Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/Z5jR1XblZsoshYK9GXQq1ciLLm0.roa
File: Z5jR1XblZsoshYK9GXQq1ciLLm0.roa (raw, json)
Hash identifier: w1myi0Byv615+Qdb8dYnKaVk9oru6iZBUfv7NBd9+OM=
Subject key identifier: 67:98:D1:D5:76:E5:66:CA:2C:85:82:BD:19:74:2A:D5:C8:8B:2E:6D
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 08857E78
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/Z5jR1XblZsoshYK9GXQq1ciLLm0.roa
Signing time: Sat 01 Jan 2022 03:50:53 +0000
ROA not before: Sat 01 Jan 2022 03:50:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30898
IP address blocks: 195.168.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142966392 (0x8857e78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 03:50:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6798d1d576e566ca2c8582bd19742ad5c88b2e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:de:b4:4b:23:0a:52:2e:0f:6d:48:f9:a1:02:
11:93:a2:28:c1:0d:79:dd:1f:9d:aa:f9:38:1a:81:
09:80:e6:12:df:3a:06:69:a5:46:5b:46:37:f4:d0:
17:d5:20:7f:ef:82:c2:50:71:b6:79:55:c6:e0:87:
cb:85:c0:30:e7:5a:f9:8c:4a:1f:ef:bf:e9:16:f6:
51:93:59:41:09:4a:bd:af:ee:2f:0b:3b:e2:a5:67:
07:e4:66:00:93:b3:be:60:09:2a:b2:c4:df:1e:7f:
30:00:82:b4:aa:81:a1:50:02:f4:54:37:22:0c:94:
6b:cd:58:6f:ad:79:f5:72:59:25:fc:9c:88:92:73:
d7:9f:79:da:cc:ec:34:33:5d:51:45:e6:23:58:28:
9e:c8:70:01:20:2e:1e:f2:87:cf:ae:ad:be:7f:3f:
88:af:b8:9c:ba:eb:36:d1:49:0c:27:ee:ef:9f:9a:
be:51:b5:de:39:e3:ee:1e:69:dc:02:c4:18:04:34:
1d:9b:03:52:61:6f:3f:cc:1c:6f:a7:c2:fd:41:a6:
35:99:c6:8b:90:c0:25:77:9f:79:f0:af:30:39:ac:
8e:e0:1a:33:8a:3d:c9:7f:90:db:69:35:5c:f9:de:
f2:7c:f2:b7:ed:4f:6b:d0:88:30:61:e2:f5:b1:44:
61:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:98:D1:D5:76:E5:66:CA:2C:85:82:BD:19:74:2A:D5:C8:8B:2E:6D
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/Z5jR1XblZsoshYK9GXQq1ciLLm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.168.240.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:ec:95:9a:56:c6:ae:40:c0:79:16:58:94:2d:17:cb:80:53:
08:7e:56:0c:62:4f:f5:94:0e:e3:95:92:47:ce:3b:b4:1e:1e:
4d:e6:90:56:3e:a8:ea:c6:7b:97:3e:c3:1a:b6:c0:1d:7e:a7:
f2:cb:22:d3:0b:dd:b5:78:9e:26:57:2f:2e:ec:41:91:47:e9:
e4:7d:8c:f6:51:03:2f:02:9a:54:2a:71:86:77:b6:d2:2a:8a:
4b:de:1e:a2:65:dd:f9:8a:de:49:54:aa:6b:9f:1b:47:5a:a3:
67:ba:86:bd:81:10:71:23:25:10:0b:f4:82:44:26:dd:d6:f9:
20:c8:21:bb:c1:f2:52:98:f5:6c:e9:08:0b:82:b5:59:4a:21:
83:2f:22:08:86:bc:78:b9:75:38:91:cc:5f:a7:a6:c8:ce:d6:
84:ca:e3:a6:62:a2:93:65:ec:70:d1:e0:ec:ab:8d:42:a5:6a:
33:59:8f:c7:b4:2d:ec:a5:e5:31:23:b2:90:25:0c:a5:30:a6:
93:03:a7:a5:e2:c1:49:32:af:c1:4f:f8:39:0c:63:30:d0:f2:
80:a4:7d:c2:97:88:7e:c6:3c:3a:6b:5f:0a:0a:f6:68:57:aa:
30:05:9d:6b:15:e5:d8:ad:c2:14:a7:87:ca:c1:57:d0:bb:06:
07:14:8f:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIV+eDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Y4ODE0MDFhYmFjYzg4Yzk0MWZkZjc0MGYxYWIxNTM2ZjA1ZGJhMB4XDTIyMDEw
MTAzNTA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc5OGQxZDU3NmU1
NjZjYTJjODU4MmJkMTk3NDJhZDVjODhiMmU2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHetEsjClIuD21I+aECEZOiKMENed0fnar5OBqBCYDmEt86
BmmlRltGN/TQF9Ugf++CwlBxtnlVxuCHy4XAMOda+YxKH++/6Rb2UZNZQQlKva/u
Lws74qVnB+RmAJOzvmAJKrLE3x5/MACCtKqBoVAC9FQ3IgyUa81Yb6159XJZJfyc
iJJz15952szsNDNdUUXmI1gonshwASAuHvKHz66tvn8/iK+4nLrrNtFJDCfu75+a
vlG13jnj7h5p3ALEGAQ0HZsDUmFvP8wcb6fC/UGmNZnGi5DAJXefefCvMDmsjuAa
M4o9yX+Q22k1XPne8nzyt+1Pa9CIMGHi9bFEYQsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnmNHVduVmyiyFgr0ZdCrVyIsubTAfBgNVHSMEGDAWgBTn+IFAGrrMiMlB
/fdA8asVNvBdujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVfaUJRQnE2eklqSlFmMzNRUEdyRlRid1hiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZjU1MzRhLWE2MTMtNDdiZS1iNDJiLWUyZmJjM2E2ODgwMC8x
L1o1alIxWGJsWnNvc2hZSzlHWFFxMWNpTExtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZjU1MzRhLWE2MTMtNDdiZS1iNDJiLWUyZmJjM2E2ODgwMC8xLzVfaUJRQnE2eklq
SlFmMzNRUEdyRlRid1hiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOo8DANBgkqhkiG9w0BAQsFAAOC
AQEAouyVmlbGrkDAeRZYlC0Xy4BTCH5WDGJP9ZQO45WSR847tB4eTeaQVj6o6sZ7
lz7DGrbAHX6n8ssi0wvdtXieJlcvLuxBkUfp5H2M9lEDLwKaVCpxhne20iqKS94e
omXd+YreSVSqa58bR1qjZ7qGvYEQcSMlEAv0gkQm3db5IMghu8HyUpj1bOkIC4K1
WUohgy8iCIa8eLl1OJHMX6emyM7WhMrjpmKik2XscNHg7KuNQqVqM1mPx7Qt7KXl
MSOykCUMpTCmkwOnpeLBSTKvwU/4OQxjMNDygKR9wpeIfsY8OmtfCgr2aFeqMAWd
axXl2K3CFKeHysFX0LsGBxSPdg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:04 2023 by rpki-client on console-ams.rpki-client.org