Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/41b82b-cde0-4af6-952c-7e0c7d352671/1/gNUr28Zc1-nnDudJr7Q2vg46VqI.roa
File: gNUr28Zc1-nnDudJr7Q2vg46VqI.roa (raw, json)
Hash identifier: TwWKRYGgAjuezaU0Aoqs+3L/WTkzK3rEGKhw2k79t18=
Subject key identifier: 80:D5:2B:DB:C6:5C:D7:E9:E7:0E:E7:49:AF:B4:36:BE:0E:3A:56:A2
Certificate issuer: /CN=dec756af77dafebca10684d68556baacd7173617
Certificate serial: 01837A34EC9A03B372A6B4A3916C550EEBAB
Authority key identifier: DE:C7:56:AF:77:DA:FE:BC:A1:06:84:D6:85:56:BA:AC:D7:17:36:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3sdWr3fa_ryhBoTWhVa6rNcXNhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/41b82b-cde0-4af6-952c-7e0c7d352671/1/gNUr28Zc1-nnDudJr7Q2vg46VqI.roa
Signing time: Mon 26 Sep 2022 14:30:32 +0000
ROA not before: Mon 26 Sep 2022 14:30:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39732
IP address blocks: 195.60.72.0/23 maxlen: 23
2001:67c:20f4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:34:ec:9a:03:b3:72:a6:b4:a3:91:6c:55:0e:eb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dec756af77dafebca10684d68556baacd7173617
Validity
Not Before: Sep 26 14:30:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80d52bdbc65cd7e9e70ee749afb436be0e3a56a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9c:9c:61:05:8d:ef:66:c6:d6:f6:52:60:a8:
36:f6:d7:4d:e4:84:46:57:dc:1e:26:5d:b3:f6:e0:
e2:47:df:ef:86:b0:37:28:c9:62:2f:8c:ea:74:45:
32:2b:ad:be:cd:45:29:d2:a8:17:0e:9e:af:53:83:
0c:a3:a8:7d:5c:0c:8e:46:2e:6f:d3:84:cc:7b:97:
62:ec:8e:9e:2d:b7:10:d7:d4:ca:48:eb:63:69:36:
22:9e:37:b9:63:8c:44:e5:fa:1f:f9:3b:ae:60:2a:
e7:58:3c:d1:29:39:49:53:a9:91:be:6a:6e:28:66:
d0:a3:80:47:b3:a4:3c:7f:ce:f7:c0:30:d7:07:2f:
e7:40:a3:60:1a:c1:47:66:55:0f:e3:f7:38:75:19:
9d:2a:2c:dd:f2:c1:55:b0:57:49:ec:22:9a:95:65:
ac:f5:cb:10:cd:72:d0:3b:04:34:4b:30:58:a5:ad:
8b:5a:2a:8a:f4:ac:5b:13:41:ff:a8:27:30:c9:b9:
e8:fb:18:05:33:36:d1:8d:11:5d:76:61:b6:1b:9b:
06:e3:f1:a4:a1:b1:f6:b2:fc:07:ca:d2:0a:9e:40:
8e:f4:81:ff:53:55:49:6b:e1:12:5e:0f:17:be:dd:
4b:5a:db:87:3c:b3:31:37:4f:ed:b0:95:1d:4d:d1:
04:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D5:2B:DB:C6:5C:D7:E9:E7:0E:E7:49:AF:B4:36:BE:0E:3A:56:A2
X509v3 Authority Key Identifier:
keyid:DE:C7:56:AF:77:DA:FE:BC:A1:06:84:D6:85:56:BA:AC:D7:17:36:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3sdWr3fa_ryhBoTWhVa6rNcXNhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/41b82b-cde0-4af6-952c-7e0c7d352671/1/gNUr28Zc1-nnDudJr7Q2vg46VqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/41b82b-cde0-4af6-952c-7e0c7d352671/1/3sdWr3fa_ryhBoTWhVa6rNcXNhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.72.0/23
