Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/1-a5CvOq8uPopGcMOc9z1E4qabM8.roa
File: 1-a5CvOq8uPopGcMOc9z1E4qabM8.roa (raw, json)
Hash identifier: fXg6TyaTO6g0MsIhw5tnIXwVlYx5NHo/NtQxViOIgoU=
Subject key identifier: F9:AE:42:BC:EA:BC:B8:FA:29:19:C3:0E:73:DC:F5:13:8A:9A:6C:CF
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 0184F91037DF467DB9783F149EC56BB6A85B
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/1-a5CvOq8uPopGcMOc9z1E4qabM8.roa
Signing time: Fri 09 Dec 2022 22:45:00 +0000
ROA not before: Fri 09 Dec 2022 22:45:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 195.122.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f9:10:37:df:46:7d:b9:78:3f:14:9e:c5:6b:b6:a8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Dec 9 22:45:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9ae42bceabcb8fa2919c30e73dcf5138a9a6ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b7:f2:ee:60:37:f3:75:87:73:14:52:7f:e7:
a2:8c:70:9c:bd:c9:f3:03:85:00:1b:95:8c:f8:94:
5c:f8:0e:b9:8c:20:71:8e:d7:b3:61:d1:4f:dd:ad:
02:6e:d5:e4:f3:b6:f8:73:c9:cf:71:4a:e8:40:05:
05:9c:e6:12:98:98:fd:8f:58:a1:67:25:1e:25:5a:
dc:83:5d:74:a0:68:40:81:c3:f0:8a:2c:59:28:e1:
88:d0:3a:6a:a0:78:ba:ea:0a:84:52:d9:ee:ce:67:
f2:44:96:3a:6c:d8:cf:99:d4:cf:35:c0:90:f7:d4:
65:f3:77:7f:68:19:1a:b9:d8:be:d9:3f:99:ef:68:
89:16:ec:f5:6b:34:a0:b8:77:de:2f:87:03:ba:28:
68:7d:0a:ee:71:95:ad:19:cd:19:18:6f:06:7f:aa:
4d:59:49:3b:c9:d5:a7:f3:4f:04:c6:74:a1:95:2b:
14:bb:9f:54:dc:6d:b3:4a:86:db:36:ca:60:ce:1b:
6a:39:4d:7b:e7:c6:56:18:3e:fa:16:63:f9:3e:14:
a0:ce:f5:a5:c0:7c:8d:62:52:f3:86:57:7a:ec:af:
0a:85:a9:6c:f7:66:6d:18:52:ff:10:5b:c4:f1:6c:
5b:8a:89:a4:67:4a:3e:a1:bc:83:0d:4e:f6:f3:2c:
dd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AE:42:BC:EA:BC:B8:FA:29:19:C3:0E:73:DC:F5:13:8A:9A:6C:CF
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/1-a5CvOq8uPopGcMOc9z1E4qabM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.122.186.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:69:4c:3f:0c:3b:73:5f:3a:e7:68:16:bc:bc:5f:6d:4e:45:
db:76:0b:9f:a1:ad:02:d9:c2:35:ea:af:1e:d9:96:a9:d9:3f:
a8:40:f5:a9:f6:f8:7d:ee:82:7e:d4:05:28:c0:79:b1:3a:96:
40:1f:86:b1:63:d2:3f:fc:aa:6c:94:6f:ab:b9:c9:cc:6d:61:
76:15:26:6f:29:33:6e:0f:31:6c:0d:24:fe:58:57:4d:ac:14:
58:9b:ad:03:5f:18:b7:28:03:7a:ec:2d:55:52:ec:1a:ba:6c:
40:3e:82:33:50:8b:9a:c1:dd:b6:bd:61:c0:e3:ad:3f:f6:2a:
52:6f:c0:de:8b:74:76:98:bb:6e:03:32:af:87:2d:03:ca:94:
42:e2:32:c0:ef:c2:22:21:38:c8:e7:75:ce:2d:75:68:8a:a5:
8e:e2:81:5c:50:f4:23:3c:ef:44:00:b2:f1:bb:97:39:c6:10:
d6:6a:f8:1f:6a:86:5a:4b:aa:43:8e:55:ec:3f:64:e5:34:ba:
48:51:d5:d1:cb:3e:d3:3e:cb:06:70:9e:52:06:46:8b:a1:0d:
2e:b5:20:9c:48:e4:9c:a7:cf:ee:59:ec:68:36:1e:80:68:d4:
a2:64:1c:bc:3b:f6:7c:d3:6c:49:28:b4:b5:e9:eb:50:07:d0:
3e:dd:e5:38
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYT5EDffRn25eD8UnsVrtqhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjIxMjA5MjI0NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFlNDJiY2VhYmNiOGZhMjkxOWMzMGU3M2RjZjUxMzhhOWE2Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bfy7mA383WHcxRSf+eijHCcvcnz
A4UAG5WM+JRc+A65jCBxjtezYdFP3a0CbtXk87b4c8nPcUroQAUFnOYSmJj9j1ih
ZyUeJVrcg110oGhAgcPwiixZKOGI0DpqoHi66gqEUtnuzmfyRJY6bNjPmdTPNcCQ
99Rl83d/aBkaudi+2T+Z72iJFuz1azSguHfeL4cDuihofQrucZWtGc0ZGG8Gf6pN
WUk7ydWn808ExnShlSsUu59U3G2zSobbNspgzhtqOU1758ZWGD76FmP5PhSgzvWl
wHyNYlLzhld67K8Khals92ZtGFL/EFvE8WxbiomkZ0o+obyDDU728yzdlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmuQrzqvLj6KRnDDnPc9ROKmmzPMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvMS1hNUN2T3E4dVBvcEdjTU9jOXoxRTRxYWJNOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvYTdjZTdhLTg0NDMtNDZlYi04Y2JhLTNiYjRkNjIwMDUx
OC8xL0FqS2t2N2Q1WkFXbFZyZFo4ZEdUNU1UVGNTay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMN6ujAN
BgkqhkiG9w0BAQsFAAOCAQEAb2lMPww7c18652gWvLxfbU5F23YLn6GtAtnCNeqv
HtmWqdk/qED1qfb4fe6CftQFKMB5sTqWQB+GsWPSP/yqbJRvq7nJzG1hdhUmbykz
bg8xbA0k/lhXTawUWJutA18YtygDeuwtVVLsGrpsQD6CM1CLmsHdtr1hwOOtP/Yq
Um/A3ot0dpi7bgMyr4ctA8qUQuIywO/CIiE4yOd1zi11aIqljuKBXFD0IzzvRACy
8buXOcYQ1mr4H2qGWkuqQ45V7D9k5TS6SFHV0cs+0z7LBnCeUgZGi6ENLrUgnEjk
nKfP7lnsaDYegGjUomQcvDv2fNNsSSi0tenrUAfQPt3lOA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:42 2023 by rpki-client on console-fra.rpki-client.org