Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/iqw7XD2Cti519s0QJt6goDNkYwI.roa
File: iqw7XD2Cti519s0QJt6goDNkYwI.roa (raw, json)
Hash identifier: Cwc/XBCwlIXTMApeqDXvLcvdfc2+zgxqxsfDNzM9J4M=
Subject key identifier: 8A:AC:3B:5C:3D:82:B6:2E:75:F6:CD:10:26:DE:A0:A0:33:64:63:02
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 01836A3346F8249F5CDE04E1556F3ADC0629
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/iqw7XD2Cti519s0QJt6goDNkYwI.roa
Signing time: Fri 23 Sep 2022 11:54:48 +0000
ROA not before: Fri 23 Sep 2022 11:54:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.200.12.0/23 maxlen: 23
2a0e:9846::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:33:46:f8:24:9f:5c:de:04:e1:55:6f:3a:dc:06:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Sep 23 11:54:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8aac3b5c3d82b62e75f6cd1026dea0a033646302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:5f:73:31:8a:fe:37:5c:8f:07:49:5c:0c:
6e:9c:f6:86:a9:f7:06:f7:9a:6a:02:e7:4b:84:4c:
53:14:d4:6a:92:72:8f:63:2e:c1:2f:74:18:e0:57:
3d:4e:d0:7b:b3:91:73:3c:12:80:e5:a4:0b:4b:fc:
20:8d:00:dd:32:0e:c4:83:29:f1:4d:14:e3:d6:b4:
4e:7b:20:44:0d:75:df:61:d9:61:e9:df:42:31:1f:
49:b9:b6:ab:ee:36:d5:9b:5b:e2:66:28:23:5e:72:
06:5d:f0:64:f5:84:13:18:98:66:e6:d0:49:a8:09:
ea:c3:87:36:2c:67:d9:9f:c2:67:5d:0c:ca:16:28:
25:47:4a:c5:17:70:cb:cd:c7:40:68:0f:91:d2:db:
b5:b7:5a:36:cb:53:8b:2f:cf:71:3d:8a:f4:f7:70:
a9:22:6b:48:4e:d3:dd:ba:b5:98:2b:c7:ab:35:ad:
a2:77:01:e2:9e:3d:77:60:37:87:57:e4:bf:ef:83:
4b:95:34:39:5d:9b:61:e8:32:15:aa:62:ae:d0:65:
7e:c1:bc:fc:c8:b3:61:57:c4:d2:3c:a8:b9:65:e4:
d4:5b:02:9b:a2:41:8d:6f:57:ab:04:b2:c4:c7:2e:
5a:d0:1f:32:a2:7c:c0:e0:e9:03:64:96:f1:cc:8b:
24:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AC:3B:5C:3D:82:B6:2E:75:F6:CD:10:26:DE:A0:A0:33:64:63:02
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/iqw7XD2Cti519s0QJt6goDNkYwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.12.0/23
IPv6:
2a0e:9846::/32
Signature Algorithm: sha256WithRSAEncryption
5a:64:d3:be:a2:e1:4e:28:f4:c9:8a:a5:3d:b8:99:96:09:6d:
75:6f:80:97:60:48:44:2e:44:cf:e0:0c:f9:98:3e:2e:66:b1:
2e:90:f1:85:55:f0:2c:23:7a:4e:5c:e0:ef:24:e6:24:6a:c1:
3f:c7:6b:a0:cd:c3:5c:10:ab:43:8e:21:5d:a3:d8:12:28:31:
a6:35:7d:72:81:a1:ac:02:cd:53:98:d7:96:8a:f4:2b:78:3c:
56:e4:13:78:c4:fd:b4:e1:ef:60:33:f9:3d:60:ee:6a:32:d4:
9c:0e:b7:8f:0c:fa:c0:24:00:e6:f3:ee:ce:8d:59:c9:a4:60:
2d:66:f4:22:9c:d0:24:c0:8f:bb:17:46:bc:13:8e:ef:70:17:
73:59:5a:c5:98:54:3a:d9:a5:1d:33:58:08:10:09:0e:0a:78:
b7:fa:4c:95:e8:c6:85:cc:35:e7:e8:71:b1:95:73:17:d3:d7:
6c:7d:41:12:49:de:dc:79:23:04:29:be:0c:bb:9a:96:6c:cb:
98:f7:04:35:83:45:cf:30:9e:3e:eb:1e:a2:6e:1a:83:77:8c:
71:8b:6c:10:f3:00:ed:25:e6:3a:d9:99:1f:5d:7a:8e:ed:b7:
21:4f:dc:6c:e9:39:f7:43:b9:6c:e7:5c:0b:29:f3:e2:b1:7d:
ed:3a:e8:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNqM0b4JJ9c3gThVW863AYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjIwOTIzMTE1NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFjM2I1YzNkODJiNjJlNzVmNmNkMTAyNmRlYTBhMDMzNjQ2MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSBfczGK/jdcjwdJXAxunPaGqfcG
95pqAudLhExTFNRqknKPYy7BL3QY4Fc9TtB7s5FzPBKA5aQLS/wgjQDdMg7Egynx
TRTj1rROeyBEDXXfYdlh6d9CMR9Jubar7jbVm1viZigjXnIGXfBk9YQTGJhm5tBJ
qAnqw4c2LGfZn8JnXQzKFiglR0rFF3DLzcdAaA+R0tu1t1o2y1OLL89xPYr093Cp
ImtITtPdurWYK8erNa2idwHinj13YDeHV+S/74NLlTQ5XZth6DIVqmKu0GV+wbz8
yLNhV8TSPKi5ZeTUWwKbokGNb1erBLLExy5a0B8yonzA4OkDZJbxzIskTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIqsO1w9grYudfbNECbeoKAzZGMCMB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvaXF3N1hEMkN0aTUxOXMwUUp0NmdvRE5rWXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwcgMMA0E
AgACMAcDBQAqDphGMA0GCSqGSIb3DQEBCwUAA4IBAQBaZNO+ouFOKPTJiqU9uJmW
CW11b4CXYEhELkTP4Az5mD4uZrEukPGFVfAsI3pOXODvJOYkasE/x2ugzcNcEKtD
jiFdo9gSKDGmNX1ygaGsAs1TmNeWivQreDxW5BN4xP204e9gM/k9YO5qMtScDreP
DPrAJADm8+7OjVnJpGAtZvQinNAkwI+7F0a8E47vcBdzWVrFmFQ62aUdM1gIEAkO
Cni3+kyV6MaFzDXn6HGxlXMX09dsfUESSd7ceSMEKb4Mu5qWbMuY9wQ1g0XPMJ4+
6x6ibhqDd4xxi2wQ8wDtJeY62ZkfXXqO7bchT9xs6Tn3Q7ls51wLKfPisX3tOugx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org