Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/_q_-N4s1opfh2LD43cEpOSF6NA0.roa
File: _q_-N4s1opfh2LD43cEpOSF6NA0.roa (raw, json)
Hash identifier: JmyxAfLafKHfPOAVqsu8wIyMCz9A2y25UZ//EZKZs70=
Subject key identifier: FE:AF:FE:37:8B:35:A2:97:E1:D8:B0:F8:DD:C1:29:39:21:7A:34:0D
Certificate issuer: /CN=6b5157e419fb5a18ba2beaf2de545f2bb3decfd1
Certificate serial: 2ACCFE
Authority key identifier: 6B:51:57:E4:19:FB:5A:18:BA:2B:EA:F2:DE:54:5F:2B:B3:DE:CF:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1FX5Bn7Whi6K-ry3lRfK7Pez9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/_q_-N4s1opfh2LD43cEpOSF6NA0.roa
Signing time: Sat 01 Jan 2022 00:57:22 +0000
ROA not before: Sat 01 Jan 2022 00:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60698
IP address blocks: 193.17.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2804990 (0x2accfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5157e419fb5a18ba2beaf2de545f2bb3decfd1
Validity
Not Before: Jan 1 00:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=feaffe378b35a297e1d8b0f8ddc12939217a340d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f2:45:0a:fc:d9:57:c5:29:f8:2a:fe:62:62:
7e:7a:69:04:ac:75:e0:09:fe:38:56:9a:7d:a6:55:
de:7a:f6:8f:1a:3e:3a:d9:74:0e:45:90:f9:5d:92:
e4:e5:c4:b7:6b:7f:ef:a9:37:9d:09:30:f9:21:58:
27:5e:54:68:70:bd:b8:0d:93:fb:ca:f9:df:e8:02:
b4:9d:46:32:78:f6:95:99:64:11:65:26:b9:21:9f:
5c:ab:a0:a2:78:1f:e9:3a:df:39:d0:9b:0a:55:f8:
6e:03:25:e0:fa:f3:5d:d1:47:d4:f2:ab:f4:66:96:
1e:a1:bc:19:06:88:80:29:00:54:1f:27:72:6d:79:
44:10:14:b6:33:b7:8a:73:de:35:90:85:94:2e:31:
bf:55:22:e5:ac:11:b1:f0:35:66:16:77:ec:1e:19:
0f:ec:f2:ab:b0:13:9b:82:e8:dd:2d:56:32:ce:46:
af:3e:82:37:e5:31:a2:6f:8d:b2:0c:47:66:2b:08:
ba:9f:f6:bf:35:9a:b3:36:ea:4c:30:02:30:f5:b9:
80:5d:8f:6d:a5:de:62:ea:8e:6d:0a:e9:69:c2:e8:
e7:17:bf:d2:3c:0c:a3:b7:96:1c:84:52:09:dd:92:
f2:4e:53:25:05:b3:de:41:ba:02:16:12:4f:ca:f0:
1f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:AF:FE:37:8B:35:A2:97:E1:D8:B0:F8:DD:C1:29:39:21:7A:34:0D
X509v3 Authority Key Identifier:
keyid:6B:51:57:E4:19:FB:5A:18:BA:2B:EA:F2:DE:54:5F:2B:B3:DE:CF:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1FX5Bn7Whi6K-ry3lRfK7Pez9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/_q_-N4s1opfh2LD43cEpOSF6NA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b6ca1b-67dc-404f-8d61-32891a58337f/1/a1FX5Bn7Whi6K-ry3lRfK7Pez9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.94.0/24
Signature Algorithm: sha256WithRSAEncryption
