Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/aqU_o8zeTu3IHp85TdiWfQAi8_E.roa
File: aqU_o8zeTu3IHp85TdiWfQAi8_E.roa (raw, json)
Hash identifier: v7hi6iGD+5mi3hx8jDN7GKEyEZe9AqlCEfSAFzdRlD8=
Subject key identifier: 6A:A5:3F:A3:CC:DE:4E:ED:C8:1E:9F:39:4D:D8:96:7D:00:22:F3:F1
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 01838D08847BCC797778B025085D84936BA5
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/aqU_o8zeTu3IHp85TdiWfQAi8_E.roa
Signing time: Fri 30 Sep 2022 06:14:49 +0000
ROA not before: Fri 30 Sep 2022 06:14:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35281
IP address blocks: 193.223.0.0/24 maxlen: 24
195.136.199.0/24 maxlen: 24
195.136.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:08:84:7b:cc:79:77:78:b0:25:08:5d:84:93:6b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Sep 30 06:14:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6aa53fa3ccde4eedc81e9f394dd8967d0022f3f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:51:5c:58:64:2e:aa:d6:2c:3d:95:f3:33:eb:
7c:bf:cf:49:f7:d3:cf:81:41:a3:aa:b3:9d:54:ba:
3b:1b:12:d0:90:de:1a:96:47:f7:a9:56:d1:28:b9:
b6:8c:5b:d9:e7:10:3b:b8:a6:1a:f3:4d:f3:79:22:
54:b5:e7:d6:b9:39:7c:b2:13:ba:ba:85:57:34:c6:
73:42:78:6c:ba:7b:fa:dc:f4:02:c2:42:d5:14:05:
d0:a9:dc:44:08:85:2c:44:a3:aa:34:e4:bc:d9:a5:
d1:93:cb:0c:8a:f2:ab:e9:4e:c7:25:76:ef:5a:d4:
9c:7c:22:97:ba:e9:bb:81:58:23:e5:f1:fe:8b:78:
d2:17:09:5b:ac:46:58:cc:77:32:b2:29:06:58:12:
8d:f9:a1:36:8d:8f:58:57:bf:d5:a7:6b:fb:de:5d:
46:8c:a0:4b:0e:d6:60:21:00:27:3a:6e:61:33:d0:
0e:2b:22:0f:a2:d9:09:2c:49:04:b7:3e:bd:02:ef:
22:86:ac:b1:11:ef:91:3d:da:74:28:56:7d:d6:5d:
ab:2c:ff:59:71:a6:c6:48:e0:67:64:e8:89:78:d8:
49:08:fa:00:ab:ba:a5:94:01:21:e0:b6:98:57:de:
97:7f:da:10:24:29:22:de:d9:a7:82:a7:c8:7c:9f:
2d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A5:3F:A3:CC:DE:4E:ED:C8:1E:9F:39:4D:D8:96:7D:00:22:F3:F1
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/aqU_o8zeTu3IHp85TdiWfQAi8_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.223.0.0/24
195.136.198.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:d6:f3:50:15:1c:94:35:30:1d:35:83:5c:2e:e3:74:47:00:
11:d6:3b:9f:36:2b:0b:a0:10:3f:b8:8f:ac:06:43:85:f2:62:
14:35:ce:2b:b1:12:7f:11:68:ad:83:c6:04:64:6c:86:7d:47:
06:1e:59:3c:fd:b9:9a:b9:19:32:39:9a:55:8c:46:f7:75:c7:
5a:4e:60:44:c5:a7:2f:ce:24:0f:2c:5b:ca:cb:c0:b0:e3:b4:
19:0a:25:28:15:cc:b4:73:33:70:29:09:93:f1:5f:cb:b5:05:
38:b2:94:16:7c:5f:b5:f8:3a:50:14:18:8b:f3:23:ff:31:b7:
a3:32:50:a9:21:a4:a2:d5:8e:7c:fd:17:d3:dd:a4:24:d6:32:
2a:3a:c8:99:8d:1c:02:85:77:85:85:6b:bc:bf:b4:07:f4:59:
43:53:a0:cb:98:0c:0d:01:23:16:6f:f7:f4:20:c3:6a:8f:08:
8c:ae:af:5d:f5:2b:3b:9f:fb:47:c0:ae:d2:e1:91:de:09:98:
04:f7:f2:73:1b:54:dc:08:27:2c:98:05:d3:ce:3d:c9:13:f8:
7e:52:2b:f1:ae:fe:2d:fb:80:74:0f:2d:20:bf:4d:c5:38:e7:
12:00:2c:7d:54:5c:2b:2a:63:6d:6a:a5:76:00:6c:ab:a4:70:
39:4f:7b:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYONCIR7zHl3eLAlCF2Ek2ulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjIwOTMwMDYxNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE1M2ZhM2NjZGU0ZWVkYzgxZTlmMzk0ZGQ4OTY3ZDAwMjJmM2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9lFcWGQuqtYsPZXzM+t8v89J99PP
gUGjqrOdVLo7GxLQkN4alkf3qVbRKLm2jFvZ5xA7uKYa803zeSJUtefWuTl8shO6
uoVXNMZzQnhsunv63PQCwkLVFAXQqdxECIUsRKOqNOS82aXRk8sMivKr6U7HJXbv
WtScfCKXuum7gVgj5fH+i3jSFwlbrEZYzHcysikGWBKN+aE2jY9YV7/Vp2v73l1G
jKBLDtZgIQAnOm5hM9AOKyIPotkJLEkEtz69Au8ihqyxEe+RPdp0KFZ91l2rLP9Z
cabGSOBnZOiJeNhJCPoAq7qllAEh4LaYV96Xf9oQJCki3tmngqfIfJ8tYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGqlP6PM3k7tyB6fOU3Yln0AIvPxMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvYXFVX284emVUdTNJSHA4NVRkaVdmUUFpOF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd8AAwQB
w4jGMA0GCSqGSIb3DQEBCwUAA4IBAQCo1vNQFRyUNTAdNYNcLuN0RwAR1jufNisL
oBA/uI+sBkOF8mIUNc4rsRJ/EWitg8YEZGyGfUcGHlk8/bmauRkyOZpVjEb3dcda
TmBExacvziQPLFvKy8Cw47QZCiUoFcy0czNwKQmT8V/LtQU4spQWfF+1+DpQFBiL
8yP/MbejMlCpIaSi1Y58/RfT3aQk1jIqOsiZjRwChXeFhWu8v7QH9FlDU6DLmAwN
ASMWb/f0IMNqjwiMrq9d9Ss7n/tHwK7S4ZHeCZgE9/JzG1TcCCcsmAXTzj3JE/h+
Uivxrv4t+4B0Dy0gv03FOOcSACx9VFwrKmNtaqV2AGyrpHA5T3sd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:21 2023 by rpki-client on console-fra.rpki-client.org