:be:42:ac:72:b4:
6f:a8:52:4a:2e:14:12:07:37:c7:2a:92:2d:1e:1e:95:97:30:
e8:6a:db:f5:25:f9:ab:67:3f:5f:4c:30:fc:f7:8c:c6:6f:c7:
d7:68:80:5f:31:48:77:79:02:13:ec:7a:44:ec:10:ef:c1:9c:
1c:9a:39:20:86:0d:6a:26:ef:fc:84:00:76:e6:27:df:b9:a8:
32:f2:3e:61:83:b6:13:47:3b:4c:03:99:df:af:59:ec:10:10:
7b:e2:37:47:36:df:82:df:41:4d:b1:1e:de:c5:68:43:18:ec:
ab:c0:8c:5f:f6:5a:b4:87:c5:49:87:9b:10:bb:52:5e:97:c4:
d5:0f:c6:b1:39:a8:01:bf:78:48:43:40:a6:2a:99:cc:fa:ac:
e1:5b:23:b5:c0:82:4d:1a:fd:bf:e9:74:a1:8a:3e:d8:d5:10:
ed:5b:9f:8f:d0:ed:64:21:d3:e6:e5:0b:42:11:05:42:41:72:
34:d0:74:29:8f:49:9a:35:c7:de:e3:8a:df:94:73:42:9c:49:
a5:28:79:ab:12:15:79:8c:a9:df:05:a0:b3:7e:46:41:23:53:
92:11:a2:60:b9:f4:b4:1d:ea:29:b7:f7:71:0c:34:f7:6e:ee:
e3:33:5a:58
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGreUKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQxZDE1YjcyNGJh
MzM3N2E3MzlmMTc2NWE1NDFiNTM1NWY0YmEyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAmb0uoCjd2IUmlHvnzVX+NBiM9ARUqaqFvDDWOSPncE+JT
8R/YIhiXBo9M/wNkk3Q7ZM8GyT6eVN4iGNszma8fFqAqgtt1/+N66FdX+AIcLgFw
aeEiYxd5wwqDZw2GaPcH4Un8VSym8paZpgidBEso2FP0ehwkG/+w3aPOEW+kyuI+
V1pqIfDeQPttRRYiqCANggbAcKMJGxkjWDmG2+dAMZja6rJZv15rSDnx0HGvyPDd
ISkFY+pPZDX1Ss6OQOMgshLZHlAzg7bTA0fSAGjpemDYnGq7k1U7TeNiCeBknhoe
DI4Cc3GN7By4XZ/VZ19H95muZk8l9f5b4sUCDHcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtHRW3JLozd6c58XZaVBtTVfS6LDAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L2JSMFZ0eVM2TTNlbk9mRjJXbFFiVTFYMHVpdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMh7zANBgkqhkiG9w0BAQsFAAOC
AQEAeQ1XBh4nJzXfRYnaaL5CrHK0b6hSSi4UEgc3xyqSLR4elZcw6Grb9SX5q2c/
X0ww/PeMxm/H12iAXzFId3kCE+x6ROwQ78GcHJo5IIYNaibv/IQAduYn37moMvI+
YYO2E0c7TAOZ369Z7BAQe+I3Rzbfgt9BTbEe3sVoQxjsq8CMX/ZatIfFSYebELtS
XpfE1Q/GsTmoAb94SENApiqZzPqs4VsjtcCCTRr9v+l0oYo+2NUQ7Vufj9DtZCHT
5uULQhEFQkFyNNB0KY9JmjXH3uOK35RzQpxJpSh5qxIVeYyp3wWgs35GQSNTkhGi
YLn0tB3qKbf3cQw0927u4zNaWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org