Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/2fTPGnhEtDcqig43AtNVm4vb6HU.roa
File: 2fTPGnhEtDcqig43AtNVm4vb6HU.roa (raw, json)
Hash identifier: BFYd6lQ2OzbpnZ0uw4uBgcI800QPYiUDrx3/SlH0O2Q=
Subject key identifier: D9:F4:CF:1A:78:44:B4:37:2A:8A:0E:37:02:D3:55:9B:8B:DB:E8:75
Certificate issuer: /CN=f2d4116975d3e87bd8a28e643c69a3081de0019f
Certificate serial: 0185627A054512E791E5AC9876B93466AADA
Authority key identifier: F2:D4:11:69:75:D3:E8:7B:D8:A2:8E:64:3C:69:A3:08:1D:E0:01:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8tQRaXXT6HvYoo5kPGmjCB3gAZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/2fTPGnhEtDcqig43AtNVm4vb6HU.roa
Signing time: Fri 30 Dec 2022 10:00:41 +0000
ROA not before: Fri 30 Dec 2022 10:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25297
IP address blocks: 195.234.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:7a:05:45:12:e7:91:e5:ac:98:76:b9:34:66:aa:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2d4116975d3e87bd8a28e643c69a3081de0019f
Validity
Not Before: Dec 30 10:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9f4cf1a7844b4372a8a0e3702d3559b8bdbe875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bf:e2:03:07:08:13:d6:29:e3:86:4e:c6:d6:
26:19:85:6a:b2:02:94:f6:dc:82:df:be:e6:cb:66:
ce:30:9c:95:17:38:11:59:fb:72:d5:7e:e1:c4:b2:
0c:b8:37:4f:49:b9:ec:b0:d3:f3:03:62:90:7e:70:
0b:57:5f:a5:35:1e:2a:3e:16:2b:fc:9e:e9:57:fe:
4f:38:f5:04:55:70:9d:3a:0e:0d:68:aa:a6:b0:71:
88:85:01:f5:5c:9b:ae:54:c8:12:34:cd:ff:13:91:
65:41:b8:05:3c:33:f2:e0:4d:a6:49:5f:04:e2:39:
d4:10:14:f4:11:fc:e8:8b:cd:cc:b6:27:42:99:d8:
18:47:70:73:b5:60:6e:5e:ef:7d:2c:52:bf:71:0f:
86:56:a4:1b:41:48:f3:b8:98:22:4d:af:5a:39:d0:
be:f4:a4:d3:20:46:13:ea:10:93:68:80:17:37:a3:
97:c2:34:77:45:dc:80:0f:40:cb:b7:76:2a:ec:9a:
f3:77:dc:78:e8:b1:a2:46:b4:d6:d8:95:57:da:e0:
9c:2c:05:37:6f:5d:39:03:ba:b1:12:f6:f1:a5:24:
54:f2:41:bf:ef:b9:ad:28:8a:69:2a:95:8a:7e:bc:
96:b8:47:e7:56:80:8b:c4:02:83:a9:09:d5:7d:46:
25:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F4:CF:1A:78:44:B4:37:2A:8A:0E:37:02:D3:55:9B:8B:DB:E8:75
X509v3 Authority Key Identifier:
keyid:F2:D4:11:69:75:D3:E8:7B:D8:A2:8E:64:3C:69:A3:08:1D:E0:01:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8tQRaXXT6HvYoo5kPGmjCB3gAZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/2fTPGnhEtDcqig43AtNVm4vb6HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/8tQRaXXT6HvYoo5kPGmjCB3gAZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.167.0/24
