Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/aKhMBBP1Xbi4mMZPGlvTpe-O4w0.roa
File: aKhMBBP1Xbi4mMZPGlvTpe-O4w0.roa (raw, json)
Hash identifier: PkCTgxWnztPFabdYvSUBxUtyK6Q7edADYM0uu1nsPts=
Subject key identifier: 68:A8:4C:04:13:F5:5D:B8:B8:98:C6:4F:1A:5B:D3:A5:EF:8E:E3:0D
Certificate issuer: /CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Certificate serial: 072B1EC7
Authority key identifier: 41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/aKhMBBP1Xbi4mMZPGlvTpe-O4w0.roa
Signing time: Sat 01 Jan 2022 14:06:45 +0000
ROA not before: Sat 01 Jan 2022 14:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 195.142.244.0/24 maxlen: 24
195.142.245.0/24 maxlen: 24
195.142.246.0/24 maxlen: 24
195.142.247.0/24 maxlen: 24
195.142.202.0/24 maxlen: 24
195.142.203.0/24 maxlen: 24
195.142.200.0/24 maxlen: 24
195.142.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120266439 (0x72b1ec7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Validity
Not Before: Jan 1 14:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68a84c0413f55db8b898c64f1a5bd3a5ef8ee30d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:28:27:12:ed:37:c9:73:13:9a:fd:7e:55:d6:
29:75:0c:7e:f7:40:dd:d8:4e:4a:2a:ae:56:a4:f3:
2f:7a:ba:30:e5:77:bf:bb:1e:f4:52:49:49:da:98:
e5:a9:ac:cd:a6:39:30:9a:6c:20:2e:d9:07:08:c0:
22:f7:30:88:8c:f1:e4:a1:e0:e0:9f:41:3b:99:00:
78:82:8f:b2:bc:9d:1d:40:92:ae:67:ec:3d:e1:fe:
f5:15:72:8f:3e:e5:ad:a4:a6:9e:bd:c2:1d:7f:de:
9a:e9:d5:f9:5f:a4:4d:60:c0:31:3d:9d:15:26:53:
f9:19:5b:51:b9:7f:f6:6f:12:56:17:f7:ee:6e:1e:
76:4d:97:60:4b:e7:c0:84:28:cc:1c:1e:89:91:f0:
53:4f:19:13:fe:9e:9c:7c:9a:09:9b:76:b1:65:48:
5f:b3:24:8b:57:91:6a:27:91:6a:be:8d:5b:00:22:
51:48:18:e2:62:f8:6f:01:9a:87:87:fe:10:19:56:
7f:e7:3c:e6:6c:3b:f9:be:88:ab:cc:85:0b:34:86:
1b:b0:a2:e5:e4:2a:0c:1f:09:ce:a2:3e:9e:75:60:
5c:9b:43:dd:73:c1:e3:cc:c7:ca:4c:5b:ff:f8:ce:
db:e0:19:5c:ce:58:90:9e:0d:5a:9a:8a:97:7b:70:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A8:4C:04:13:F5:5D:B8:B8:98:C6:4F:1A:5B:D3:A5:EF:8E:E3:0D
X509v3 Authority Key Identifier:
keyid:41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/aKhMBBP1Xbi4mMZPGlvTpe-O4w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.142.200.0/22
195.142.244.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:ab:b1:2f:59:8a:79:ef:07:44:1d:ac:66:6f:19:6b:ef:5a:
14:f1:22:6a:f9:c5:35:f9:7c:8a:31:26:93:3a:0d:62:49:52:
