Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/uI4fnp0Syzj6PucwlpgMqBn_EAo.roa
File: uI4fnp0Syzj6PucwlpgMqBn_EAo.roa (raw, json)
Hash identifier: FWgYDYI/EbjvnDoLqYB5miVoXOcZsqMC/pZ2GvpBgeY=
Subject key identifier: B8:8E:1F:9E:9D:12:CB:38:FA:3E:E7:30:96:98:0C:A8:19:FF:10:0A
Certificate issuer: /CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Certificate serial: 0485ABEF
Authority key identifier: 40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/uI4fnp0Syzj6PucwlpgMqBn_EAo.roa
Signing time: Sat 01 Jan 2022 12:55:39 +0000
ROA not before: Sat 01 Jan 2022 12:55:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24685
IP address blocks: 194.246.121.0/24 maxlen: 32
195.234.76.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75869167 (0x485abef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Validity
Not Before: Jan 1 12:55:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b88e1f9e9d12cb38fa3ee73096980ca819ff100a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:73:f2:87:b3:b1:fb:01:bd:cb:b1:91:75:e3:
57:e6:d9:f0:43:0c:6c:91:ca:10:95:3e:c7:99:86:
8e:3d:36:66:28:78:14:1a:2c:40:1a:14:22:ec:fb:
58:91:06:c2:bf:07:bf:6c:90:1e:7d:a1:ea:e3:85:
95:63:9c:0e:7d:71:22:89:c0:cb:85:e3:ae:97:84:
ab:8c:ea:ee:b2:fe:0b:67:93:76:9a:90:26:18:84:
c2:e9:e8:dd:65:05:72:b1:63:a4:48:e6:6e:a1:88:
03:07:00:f4:b9:ce:0a:9d:44:0b:96:95:d8:21:f0:
7e:af:bc:e4:fd:3d:6b:3c:a7:07:bf:e6:f0:32:81:
12:85:83:ce:2d:c5:9b:a1:19:7c:93:eb:d4:4c:1d:
9b:47:1c:ca:3c:c5:35:d1:7b:f0:2b:4b:60:36:6c:
0e:ea:dd:6a:81:3d:33:7f:19:75:10:2c:fd:14:cc:
0c:00:bb:47:10:65:68:22:35:a8:c3:1f:d7:53:47:
84:8b:ec:05:ad:3d:8e:21:fd:7f:42:00:6c:b4:7d:
4f:12:72:33:c1:64:d6:a7:84:33:00:0b:09:15:ac:
0c:aa:f7:68:fa:e9:8d:c4:6c:3c:38:ec:6f:58:d2:
2b:07:28:e5:55:91:ca:c4:9f:dd:97:d2:7d:22:cb:
dc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:8E:1F:9E:9D:12:CB:38:FA:3E:E7:30:96:98:0C:A8:19:FF:10:0A
X509v3 Authority Key Identifier:
keyid:40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/uI4fnp0Syzj6PucwlpgMqBn_EAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.121.0/24
195.234.76.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a7:37:4b:e1:2c:79:35:da:ae:c1:75:82:6f:d0:2a:01:bf:
e9:35:a3:cc:06:8d:fb:6f:ee:4a:b8:7f:dc:81:63:3f:c7:10:
25:c6:ed:b7:c9:e7:41:9c:a9:a7:cd:df:7a:94:35:af:0f:00:
89:94:68:c4:56:05:26:48:ae:83:04:d9:63:ae:42:8e:31:8c:
9f:82:2a:97:c6:38:e7:1a:da:c3:90:ca:f7:4c:c3:10:6d:48:
40:be:3f:70:5a:30:14:84:53:d4:56:76:11:77:0a:c4:a0:5c:
f1:49:e9:8d:e6:cc:ad:00:87:d3:56:75:26:80:77:24:3f:99:
8f:24:56:3a:f9:c9:b2:a3:bd:ed:6a:33:ff:c9:9e:11:81:a1:
9c:8f:db:6e:ed:63:3b:77:0f:82:f9:72:85:ef:ab:29:66:80:
de:18:4a:a6:d4:04:48:21:d2:71:69:ab:24:8b:17:6d:25:a7:
59:bf:9f:39:86:22:b7:f3:18:80:c5:b2:3a:71:b9:a4:74:7d:
f9:e0:20:b2:d2:ae:73:14:97:38:59:bc:85:19:d5:48:3c:bc:
9a:61:b8:07:39:be:01:44:1b:df:dd:59:d6:e3:fd:0c:69:f1:
ce:a6:f4:02:8a:75:77:2a:20:36:e1:f6:2c:54:c2:07:91:dd:
86:21:07:61
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBIWr7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDZmMDE0YTJiYzc2YWUwNGU2ZDMwNGQwNmFhY2JmYzhlODVkNTE0MB4XDTIyMDEw
MTEyNTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjg4ZTFmOWU5ZDEy
Y2IzOGZhM2VlNzMwOTY5ODBjYTgxOWZmMTAwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAONz8oezsfsBvcuxkXXjV+bZ8EMMbJHKEJU+x5mGjj02Zih4
FBosQBoUIuz7WJEGwr8Hv2yQHn2h6uOFlWOcDn1xIonAy4XjrpeEq4zq7rL+C2eT
dpqQJhiEwuno3WUFcrFjpEjmbqGIAwcA9LnOCp1EC5aV2CHwfq+85P09azynB7/m
8DKBEoWDzi3Fm6EZfJPr1Ewdm0ccyjzFNdF78CtLYDZsDurdaoE9M38ZdRAs/RTM
DAC7RxBlaCI1qMMf11NHhIvsBa09jiH9f0IAbLR9TxJyM8Fk1qeEMwALCRWsDKr3
aPrpjcRsPDjsb1jSKwco5VWRysSf3ZfSfSLL3NMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS4jh+enRLLOPo+5zCWmAyoGf8QCjAfBgNVHSMEGDAWgBRAbwFKK8dq4E5t
ME0Gqsv8joXVFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FHOEJTaXZIYXVCT2JUQk5CcXJMX0k2RjFSUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvYWIzY2FhLTMxM2UtNDY4My04NGRiLTllZTVhNzhlYzU3Yi8x
L3VJNGZucDBTeXpqNlB1Y3dscGdNcUJuX0VBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
YWIzY2FhLTMxM2UtNDY4My04NGRiLTllZTVhNzhlYzU3Yi8xL1FHOEJTaXZIYXVC
T2JUQk5CcXJMX0k2RjFSUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAML2eQMEAMPqTDANBgkqhkiG9w0B
AQsFAAOCAQEAZKc3S+EseTXarsF1gm/QKgG/6TWjzAaN+2/uSrh/3IFjP8cQJcbt
t8nnQZypp83fepQ1rw8AiZRoxFYFJkiugwTZY65CjjGMn4Iql8Y45xraw5DK90zD
EG1IQL4/cFowFIRT1FZ2EXcKxKBc8UnpjebMrQCH01Z1JoB3JD+ZjyRWOvnJsqO9
7Woz/8meEYGhnI/bbu1jO3cPgvlyhe+rKWaA3hhKptQESCHScWmrJIsXbSWnWb+f
OYYit/MYgMWyOnG5pHR9+eAgstKucxSXOFm8hRnVSDy8mmG4Bzm+AUQb391Z1uP9
DGnxzqb0Aop1dyogNuH2LFTCB5HdhiEHYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:23 2024 by rpki-client on console-fra.rpki-client.org