88:e6:19:72:f0:6e:67:8c:8b:62:ba:22:fc:a3:ca:1e:88:66:
80:2a:3e:18:ff:a6:5c:17:ff:49:d2:c7:1c:78:fd:6e:bc:3d:
5d:73:aa:4f:fb:5f:91:54:cb:79:fc:c6:e0:c8:1c:63:86:f6:
06:f0:2a:24:a6:2e:6e:5d:3a:34:56:63:cd:fd:d2:6a:4a:d5:
8b:91:de:d8:50:0e:ec:39:82:34:82:8f:76:e0:a1:ac:f2:26:
2a:be:8e:f5:a4:95:e7:7b:20:b3:61:fb:a0:67:9e:79:1e:68:
6a:c4:74:79:39:48:97:9d:ed:47:6c:e1:e9:f8:10:bf:ec:85:
30:20:c9:66:9c:b9:35:d1:ff:03:1d:e2:e5:01:b3:72:49:74:
98:d1:ff:6a:7b:d9:69:ee:53:6a:b7:ed:ed:59:52:fd:59:71:
6b:2a:ca:da:e3:54:52:fa:1a:8a:e3:af:4b:91:f9:2a:f9:d1:
f7:a5:d5:97:44:bc:e5:21:bb:6f:d9:5d:59:fd:69:3d:88:6e:
15:54:d8:c5:8a:5c:08:05:15:38:c0:a0:7d:f0:eb:9e:04:a1:
9f:b5:a6:6d:9a:3d:a4:8a:ba:27:5a:ea:3c:6d:db:1f:1c:4e:
fc:43:4a:87:7b:74:c0:d2:37:be:75:06:06:fe:c2:7b:91:95:
ef:f2:04:4c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDKsz+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZi
NTE1N2U0MTlmYjVhMThiYTJiZWFmMmRlNTQ1ZjJiYjNkZWNmZDEwHhcNMjIwMTAx
MDA1NzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmZWFmZmUzNzhiMzVh
Mjk3ZTFkOGIwZjhkZGMxMjkzOTIxN2EzNDBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtvJFCvzZV8Up+Cr+YmJ+emkErHXgCf44Vpp9plXeevaPGj46
2XQORZD5XZLk5cS3a3/vqTedCTD5IVgnXlRocL24DZP7yvnf6AK0nUYyePaVmWQR
ZSa5IZ9cq6CieB/pOt850JsKVfhuAyXg+vNd0UfU8qv0ZpYeobwZBoiAKQBUHydy
bXlEEBS2M7eKc941kIWULjG/VSLlrBGx8DVmFnfsHhkP7PKrsBObgujdLVYyzkav
PoI35TGib42yDEdmKwi6n/a/NZqzNupMMAIw9bmAXY9tpd5i6o5tCulpwujnF7/S
PAyjt5YchFIJ3ZLyTlMlBbPeQboCFhJPyvAf0wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFP6v/jeLNaKX4diw+N3BKTkhejQNMB8GA1UdIwQYMBaAFGtRV+QZ+1oYuivq
8t5UXyuz3s/RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YTFGWDVCbjdXaGk2Sy1yeTNsUmZLN1BlejlFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84NC9iNmNhMWItNjdkYy00MDRmLThkNjEtMzI4OTFhNTgzMzdmLzEv
X3FfLU40czFvcGZoMkxENDNjRXBPU0Y2TkEwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9i
NmNhMWItNjdkYy00MDRmLThkNjEtMzI4OTFhNTgzMzdmLzEvYTFGWDVCbjdXaGk2
Sy1yeTNsUmZLN1BlejlFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRFeMA0GCSqGSIb3DQEBCwUAA4IB
AQCI5hly8G5njItiuiL8o8oeiGaAKj4Y/6ZcF/9J0scceP1uvD1dc6pP+1+RVMt5
/MbgyBxjhvYG8Cokpi5uXTo0VmPN/dJqStWLkd7YUA7sOYI0go924KGs8iYqvo71
pJXneyCzYfugZ555HmhqxHR5OUiXne1HbOHp+BC/7IUwIMlmnLk10f8DHeLlAbNy
SXSY0f9qe9lp7lNqt+3tWVL9WXFrKsra41RS+hqK469Lkfkq+dH3pdWXRLzlIbtv
2V1Z/Wk9iG4VVNjFilwIBRU4wKB98OueBKGftaZtmj2kironWuo8bdsfHE78Q0qH
e3TA0je+dQYG/sJ7kZXv8gRM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:50 2023 by rpki-client on console-fra.rpki-client.org