Signature Algorithm: sha256WithRSAEncryption
72:63:b9:03:9b:c6:bb:ea:af:47:5f:7c:e6:88:0e:c4:f9:1d:
f6:1f:28:e5:95:71:a4:bb:86:54:46:d4:97:db:32:7f:c4:b3:
47:e9:0d:6a:72:e1:12:c8:16:4c:e8:bc:77:06:6f:af:cb:b3:
19:12:6e:2c:1e:74:17:a6:95:e6:31:9c:9f:fd:bb:5b:9c:4b:
38:87:3a:ca:c2:32:48:73:0a:be:52:99:25:bf:7c:f8:bc:5c:
9c:f5:d1:3d:33:a0:23:8b:9d:44:db:09:bb:bf:d9:4e:85:09:
a1:f6:bd:8c:b4:95:76:5f:1c:2e:03:42:49:43:e9:8d:df:58:
d2:32:15:42:28:3f:a2:99:90:ba:6c:eb:37:b5:ca:86:99:09:
75:30:f2:1c:ec:01:78:0b:68:c4:8a:4e:da:b4:7e:90:a3:f5:
a2:81:95:19:be:83:f6:20:54:b3:67:65:a1:e4:01:11:c2:1f:
a2:7b:cf:16:db:4a:f5:f3:7f:6c:e3:5a:b8:a3:e4:42:da:a5:
a2:b6:f0:cc:26:17:a8:2d:4b:80:86:de:a7:55:91:5b:91:4b:
02:96:38:52:ff:e7:8c:06:cf:86:90:4c:85:6d:5e:ff:23:8d:
3d:35:db:20:7a:4f:d3:24:f3:a9:f9:26:25:5f:d5:03:f1:a5:
4b:4c:54:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYViegVFEueR5ayYdrk0ZqraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZDQxMTY5NzVkM2U4N2JkOGEyOGU2NDNjNjlhMzA4MWRl
MDAxOWYwHhcNMjIxMjMwMTAwMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY0Y2YxYTc4NDRiNDM3MmE4YTBlMzcwMmQzNTU5YjhiZGJlODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7/iAwcIE9Yp44ZOxtYmGYVqsgKU
9tyC377my2bOMJyVFzgRWfty1X7hxLIMuDdPSbnssNPzA2KQfnALV1+lNR4qPhYr
/J7pV/5POPUEVXCdOg4NaKqmsHGIhQH1XJuuVMgSNM3/E5FlQbgFPDPy4E2mSV8E
4jnUEBT0Efzoi83MtidCmdgYR3BztWBuXu99LFK/cQ+GVqQbQUjzuJgiTa9aOdC+
9KTTIEYT6hCTaIAXN6OXwjR3RdyAD0DLt3Yq7Jrzd9x46LGiRrTW2JVX2uCcLAU3
b105A7qxEvbxpSRU8kG/77mtKIppKpWKfryWuEfnVoCLxAKDqQnVfUYljQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNn0zxp4RLQ3KooONwLTVZuL2+h1MB8GA1UdIwQY
MBaAFPLUEWl10+h72KKOZDxpowgd4AGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHRRUmFYWFQ2SHZZb281a1BHbWpDQjNnQVo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi81OTk2ZTEtMmZmMC00YmI3LWE4ODAt
ZmFhYjljYWUxZTgxLzEvMmZUUEduaEV0RGNxaWc0M0F0TlZtNHZiNkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi81OTk2ZTEtMmZmMC00YmI3LWE4ODAtZmFhYjljYWUxZTgx
LzEvOHRRUmFYWFQ2SHZZb281a1BHbWpDQjNnQVo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qnMA0G
CSqGSIb3DQEBCwUAA4IBAQByY7kDm8a76q9HX3zmiA7E+R32HyjllXGku4ZURtSX
2zJ/xLNH6Q1qcuESyBZM6Lx3Bm+vy7MZEm4sHnQXppXmMZyf/btbnEs4hzrKwjJI
cwq+Upklv3z4vFyc9dE9M6Aji51E2wm7v9lOhQmh9r2MtJV2XxwuA0JJQ+mN31jS
MhVCKD+imZC6bOs3tcqGmQl1MPIc7AF4C2jEik7atH6Qo/WigZUZvoP2IFSzZ2Wh
5AERwh+ie88W20r1839s41q4o+RC2qWitvDMJheoLUuAht6nVZFbkUsCljhS/+eM
Bs+GkEyFbV7/I409Ndsgek/TJPOp+SYlX9UD8aVLTFTM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-ams.rpki-client.org