Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d50905-007a-4074-9a05-a6c8bd8742a4/1/ddrdmEzZ-lGmxL1J2p2EI7oCUWE.roa
File: ddrdmEzZ-lGmxL1J2p2EI7oCUWE.roa (raw, json)
Hash identifier: clUExV0aMzSjF5ABFjbXIBeCms6WSYisgOmyG3FrEls=
Subject key identifier: 75:DA:DD:98:4C:D9:FA:51:A6:C4:BD:49:DA:9D:84:23:BA:02:51:61
Certificate issuer: /CN=ec9269185f63dc3356037f713ce8a0909ff07225
Certificate serial: 0183C7978B4461449A025113D5C4ECAE06B4
Authority key identifier: EC:92:69:18:5F:63:DC:33:56:03:7F:71:3C:E8:A0:90:9F:F0:72:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JJpGF9j3DNWA39xPOigkJ_wciU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d50905-007a-4074-9a05-a6c8bd8742a4/1/ddrdmEzZ-lGmxL1J2p2EI7oCUWE.roa
Signing time: Tue 11 Oct 2022 15:09:00 +0000
ROA not before: Tue 11 Oct 2022 15:09:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12301
IP address blocks: 195.144.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:97:8b:44:61:44:9a:02:51:13:d5:c4:ec:ae:06:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9269185f63dc3356037f713ce8a0909ff07225
Validity
Not Before: Oct 11 15:09:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75dadd984cd9fa51a6c4bd49da9d8423ba025161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:05:b6:bf:a9:fc:e7:ca:70:18:e4:c2:21:40:
e1:9a:d4:86:71:1a:a3:93:bc:2d:5e:3f:b4:b9:79:
c4:25:07:e2:ed:f8:33:86:46:21:da:2b:9d:00:74:
58:88:c2:eb:35:6d:5e:72:92:6e:a7:46:ad:c2:eb:
bb:74:a6:ae:fa:f7:c0:53:f5:c7:dd:a1:0f:f3:f9:
b2:6a:d2:a3:89:77:bf:92:13:24:3a:a6:61:3e:32:
87:a6:f5:ca:8b:56:84:ae:38:e8:80:64:c6:d2:e9:
bd:fa:1a:4d:a1:2a:5d:ca:05:d1:43:7d:de:9e:a1:
57:b6:f0:a5:6a:84:eb:c1:87:12:dc:b8:e1:70:af:
45:27:5d:a8:63:b9:57:e5:59:fc:f1:76:0b:10:69:
ae:69:a5:44:c9:86:65:3f:3f:51:d9:52:8e:10:61:
c3:16:e2:49:78:fa:a2:ee:79:a0:36:25:f8:ee:b2:
6f:b3:07:25:0a:80:7d:66:ac:f6:e9:49:c5:31:19:
2d:96:b3:e8:30:21:f3:15:32:20:be:77:9f:84:bf:
2d:29:1f:80:d2:27:e6:32:fb:54:72:91:05:64:71:
65:38:c9:51:cb:42:f2:48:5e:9b:77:8d:07:7e:31:
d5:90:cb:1d:57:a4:fc:20:a8:fc:b8:03:a7:1d:41:
fb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DA:DD:98:4C:D9:FA:51:A6:C4:BD:49:DA:9D:84:23:BA:02:51:61
X509v3 Authority Key Identifier:
keyid:EC:92:69:18:5F:63:DC:33:56:03:7F:71:3C:E8:A0:90:9F:F0:72:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JJpGF9j3DNWA39xPOigkJ_wciU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d50905-007a-4074-9a05-a6c8bd8742a4/1/ddrdmEzZ-lGmxL1J2p2EI7oCUWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d50905-007a-4074-9a05-a6c8bd8742a4/1/7JJpGF9j3DNWA39xPOigkJ_wciU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.20.0/24
