Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/kXnjX0tGWcWIUXHCN71H_FLjQok.roa
File: kXnjX0tGWcWIUXHCN71H_FLjQok.roa (raw, json)
Hash identifier: /bK88sHn721Rvp91QWYIeJkZsDIT32MCgbo2/FnCzDQ=
Subject key identifier: 91:79:E3:5F:4B:46:59:C5:88:51:71:C2:37:BD:47:FC:52:E3:42:89
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 030C1CA7
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/kXnjX0tGWcWIUXHCN71H_FLjQok.roa
Signing time: Sat 01 Jan 2022 02:53:42 +0000
ROA not before: Sat 01 Jan 2022 02:53:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45671
IP address blocks: 195.8.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51125415 (0x30c1ca7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jan 1 02:53:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9179e35f4b4659c5885171c237bd47fc52e34289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:36:1a:13:87:f5:93:0c:45:71:b5:59:c5:e6:
39:6c:bb:1a:c3:e4:7d:96:bf:07:aa:a4:a1:b7:8d:
ea:78:1b:a5:33:c9:b5:71:b3:8f:f3:43:28:e7:05:
08:c4:a8:67:85:f6:c7:14:d4:27:ab:88:4e:f2:5b:
11:7f:5d:ae:a0:e7:43:39:32:33:2a:4a:ec:ec:6a:
b4:78:e9:95:3d:77:ae:50:a1:98:c4:1b:4c:b1:97:
6b:ff:e1:43:7b:dd:bb:8b:54:7b:e3:24:70:46:17:
07:fd:5d:eb:89:56:45:09:40:92:b1:c3:a4:56:d0:
b5:bd:fa:bb:d3:1e:aa:b9:15:e7:ef:4f:41:a4:66:
fd:47:31:d3:91:8a:0a:73:7c:d7:b8:71:41:7e:09:
75:bb:eb:8a:37:45:80:ff:ce:24:fb:dd:8d:eb:74:
64:fc:35:a0:57:d3:3a:13:3b:16:e0:e8:85:3e:09:
64:17:11:b3:6d:cf:a9:45:bb:14:e6:d2:a1:29:a4:
35:e5:c3:6b:2b:1b:99:94:27:cc:77:68:31:c4:ae:
dc:e3:ce:39:66:b8:90:1c:3b:87:cf:fa:bd:1b:93:
89:f0:f8:b9:14:d3:02:24:40:4c:b3:45:e3:ac:61:
75:b9:a1:4a:14:00:79:9e:14:81:0c:31:88:2c:0d:
86:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:79:E3:5F:4B:46:59:C5:88:51:71:C2:37:BD:47:FC:52:E3:42:89
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/kXnjX0tGWcWIUXHCN71H_FLjQok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.201.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:90:c0:95:dd:d4:b5:12:26:4f:bc:cd:49:0a:2b:61:98:13:
34:7a:9f:8f:11:52:cb:78:96:10:f2:20:1a:81:cb:9b:2a:48:
53:d2:83:4e:1d:45:29:2e:c2:bf:49:ce:d8:41:85:3c:a3:58:
9d:d6:50:fc:09:a0:96:65:47:5d:1e:5b:de:be:28:a6:c4:7f:
ff:79:8c:d1:81:0e:f6:e7:e2:a9:3e:b1:a0:33:b6:5a:00:40:
2c:72:ee:22:0e:fb:54:65:11:ad:0f:0c:6d:27:5c:60:7c:94:
ef:a0:29:7b:90:57:ac:ab:82:b4:d2:a5:2b:43:22:ed:f4:ad:
ed:9e:ad:bb:44:0e:0e:5a:b5:1d:d0:a4:b8:d3:8f:99:b2:93:
96:8c:78:f9:6a:86:6d:24:90:70:1b:4c:4e:d2:2f:b1:ec:4d:
e3:d2:11:45:e5:65:15:d3:9e:a4:5e:2d:86:a5:13:9d:71:6a:
fd:c4:4a:77:bc:a7:9d:64:14:01:6b:84:7f:6e:1d:ff:5b:28:
8a:0d:aa:3a:58:38:d2:f7:28:d0:4e:29:ec:b9:8a:45:90:10:
6f:5e:1a:6b:22:8a:c1:2b:3d:02:a0:c1:83:00:7d:34:1f:8c:
8f:08:d6:59:58:cc:47:2e:4c:1c:f0:5f:c3:01:ac:0d:a4:e8:
4f:c1:25:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAwwcpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Y2RjYzhiY2RiNmM3NDRhY2RmNDNkZDcyZDY4ZDIwNDUxYTE3OWY2MB4XDTIyMDEw
MTAyNTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTE3OWUzNWY0YjQ2
NTljNTg4NTE3MWMyMzdiZDQ3ZmM1MmUzNDI4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKk2GhOH9ZMMRXG1WcXmOWy7GsPkfZa/B6qkobeN6ngbpTPJ
tXGzj/NDKOcFCMSoZ4X2xxTUJ6uITvJbEX9drqDnQzkyMypK7OxqtHjplT13rlCh
mMQbTLGXa//hQ3vdu4tUe+MkcEYXB/1d64lWRQlAkrHDpFbQtb36u9MeqrkV5+9P
QaRm/Ucx05GKCnN817hxQX4JdbvrijdFgP/OJPvdjet0ZPw1oFfTOhM7FuDohT4J
ZBcRs23PqUW7FObSoSmkNeXDaysbmZQnzHdoMcSu3OPOOWa4kBw7h8/6vRuTifD4
uRTTAiRATLNF46xhdbmhShQAeZ4UgQwxiCwNhjUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSReeNfS0ZZxYhRccI3vUf8UuNCiTAfBgNVHSMEGDAWgBQ83Mi822x0Ss30
PdctaNIEUaF59jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BOekl2TnRzZEVyTjlEM1hMV2pTQkZHaGVmWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvMzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8x
L2tYbmpYMHRHV2NXSVVYSENONzFIX0ZMalFvay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
MzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8xL1BOekl2TnRzZEVy
TjlEM1hMV2pTQkZHaGVmWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMIyTANBgkqhkiG9w0BAQsFAAOC
AQEAGpDAld3UtRImT7zNSQorYZgTNHqfjxFSy3iWEPIgGoHLmypIU9KDTh1FKS7C
v0nO2EGFPKNYndZQ/AmglmVHXR5b3r4opsR//3mM0YEO9ufiqT6xoDO2WgBALHLu
Ig77VGURrQ8MbSdcYHyU76Ape5BXrKuCtNKlK0Mi7fSt7Z6tu0QODlq1HdCkuNOP
mbKTlox4+WqGbSSQcBtMTtIvsexN49IRReVlFdOepF4thqUTnXFq/cRKd7ynnWQU
AWuEf24d/1soig2qOlg40vco0E4p7LmKRZAQb14aayKKwSs9AqDBgwB9NB+MjwjW
WVjMRy5MHPBfwwGsDaToT8El8g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:49 2023 by rpki-client on console-fra.rpki-client.org