Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p9QsBDiT5K7hV7vEOGyUsdJIBMQ.roa
File: p9QsBDiT5K7hV7vEOGyUsdJIBMQ.roa (raw, json)
Hash identifier: jx8pT8CuWUvCGMNW71BdXQKiHQ3ci5f6xap2Rw8UY58=
Subject key identifier: A7:D4:2C:04:38:93:E4:AE:E1:57:BB:C4:38:6C:94:B1:D2:48:04:C4
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01847229A8C281274688265DF35891F6CF14
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p9QsBDiT5K7hV7vEOGyUsdJIBMQ.roa
Signing time: Sun 13 Nov 2022 18:04:03 +0000
ROA not before: Sun 13 Nov 2022 18:04:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45036
IP address blocks: 194.32.145.0/24 maxlen: 24
194.32.144.0/24 maxlen: 24
2a12:a4c2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:72:29:a8:c2:81:27:46:88:26:5d:f3:58:91:f6:cf:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Nov 13 18:04:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7d42c043893e4aee157bbc4386c94b1d24804c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7f:03:31:bc:cc:e5:08:4d:af:0d:b8:21:dd:
b0:aa:ce:14:41:0d:57:73:14:12:5e:14:74:02:96:
e1:1e:2f:b1:99:dc:ab:80:52:8c:73:0e:25:1e:36:
b8:ff:fe:37:d0:f4:71:ff:17:fd:d0:0d:d6:0c:11:
94:97:e4:e7:bf:95:57:91:e0:59:31:b8:3f:c0:0e:
b7:94:6a:fd:d7:cf:bd:59:be:a2:be:5d:fb:e9:76:
44:e8:ff:1b:8c:51:6f:25:d1:a8:52:03:9b:87:24:
5a:ad:70:56:d8:64:46:ab:ba:8f:78:0d:d4:cd:64:
6e:52:ae:1c:f4:5d:98:b8:7b:a6:4f:0f:60:7e:aa:
90:b9:f3:77:ae:99:31:fe:55:6e:7a:03:a8:c6:99:
37:ca:f7:7b:1a:ed:88:e6:dc:05:0d:40:5d:36:00:
95:2e:a2:3a:68:98:7b:4b:78:6c:65:2b:9a:c4:d9:
f0:c3:76:93:b3:6b:71:a8:78:89:9f:1a:22:e6:2c:
46:d0:bf:67:fa:d6:ef:1d:85:e0:6b:a0:d4:a6:b6:
28:ea:6f:ea:b6:ab:3c:55:ba:c3:a3:48:c9:6f:e7:
44:d8:82:37:d8:13:d7:2d:e8:e0:21:01:2d:dd:68:
b2:46:15:14:39:33:58:77:85:cb:11:84:f6:fd:8f:
74:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D4:2C:04:38:93:E4:AE:E1:57:BB:C4:38:6C:94:B1:D2:48:04:C4
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p9QsBDiT5K7hV7vEOGyUsdJIBMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/23
IPv6:
2a12:a4c2::/32
Signature Algorithm: sha256WithRSAEncryption
34:b4:54:5c:6e:f9:24:b2:8e:12:a5:00:c3:67:f1:07:d9:3d:
84:1c:58:dd:f4:e1:a6:1e:db:a2:8f:01:23:1f:ce:62:f9:1e:
24:ec:9b:f1:d3:3b:22:39:10:98:72:d0:38:cf:e6:17:fb:82:
09:d4:f6:6d:1b:00:d9:7a:61:b0:b8:9e:58:88:82:46:fb:83:
19:c4:4c:17:29:cb:c7:e2:fa:44:81:64:20:72:6c:1a:a2:9f:
a1:39:e4:55:ec:2a:8b:3c:54:0f:7d:db:e8:8d:01:ae:0e:6a:
dd:7d:fc:d9:11:4e:c5:71:a2:7e:51:47:ae:77:85:76:e7:ae:
9c:d5:dc:fa:19:f6:3c:d4:0f:fc:c9:23:3a:cd:58:54:c7:1a:
95:cf:e6:9b:93:00:08:d7:eb:fa:68:9a:6b:26:f3:b9:3f:c9:
af:62:e2:b2:25:b1:e7:3f:30:ca:f6:9e:57:a0:2b:6f:d6:36:
f5:30:c4:75:71:ca:e6:b5:67:41:32:3c:39:11:44:58:f6:39:
b3:78:92:ea:12:f8:1b:a5:a6:23:e4:ce:1e:da:96:01:cf:23:
03:3a:31:84:29:06:34:68:41:2f:3d:cd:5f:e2:dc:a0:69:ab:
aa:6e:a9:00:66:cb:80:66:12:7b:f1:e6:90:56:be:ad:0f:16:
c2:a2:c2:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRyKajCgSdGiCZd81iR9s8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIxMTEzMTgwNDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Q0MmMwNDM4OTNlNGFlZTE1N2JiYzQzODZjOTRiMWQyNDgwNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX8DMbzM5QhNrw24Id2wqs4UQQ1X
cxQSXhR0ApbhHi+xmdyrgFKMcw4lHja4//430PRx/xf90A3WDBGUl+Tnv5VXkeBZ
Mbg/wA63lGr918+9Wb6ivl376XZE6P8bjFFvJdGoUgObhyRarXBW2GRGq7qPeA3U
zWRuUq4c9F2YuHumTw9gfqqQufN3rpkx/lVuegOoxpk3yvd7Gu2I5twFDUBdNgCV
LqI6aJh7S3hsZSuaxNnww3aTs2txqHiJnxoi5ixG0L9n+tbvHYXga6DUprYo6m/q
tqs8VbrDo0jJb+dE2II32BPXLejgIQEt3WiyRhUUOTNYd4XLEYT2/Y90vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKfULAQ4k+Su4Ve7xDhslLHSSATEMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvcDlRc0JEaVQ1SzdoVjd2RU9HeVVzZEpJQk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwiCQMA0E
AgACMAcDBQAqEqTCMA0GCSqGSIb3DQEBCwUAA4IBAQA0tFRcbvkkso4SpQDDZ/EH
2T2EHFjd9OGmHtuijwEjH85i+R4k7Jvx0zsiORCYctA4z+YX+4IJ1PZtGwDZemGw
uJ5YiIJG+4MZxEwXKcvH4vpEgWQgcmwaop+hOeRV7CqLPFQPfdvojQGuDmrdffzZ
EU7FcaJ+UUeud4V2566c1dz6GfY81A/8ySM6zVhUxxqVz+abkwAI1+v6aJprJvO5
P8mvYuKyJbHnPzDK9p5XoCtv1jb1MMR1ccrmtWdBMjw5EURY9jmzeJLqEvgbpaYj
5M4e2pYBzyMDOjGEKQY0aEEvPc1f4tygaauqbqkAZsuAZhJ78eaQVr6tDxbCosIE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:26 2023 by rpki-client on console-fra.rpki-client.org