Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/sfuUjqTIsSAHRVdaEqisC7FRQ_s.roa
File: sfuUjqTIsSAHRVdaEqisC7FRQ_s.roa (raw, json)
Hash identifier: ClHOW/215lbdEQe7Mpb5InolpjmKqYRRm8o3lmSR8IU=
Subject key identifier: B1:FB:94:8E:A4:C8:B1:20:07:45:57:5A:12:A8:AC:0B:B1:51:43:FB
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 3A8E09AC
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/sfuUjqTIsSAHRVdaEqisC7FRQ_s.roa
Signing time: Sat 01 Jan 2022 04:52:11 +0000
ROA not before: Sat 01 Jan 2022 04:52:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204744
IP address blocks: 195.136.65.0/24 maxlen: 24
195.136.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 982387116 (0x3a8e09ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 04:52:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1fb948ea4c8b1200745575a12a8ac0bb15143fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:34:2c:80:29:57:a9:3a:b4:0b:95:14:63:5d:
c9:f2:93:61:ed:56:1c:a7:26:09:98:6b:b1:dd:54:
68:22:5a:11:55:8e:2f:64:98:b6:b2:7a:6d:93:8f:
21:01:95:89:e2:e4:3b:c7:da:3d:58:b1:46:cf:2f:
49:be:79:d1:ce:4d:bb:1d:ba:e3:ed:b2:08:d0:0f:
0e:36:4c:cd:66:9d:db:04:b1:51:68:f4:48:6e:40:
cb:24:7f:e3:9e:bb:fa:98:95:cb:4a:f3:06:0d:28:
08:4e:54:a0:f7:6b:5d:35:ef:fa:72:5b:40:9d:b2:
2a:d9:34:56:05:ca:0a:3e:0c:84:34:df:4a:9f:0e:
c1:ea:9c:9b:c5:03:c1:1d:d9:50:a6:fc:c6:00:f5:
55:20:8e:f4:4d:55:c0:1d:42:e8:96:66:13:7c:b9:
19:23:cc:5e:eb:cd:bd:3b:dd:34:3d:d3:62:3c:98:
88:ac:cf:c3:c3:7b:9b:52:48:9f:28:72:ec:ff:a8:
93:73:ff:a1:28:e5:50:bb:1d:cd:ea:ff:2f:73:b8:
c4:ee:ae:0d:63:2f:3c:66:ea:00:ed:f1:c9:54:53:
cf:80:ac:c8:2e:9f:06:c6:50:9d:48:af:70:16:f7:
ee:98:eb:81:18:18:b4:f0:40:a2:d9:60:6b:83:c9:
e3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:FB:94:8E:A4:C8:B1:20:07:45:57:5A:12:A8:AC:0B:B1:51:43:FB
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/sfuUjqTIsSAHRVdaEqisC7FRQ_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.27.0/24
195.136.65.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:79:67:4c:1e:b7:c5:bd:85:68:22:02:5a:24:30:8d:e7:04:
5e:17:6a:0b:eb:24:ce:e6:81:88:87:0e:c0:cc:ea:6a:f2:9e:
cc:3f:21:ef:7d:f6:45:78:b2:f4:8e:bb:31:79:de:2f:ab:a6:
b0:f6:36:fe:88:6c:1b:84:05:a6:74:4e:d1:08:a5:d2:8d:f9:
f1:2a:3a:09:06:08:07:1b:59:5f:b4:ea:24:db:fe:a2:b8:a5:
9f:be:2d:b6:7a:b1:d5:30:c0:11:80:15:07:59:bd:f3:04:db:
b5:09:c4:3f:4e:39:6e:34:d2:ac:c2:d2:de:57:40:07:d7:7e:
4d:50:5f:b9:cf:7f:ce:94:b6:06:e8:d0:31:12:4f:23:04:5a:
23:ef:9c:14:34:a6:47:8f:c7:66:e6:04:95:f5:1a:89:07:52:
3a:cd:d3:35:02:c0:61:68:57:8d:eb:0a:d5:f6:b8:af:5f:29:
f1:74:2d:3e:c2:79:9c:47:0c:b6:35:50:fc:15:a5:ff:41:4d:
fa:ef:c4:cf:8e:b9:33:5f:76:a5:e1:5d:e4:b7:76:a0:0a:cf:
38:29:4f:7b:d1:19:f2:12:e8:2b:5e:40:27:98:e5:e5:54:d8:
84:d0:4a:fa:e0:72:a2:df:4b:95:c6:42:40:79:36:4b:e7:ca:
f8:e2:6f:f6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOo4JrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDY4MzRlNjg4OTBmMzk4NmExYjA0NTdjZTBmNTRhZTAzYzJkNzZiMB4XDTIyMDEw
MTA0NTIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFmYjk0OGVhNGM4
YjEyMDA3NDU1NzVhMTJhOGFjMGJiMTUxNDNmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN40LIApV6k6tAuVFGNdyfKTYe1WHKcmCZhrsd1UaCJaEVWO
L2SYtrJ6bZOPIQGVieLkO8faPVixRs8vSb550c5Nux264+2yCNAPDjZMzWad2wSx
UWj0SG5AyyR/4567+piVy0rzBg0oCE5UoPdrXTXv+nJbQJ2yKtk0VgXKCj4MhDTf
Sp8Oweqcm8UDwR3ZUKb8xgD1VSCO9E1VwB1C6JZmE3y5GSPMXuvNvTvdND3TYjyY
iKzPw8N7m1JInyhy7P+ok3P/oSjlULsdzer/L3O4xO6uDWMvPGbqAO3xyVRTz4Cs
yC6fBsZQnUivcBb37pjrgRgYtPBAotlga4PJ4yMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSx+5SOpMixIAdFV1oSqKwLsVFD+zAfBgNVHSMEGDAWgBRUaDTmiJDzmGob
BFfOD1SuA8LXazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZHZzA1b2lRODVocUd3Ulh6ZzlVcmdQQzEycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8x
L3NmdVVqcVRJc1NBSFJWZGFFcWlzQzdGUlFfcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8xL1ZHZzA1b2lRODVo
cUd3Ulh6ZzlVcmdQQzEycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMOIGwMEAMOIQTANBgkqhkiG9w0B
AQsFAAOCAQEAOnlnTB63xb2FaCICWiQwjecEXhdqC+skzuaBiIcOwMzqavKezD8h
7332RXiy9I67MXneL6umsPY2/ohsG4QFpnRO0Qil0o358So6CQYIBxtZX7TqJNv+
oriln74ttnqx1TDAEYAVB1m98wTbtQnEP045bjTSrMLS3ldAB9d+TVBfuc9/zpS2
BujQMRJPIwRaI++cFDSmR4/HZuYElfUaiQdSOs3TNQLAYWhXjesK1fa4r18p8XQt
PsJ5nEcMtjVQ/BWl/0FN+u/Ez465M192peFd5Ld2oArPOClPe9EZ8hLoK15AJ5jl
5VTYhNBK+uByot9LlcZCQHk2S+fK+OJv9g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:02 2023 by rpki-client on console-ams.rpki-client.org