f3:98:b6:bf:09:d5:e6:be:30:f7:cc:2e:96:61:1f:27:c2:f7:
ed:45:c5:c3:ca:f4:35:a8:f7:9f:96:96:7c:3f:8a:50:fa:54:
94:74:76:8d:fe:da:2e:94:a0:2e:6e:56:5d:78:96:4c:66:43:
f6:2a:ef:0a:f9:27:1a:ae:ca:ee:8b:3c:9d:b8:7d:79:6d:89:
d8:fe:fd:65:5c:76:bf:34:07:ab:7e:2e:b4:e1:00:e9:76:c5:
c1:e1:b5:3b:c7:ed:74:4a:7f:9c:22:4a:ae:99:e4:cf:b5:ca:
7b:f9:79:a5:4b:45:b3:cc:b2:a6:7b:e7:61:7a:07:21:76:3d:
42:52:3b:4b:81:b8:0e:29:5f:2b:c7:ec:39:9e:ee:2a:50:3b:
87:3a:52:6d:f1:c2:be:59:84:88:1f:56:be:8c:29:77:f3:85:
c8:26:ca:93:19:72:d1:6e:26:1a:cf:50:f4:cf:c2:bc:46:b1:
1c:37:48:9d:d3:82:a2:40:a1:ce:f5:ae:d0:ed:f1:d7:0b:5a:
85:b9:d4:cc:b6:e7:d6:20:6f:ed:bc:d1:ed:00:bd:58:25:3b:
89:68:e5:4b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBysexzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTc2M2RiMWVkMzM0YTdjNTI4MGFiOTg1NDc0MjkxNGFlMGM0YzUyMB4XDTIyMDEw
MTE0MDY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhhODRjMDQxM2Y1
NWRiOGI4OThjNjRmMWE1YmQzYTVlZjhlZTMwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwoJxLtN8lzE5r9flXWKXUMfvdA3dhOSiquVqTzL3q6MOV3
v7se9FJJSdqY5amszaY5MJpsIC7ZBwjAIvcwiIzx5KHg4J9BO5kAeIKPsrydHUCS
rmfsPeH+9RVyjz7lraSmnr3CHX/emunV+V+kTWDAMT2dFSZT+RlbUbl/9m8SVhf3
7m4edk2XYEvnwIQozBweiZHwU08ZE/6enHyaCZt2sWVIX7Mki1eRaieRar6NWwAi
UUgY4mL4bwGah4f+EBlWf+c85mw7+b6Iq8yFCzSGG7Ci5eQqDB8JzqI+nnVgXJtD
3XPB48zHykxb//jO2+AZXM5YkJ4NWpqKl3twqpkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRoqEwEE/VduLiYxk8aW9Ol747jDTAfBgNVHSMEGDAWgBRBdj2x7TNKfFKA
q5hUdCkUrgxMUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FYWTlzZTB6U254U2dLdVlWSFFwRks0TVRGSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvZWZkMDk0LTRiYzAtNGFkMC1hYmEzLTQ5Yzk1ZWVhYzgxMi8x
L2FLaE1CQlAxWGJpNG1NWlBHbHZUcGUtTzR3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
ZWZkMDk0LTRiYzAtNGFkMC1hYmEzLTQ5Yzk1ZWVhYzgxMi8xL1FYWTlzZTB6U254
U2dLdVlWSFFwRks0TVRGSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsOOyAMEAsOO9DANBgkqhkiG9w0B
AQsFAAOCAQEAjquxL1mKee8HRB2sZm8Za+9aFPEiavnFNfl8ijEmkzoNYklS85i2
vwnV5r4w98wulmEfJ8L37UXFw8r0Naj3n5aWfD+KUPpUlHR2jf7aLpSgLm5WXXiW
TGZD9irvCvknGq7K7os8nbh9eW2J2P79ZVx2vzQHq34utOEA6XbFweG1O8ftdEp/
nCJKrpnkz7XKe/l5pUtFs8yypnvnYXoHIXY9QlI7S4G4DilfK8fsOZ7uKlA7hzpS
bfHCvlmEiB9Wvowpd/OFyCbKkxly0W4mGs9Q9M/CvEaxHDdIndOCokChzvWu0O3x
1wtahbnUzLbn1iBv7bzR7QC9WCU7iWjlSw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:22 2023 by rpki-client on console-fra.rpki-client.org