Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/ddnuVQPou4IZhikCoNgYBMCmn70.roa
File: ddnuVQPou4IZhikCoNgYBMCmn70.roa (raw, json)
Hash identifier: Hs1BFauJqg6ZJvn8T5mLq4umkjxfNgnvOkqHnFEvlaE=
Subject key identifier: 75:D9:EE:55:03:E8:BB:82:19:86:29:02:A0:D8:18:04:C0:A6:9F:BD
Certificate issuer: /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial: 052A2DF8
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/ddnuVQPou4IZhikCoNgYBMCmn70.roa
Signing time: Sat 01 Jan 2022 12:57:11 +0000
ROA not before: Sat 01 Jan 2022 12:57:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8258
IP address blocks: 195.64.224.0/22 maxlen: 22
195.64.228.0/24 maxlen: 24
195.64.254.0/23 maxlen: 23
2a02:2540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86650360 (0x52a2df8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Validity
Not Before: Jan 1 12:57:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75d9ee5503e8bb8219862902a0d81804c0a69fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:f2:0a:cf:15:28:a3:e8:6e:e4:fa:2d:24:
5f:74:f5:7d:96:f3:68:e3:c6:7f:bb:44:e7:f4:5f:
d2:fd:96:2b:f0:ef:68:aa:b2:9d:70:a1:f3:37:61:
2d:87:ee:f8:b7:b8:67:0a:13:17:f5:ea:9c:ee:b4:
a5:a9:41:da:54:df:7a:b3:98:c9:0b:86:ca:6d:24:
3d:25:82:86:f7:9f:31:30:6e:0b:e4:91:66:03:67:
7d:cf:d2:8e:9c:66:3c:2e:cf:ed:53:c4:1f:56:93:
a2:e5:1a:84:e1:60:f6:3b:65:2c:51:48:f1:d6:44:
cf:47:2c:53:34:ab:85:1b:6e:30:b0:b0:81:df:a9:
73:c2:ad:3a:35:a5:88:96:4f:e1:8f:40:a6:f0:ce:
3e:37:52:69:ea:94:85:74:e4:97:59:cc:dd:70:76:
1b:f9:1f:ba:76:27:18:0b:3e:5c:c5:e0:92:16:03:
21:79:a8:7f:3c:21:64:dc:63:39:59:a1:1f:f5:76:
f2:a8:17:94:25:10:f0:7f:44:d6:e4:9d:38:5e:c2:
5a:04:66:fb:1e:eb:6e:ff:ba:24:bb:e9:14:c7:93:
f8:26:97:ca:24:77:31:91:4f:de:3b:cf:03:69:8d:
2e:8c:de:8a:79:fb:2c:69:da:b2:f8:cc:fb:c1:c1:
c5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D9:EE:55:03:E8:BB:82:19:86:29:02:A0:D8:18:04:C0:A6:9F:BD
X509v3 Authority Key Identifier:
keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/ddnuVQPou4IZhikCoNgYBMCmn70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.224.0-195.64.228.255
195.64.254.0/23
IPv6:
2a02:2540::/32
Signature Algorithm: sha256WithRSAEncryption
76:b0:5c:fc:30:87:f5:9e:10:c8:e2:a9:55:4b:00:6a:2c:8e:
cd:2a:fa:12:15:ae:57:1b:16:8e:43:99:43:78:28:6d:18:88:
66:5b:54:2f:2a:89:3b:be:4a:09:bc:ff:ab:44:39:f2:4c:d8:
8e:f7:d7:d7:a8:58:23:6b:b0:1b:84:ff:07:0d:84:37:57:fc:
38:49:a5:9d:68:47:a3:bc:e7:a1:b3:54:a4:76:3f:fc:4f:1b:
c0:f6:34:02:ac:65:8a:51:bc:47:a2:85:a4:31:27:23:c8:d9:
2d:ea:b2:72:18:63:66:f7:7a:b9:78:b0:3c:cd:d9:8b:1e:9f:
2a:ea:c6:86:1d:66:cb:a2:a1:29:f9:44:1e:23:8f:64:ce:44:
e3:00:3a:89:79:70:48:03:79:97:c9:63:eb:4e:9e:71:f5:c1:
f8:53:35:e6:2d:43:93:a3:21:2d:de:ea:4a:70:cc:e9:28:d9:
96:e4:53:6b:0d:36:7d:69:fd:c7:9a:46:43:c2:81:2b:e9:f4:
db:ea:7e:7b:50:91:70:80:7f:9b:44:d1:31:ee:e4:13:03:d2:
70:6d:a0:c3:29:95:4d:8a:d9:1e:75:ea:7b:e7:6d:21:23:46:
cd:0f:e9:b2:ee:79:7a:3b:35:d6:13:1d:f8:f5:16:d4:ca:b6:
98:50:1b:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBSot+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWZhNDhmNDBiYzg0NTQwYzQ2YmQyM2JlOWI5MDg5N2FhMTg0ZjRkMB4XDTIyMDEw
MTEyNTcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVkOWVlNTUwM2U4
YmI4MjE5ODYyOTAyYTBkODE4MDRjMGE2OWZiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzx8grPFSij6G7k+i0kX3T1fZbzaOPGf7tE5/Rf0v2WK/Dv
aKqynXCh8zdhLYfu+Le4ZwoTF/XqnO60palB2lTferOYyQuGym0kPSWChvefMTBu
C+SRZgNnfc/SjpxmPC7P7VPEH1aTouUahOFg9jtlLFFI8dZEz0csUzSrhRtuMLCw
gd+pc8KtOjWliJZP4Y9ApvDOPjdSaeqUhXTkl1nM3XB2G/kfunYnGAs+XMXgkhYD
IXmofzwhZNxjOVmhH/V28qgXlCUQ8H9E1uSdOF7CWgRm+x7rbv+6JLvpFMeT+CaX
yiR3MZFP3jvPA2mNLozeinn7LGnasvjM+8HBxecCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBR12e5VA+i7ghmGKQKg2BgEwKafvTAfBgNVHSMEGDAWgBSB+kj0C8hFQMRr
0jvpuQiXqhhPTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dmcEk5QXZJUlVERWE5STc2YmtJbDZvWVQwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvMTQ2MDc4LWY5YjItNDE2My1hZjFhLThlOTNjYjVjNTM1NS8x
L2RkbnVWUVBvdTRJWmhpa0NvTmdZQk1DbW43MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
MTQ2MDc4LWY5YjItNDE2My1hZjFhLThlOTNjYjVjNTM1NS8xL2dmcEk5QXZJUlVE
RWE5STc2YmtJbDZvWVQwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQFw0DgAwQAw0DkAwQBw0D+MA0E
AgACMAcDBQAqAiVAMA0GCSqGSIb3DQEBCwUAA4IBAQB2sFz8MIf1nhDI4qlVSwBq
LI7NKvoSFa5XGxaOQ5lDeChtGIhmW1QvKok7vkoJvP+rRDnyTNiO99fXqFgja7Ab
hP8HDYQ3V/w4SaWdaEejvOehs1Skdj/8TxvA9jQCrGWKUbxHooWkMScjyNkt6rJy
GGNm93q5eLA8zdmLHp8q6saGHWbLoqEp+UQeI49kzkTjADqJeXBIA3mXyWPrTp5x
9cH4UzXmLUOToyEt3upKcMzpKNmW5FNrDTZ9af3HmkZDwoEr6fTb6n57UJFwgH+b
RNEx7uQTA9JwbaDDKZVNitkedep7520hI0bND+my7nl6OzXWEx349RbUyraYUBtg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:33 2023 by rpki-client on console-ams.rpki-client.org