Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/pG5PxCmD2Jb0NI29YcBkcePRk7w.roa
File: pG5PxCmD2Jb0NI29YcBkcePRk7w.roa (raw, json)
Hash identifier: js7X2LoBoLAOu3lt6efWFMZWB9NcS4efZ5+dQ7alMqA=
Subject key identifier: A4:6E:4F:C4:29:83:D8:96:F4:34:8D:BD:61:C0:64:71:E3:D1:93:BC
Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093
Certificate serial: 075DEDCB
Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/pG5PxCmD2Jb0NI29YcBkcePRk7w.roa
Signing time: Sat 01 Jan 2022 12:05:11 +0000
ROA not before: Sat 01 Jan 2022 12:05:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201705
IP address blocks: 95.129.248.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123596235 (0x75dedcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093
Validity
Not Before: Jan 1 12:05:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a46e4fc42983d896f4348dbd61c06471e3d193bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ef:a8:75:e6:bf:1a:ed:b8:3c:0d:cd:7e:de:
31:04:0b:52:60:e0:70:fb:49:e7:24:8f:01:a0:6a:
dd:4f:72:f7:fd:2c:2d:f6:72:a4:c1:ad:25:5a:e5:
5e:ec:44:21:1a:5b:65:26:14:83:ea:1d:a1:7f:c3:
db:c3:ab:34:5a:45:ac:e4:48:25:cf:56:34:89:6b:
f6:55:c3:6f:fb:18:3b:70:f4:b6:0a:7e:7b:4d:e5:
66:1a:5e:0a:b2:93:cc:85:f7:65:49:7e:1b:16:8c:
fa:81:3e:48:8e:65:92:97:79:98:aa:9c:cf:93:12:
e7:2d:09:ef:5f:ab:e0:89:62:0e:0d:7f:35:58:dc:
d7:fd:bf:4b:71:f5:32:d2:9c:f1:4e:ca:52:e2:f8:
b7:bf:60:ca:bd:ca:fa:24:28:45:17:3f:09:a8:d6:
02:e8:57:6f:33:c7:62:9c:47:78:50:99:3c:51:ab:
fd:15:27:2e:b7:64:0b:40:a7:17:65:74:24:6f:9a:
8f:13:98:c1:04:68:4b:e8:d5:f9:c7:20:6f:ab:02:
4b:07:4a:25:22:a0:e7:19:a2:f7:70:f4:7e:03:92:
0c:e4:9b:83:0d:e4:7c:a2:99:9c:9e:38:23:ac:d0:
de:1a:11:23:48:41:d0:9d:99:05:dc:8f:f7:71:17:
ab:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6E:4F:C4:29:83:D8:96:F4:34:8D:BD:61:C0:64:71:E3:D1:93:BC
X509v3 Authority Key Identifier:
keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/pG5PxCmD2Jb0NI29YcBkcePRk7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.248.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:82:2e:4e:fb:5c:9a:54:f5:d7:7a:bf:f4:f8:c1:6a:4b:a5:
38:67:61:6f:e9:ba:47:1a:8c:3c:21:d6:fd:de:13:ca:7d:76:
29:db:c4:a0:f8:49:0a:1f:ca:ff:d6:87:52:c7:9a:e9:54:57:
c7:93:8b:fa:a6:cc:24:12:f4:6d:49:74:d5:7c:1d:a9:43:0b:
f2:ec:7b:81:65:87:ae:ec:56:ed:a5:9e:80:61:db:f1:15:c2:
3d:67:a4:2d:66:4a:8d:d4:65:c6:e5:58:03:98:1c:6c:7d:ab:
1a:51:39:bc:e7:05:60:f1:68:36:63:39:d2:29:75:c0:f7:e5:
a3:e8:d7:c1:48:cb:fc:40:7b:b6:85:34:71:05:64:fc:1b:ea:
dd:56:80:98:e0:fb:74:03:49:c3:f4:8a:dc:38:0e:bf:a7:a7:
06:1f:c1:06:48:f5:72:b3:76:ba:aa:db:f9:57:d6:e0:a7:53:
0e:5c:d6:0e:f9:e3:37:e2:49:97:d3:4e:38:07:17:0b:8b:20:
c6:eb:f7:82:56:00:10:24:55:d7:a8:12:4f:bb:5a:d1:80:54:
3b:a8:11:59:c4:e4:63:f1:46:c5:4b:a6:f5:1f:16:32:ed:61:
37:e1:5c:ae:5e:af:e2:bc:53:92:73:15:96:50:44:a9:c6:91:
2d:40:ba:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB13tyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDA4NzRiMzMzZTM1ZGYxNGZkOTcwZTE4OTU4MWRhMDkzYmM4MDkzMB4XDTIyMDEw
MTEyMDUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ2ZTRmYzQyOTgz
ZDg5NmY0MzQ4ZGJkNjFjMDY0NzFlM2QxOTNiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvvqHXmvxrtuDwNzX7eMQQLUmDgcPtJ5ySPAaBq3U9y9/0s
LfZypMGtJVrlXuxEIRpbZSYUg+odoX/D28OrNFpFrORIJc9WNIlr9lXDb/sYO3D0
tgp+e03lZhpeCrKTzIX3ZUl+GxaM+oE+SI5lkpd5mKqcz5MS5y0J71+r4IliDg1/
NVjc1/2/S3H1MtKc8U7KUuL4t79gyr3K+iQoRRc/CajWAuhXbzPHYpxHeFCZPFGr
/RUnLrdkC0CnF2V0JG+ajxOYwQRoS+jV+ccgb6sCSwdKJSKg5xmi93D0fgOSDOSb
gw3kfKKZnJ44I6zQ3hoRI0hB0J2ZBdyP93EXq7UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkbk/EKYPYlvQ0jb1hwGRx49GTvDAfBgNVHSMEGDAWgBQNCHSzM+Nd8U/Z
cOGJWB2gk7yAkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RRaDBzelBqWGZGUDJYRGhpVmdkb0pPOGdKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvYjAzOWJjLTIxM2ItNDU3Yy05NmFlLTMxODFkYjkxMWExMy8x
L3BHNVB4Q21EMkpiME5JMjlZY0JrY2VQUms3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
YjAzOWJjLTIxM2ItNDU3Yy05NmFlLTMxODFkYjkxMWExMy8xL0RRaDBzelBqWGZG
UDJYRGhpVmdkb0pPOGdKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1+B+DANBgkqhkiG9w0BAQsFAAOC
AQEADIIuTvtcmlT113q/9PjBakulOGdhb+m6RxqMPCHW/d4Tyn12KdvEoPhJCh/K
/9aHUsea6VRXx5OL+qbMJBL0bUl01XwdqUML8ux7gWWHruxW7aWegGHb8RXCPWek
LWZKjdRlxuVYA5gcbH2rGlE5vOcFYPFoNmM50il1wPflo+jXwUjL/EB7toU0cQVk
/Bvq3VaAmOD7dANJw/SK3DgOv6enBh/BBkj1crN2uqrb+VfW4KdTDlzWDvnjN+JJ
l9NOOAcXC4sgxuv3glYAECRV16gST7ta0YBUO6gRWcTkY/FGxUum9R8WMu1hN+Fc
rl6v4rxTknMVllBEqcaRLUC6NA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:03 2023 by rpki-client on console-ams.rpki-client.org