IPv6:
2001:67c:20f4::/48
Signature Algorithm: sha256WithRSAEncryption
18:37:3f:64:37:c2:cc:21:1c:1e:d9:ad:10:2e:d2:a1:c1:a2:
e9:5f:4b:87:26:e5:aa:a0:b7:b9:17:c2:03:e0:03:a2:7a:8f:
74:03:41:a0:5d:45:6b:57:d1:5e:bf:e6:a0:1c:dd:ef:38:eb:
fc:a0:bd:85:a7:0c:42:0d:5f:4c:05:38:17:a3:da:69:b2:3d:
ca:3a:4e:cc:8a:23:c7:bd:e6:a3:5a:9e:2c:c0:66:fc:a0:af:
f5:27:2c:27:25:c3:40:7b:b6:c4:46:d8:76:97:f9:56:f1:11:
c2:2c:03:57:9b:d6:55:64:2e:03:be:4e:93:dc:42:6f:5a:ab:
29:6d:48:1a:04:ff:c0:e3:84:c5:c8:c0:c3:43:70:dd:28:5a:
7c:e6:98:d7:ec:af:be:94:6c:8b:b0:fb:a6:94:08:1e:35:a3:
90:5c:0f:7f:7d:82:33:1b:cc:a1:d3:04:6f:d6:ed:15:25:16:
9d:3b:1e:56:a1:30:c6:a7:d4:fc:cc:2a:74:03:17:f7:98:35:
d3:df:45:f7:6d:20:30:40:4d:f0:79:13:09:9f:6d:e6:c5:9e:
96:be:39:fc:44:96:a2:1a:76:4c:8e:f9:72:84:84:73:66:bd:
c3:c4:bc:87:de:fb:95:8d:5a:54:41:9a:ca:0f:54:47:8e:2e:
34:76:4a:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYN6NOyaA7NyprSjkWxVDuurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYzc1NmFmNzdkYWZlYmNhMTA2ODRkNjg1NTZiYWFjZDcx
NzM2MTcwHhcNMjIwOTI2MTQzMDMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ1MmJkYmM2NWNkN2U5ZTcwZWU3NDlhZmI0MzZiZTBlM2E1NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJycYQWN72bG1vZSYKg29tdN5IRG
V9weJl2z9uDiR9/vhrA3KMliL4zqdEUyK62+zUUp0qgXDp6vU4MMo6h9XAyORi5v
04TMe5di7I6eLbcQ19TKSOtjaTYinje5Y4xE5fof+TuuYCrnWDzRKTlJU6mRvmpu
KGbQo4BHs6Q8f873wDDXBy/nQKNgGsFHZlUP4/c4dRmdKizd8sFVsFdJ7CKalWWs
9csQzXLQOwQ0SzBYpa2LWiqK9KxbE0H/qCcwybno+xgFMzbRjRFddmG2G5sG4/Gk
obH2svwHytIKnkCO9IH/U1VJa+ESXg8Xvt1LWtuHPLMxN0/tsJUdTdEEmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIDVK9vGXNfp5w7nSa+0Nr4OOlaiMB8GA1UdIwQY
MBaAFN7HVq932v68oQaE1oVWuqzXFzYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3NkV3IzZmFfcnloQm9UV2hWYTZyTmNYTmhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS80MWI4MmItY2RlMC00YWY2LTk1MmMt
N2UwYzdkMzUyNjcxLzEvZ05VcjI4WmMxLW5uRHVkSnI3UTJ2ZzQ2VnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS80MWI4MmItY2RlMC00YWY2LTk1MmMtN2UwYzdkMzUyNjcx
LzEvM3NkV3IzZmFfcnloQm9UV2hWYTZyTmNYTmhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwzxIMA8E
AgACMAkDBwAgAQZ8IPQwDQYJKoZIhvcNAQELBQADggEBABg3P2Q3wswhHB7ZrRAu
0qHBoulfS4cm5aqgt7kXwgPgA6J6j3QDQaBdRWtX0V6/5qAc3e846/ygvYWnDEIN
X0wFOBej2mmyPco6TsyKI8e95qNanizAZvygr/UnLCclw0B7tsRG2HaX+VbxEcIs
A1eb1lVkLgO+TpPcQm9aqyltSBoE/8DjhMXIwMNDcN0oWnzmmNfsr76UbIuw+6aU
CB41o5BcD399gjMbzKHTBG/W7RUlFp07HlahMMan1PzMKnQDF/eYNdPfRfdtIDBA
TfB5EwmfbebFnpa+OfxElqIadkyO+XKEhHNmvcPEvIfe+5WNWlRBmsoPVEeOLjR2
SmU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:02 2023 by rpki-client on console-ams.rpki-client.org