Signature Algorithm: sha256WithRSAEncryption
32:0f:38:2c:89:f7:ec:06:70:37:1a:ec:2a:c9:18:99:9b:5a:
b5:e8:d8:1e:d7:a5:41:54:d8:5e:89:81:fa:4f:84:6f:9e:5b:
b5:49:f0:0b:0e:1c:e8:d0:66:98:fd:b8:17:cb:10:30:e9:71:
0c:37:2c:60:49:e4:81:20:90:3b:52:40:ba:c7:92:67:ee:24:
aa:b3:ee:ad:39:2a:29:24:b9:6b:d6:92:24:78:47:37:c1:67:
78:ce:e9:42:d8:11:f2:57:0e:4c:0a:2c:73:a6:f0:2c:43:cd:
ff:89:9f:35:bc:97:6a:5f:92:7b:95:db:39:36:96:98:99:d3:
88:13:6d:61:49:02:de:a2:28:2f:dc:5a:2d:fa:e9:22:4c:82:
04:5e:9e:f5:5d:13:c6:76:99:6e:7b:ad:53:bd:e5:64:9b:25:
0a:64:c2:7a:c7:08:d1:d0:02:eb:9e:ea:e4:9c:c3:e4:b0:42:
20:de:7f:a7:6b:30:1d:62:43:bb:50:d1:09:81:11:fa:f9:3b:
1a:09:28:51:93:fd:aa:c0:86:41:30:3a:db:42:64:3c:8a:d5:
73:2d:22:ca:ae:ee:b8:58:3a:fa:8e:ac:72:69:a5:fe:90:c8:
ea:c3:b0:19:48:2b:03:23:33:e3:ad:da:21:6a:97:0b:73:a4:
ea:06:b3:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPHl4tEYUSaAlET1cTsrga0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOTI2OTE4NWY2M2RjMzM1NjAzN2Y3MTNjZThhMDkwOWZm
MDcyMjUwHhcNMjIxMDExMTUwOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRhZGQ5ODRjZDlmYTUxYTZjNGJkNDlkYTlkODQyM2JhMDI1MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQW2v6n858pwGOTCIUDhmtSGcRqj
k7wtXj+0uXnEJQfi7fgzhkYh2iudAHRYiMLrNW1ecpJup0atwuu7dKau+vfAU/XH
3aEP8/myatKjiXe/khMkOqZhPjKHpvXKi1aErjjogGTG0um9+hpNoSpdygXRQ33e
nqFXtvClaoTrwYcS3LjhcK9FJ12oY7lX5Vn88XYLEGmuaaVEyYZlPz9R2VKOEGHD
FuJJePqi7nmgNiX47rJvswclCoB9Zqz26UnFMRktlrPoMCHzFTIgvnefhL8tKR+A
0ifmMvtUcpEFZHFlOMlRy0LySF6bd40HfjHVkMsdV6T8IKj8uAOnHUH7SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXa3ZhM2fpRpsS9SdqdhCO6AlFhMB8GA1UdIwQY
MBaAFOySaRhfY9wzVgN/cTzooJCf8HIlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0pKcEdGOWozRE5XQTM5eFBPaWdrSl93Y2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9kNTA5MDUtMDA3YS00MDc0LTlhMDUt
YTZjOGJkODc0MmE0LzEvZGRyZG1FelotbEdteEwxSjJwMkVJN29DVVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9kNTA5MDUtMDA3YS00MDc0LTlhMDUtYTZjOGJkODc0MmE0
LzEvN0pKcEdGOWozRE5XQTM5eFBPaWdrSl93Y2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5AUMA0G
CSqGSIb3DQEBCwUAA4IBAQAyDzgsiffsBnA3GuwqyRiZm1q16Nge16VBVNheiYH6
T4Rvnlu1SfALDhzo0GaY/bgXyxAw6XEMNyxgSeSBIJA7UkC6x5Jn7iSqs+6tOSop
JLlr1pIkeEc3wWd4zulC2BHyVw5MCixzpvAsQ83/iZ81vJdqX5J7lds5NpaYmdOI
E21hSQLeoigv3Fot+ukiTIIEXp71XRPGdplue61TveVkmyUKZMJ6xwjR0ALrnurk
nMPksEIg3n+nazAdYkO7UNEJgRH6+TsaCShRk/2qwIZBMDrbQmQ8itVzLSLKru64
WDr6jqxyaaX+kMjqw7AZSCsDIzPjrdohapcLc6TqBrMc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:03 2023 by rpki-client on console-fra.rpki-client.org