Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/T8y0st4YfaBPfVmJPgSQMrUrwkQ.roa
File: T8y0st4YfaBPfVmJPgSQMrUrwkQ.roa (raw, json)
Hash identifier: fD1Uas9nhdxmaxrnKAtyp9Lpaggs1J7TSk1VAXPEh/Y=
Subject key identifier: 4F:CC:B4:B2:DE:18:7D:A0:4F:7D:59:89:3E:04:90:32:B5:2B:C2:44
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 01DB8F36
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/T8y0st4YfaBPfVmJPgSQMrUrwkQ.roa
Signing time: Sat 01 Jan 2022 12:59:59 +0000
ROA not before: Sat 01 Jan 2022 12:59:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31898
IP address blocks: 195.244.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31166262 (0x1db8f36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Jan 1 12:59:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fccb4b2de187da04f7d59893e049032b52bc244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:3f:b5:27:bd:ff:bd:57:3c:4f:58:f0:2e:
56:08:89:00:11:7e:88:f9:b3:39:4a:03:66:2f:da:
8a:b0:a9:2c:5b:a7:fa:e4:cb:e2:d5:1a:37:42:bf:
ec:a6:20:2a:cf:04:2b:c6:f7:0c:27:b6:3d:da:dc:
d2:dd:7e:50:59:d3:e6:ee:e4:b3:08:57:a3:dd:97:
55:eb:04:ef:a9:5f:f8:df:11:3e:d8:a6:54:4c:cd:
07:ea:23:29:72:9b:3c:5a:3b:8c:35:6c:9a:f0:0d:
1b:05:83:3f:db:2c:55:43:9b:f6:fd:66:7b:37:c9:
05:46:78:54:47:9b:32:f2:bb:7c:35:3f:c7:68:ad:
36:f9:a4:a6:5c:b0:d3:d1:1c:c6:e7:22:36:53:57:
00:4c:85:bc:3e:bb:f9:3a:e1:51:ba:5e:31:35:54:
ec:1c:ad:3e:cb:50:1c:4d:c0:5d:82:3d:fc:cf:e2:
d5:64:03:78:f4:7f:c0:db:33:27:71:55:7a:ce:a3:
80:13:38:ae:25:bb:e1:55:3e:15:f3:42:7b:9c:f4:
1f:f9:3c:b9:da:16:80:d9:df:0f:0b:d3:19:e9:70:
a8:25:7a:3f:04:ff:2d:45:ad:68:47:cc:3d:d9:d5:
3c:c0:3f:14:e5:8f:7b:03:34:12:f6:eb:0a:29:a6:
9c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CC:B4:B2:DE:18:7D:A0:4F:7D:59:89:3E:04:90:32:B5:2B:C2:44
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/T8y0st4YfaBPfVmJPgSQMrUrwkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.28.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:80:24:ab:32:86:6b:5c:4c:a1:f5:2a:8b:0c:43:60:da:4b:
6d:61:bd:ab:12:46:53:a3:cf:ab:2e:0a:c8:7f:c9:91:1b:67:
ea:76:20:1d:75:b6:29:96:e5:28:87:87:bd:82:18:84:31:6f:
e8:50:6f:0b:5a:e4:24:1c:9e:f8:8b:b9:8d:96:35:94:0b:c8:
55:f7:8f:15:3c:35:e9:0c:20:18:cd:d7:60:d3:fa:02:fb:71:
88:30:61:ba:e4:e5:c0:8b:6b:9f:e6:c7:43:4e:dc:f4:c4:6b:
43:e5:de:ae:c8:40:f9:b5:f4:79:19:aa:0e:67:e0:e6:fe:00:
c0:14:71:e8:cf:e3:53:f6:db:4d:4c:c6:e0:40:24:21:86:2e:
bd:7e:74:c0:a8:44:d2:33:20:16:69:f6:73:fe:74:26:05:7c:
d9:16:04:2b:22:de:04:5a:d0:cf:a6:21:c6:3b:e5:22:a7:5b:
bd:b8:3b:db:cf:68:e5:15:96:db:c1:83:17:75:29:1e:fe:dc:
e3:be:84:ac:50:95:bb:73:c3:75:59:ca:55:b0:d9:bb:18:49:
06:70:e7:0d:5f:a0:59:54:ed:2d:73:ca:91:b2:c1:04:09:d9:
f8:7b:f3:f4:b3:84:29:7c:fb:f8:8a:db:b6:50:cf:60:66:c0:
af:b5:b0:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAduPNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2QwNjRmYjNlNTQxZjIzNTYzMDY1ZTQ4ZjMwMGYyY2ZkZmUwMDlhMB4XDTIyMDEw
MTEyNTk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZjY2I0YjJkZTE4
N2RhMDRmN2Q1OTg5M2UwNDkwMzJiNTJiYzI0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlyP7Unvf+9VzxPWPAuVgiJABF+iPmzOUoDZi/airCpLFun
+uTL4tUaN0K/7KYgKs8EK8b3DCe2Pdrc0t1+UFnT5u7kswhXo92XVesE76lf+N8R
PtimVEzNB+ojKXKbPFo7jDVsmvANGwWDP9ssVUOb9v1mezfJBUZ4VEebMvK7fDU/
x2itNvmkplyw09EcxuciNlNXAEyFvD67+TrhUbpeMTVU7BytPstQHE3AXYI9/M/i
1WQDePR/wNszJ3FVes6jgBM4riW74VU+FfNCe5z0H/k8udoWgNnfDwvTGelwqCV6
PwT/LUWtaEfMPdnVPMA/FOWPewM0EvbrCimmnKcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPzLSy3hh9oE99WYk+BJAytSvCRDAfBgNVHSMEGDAWgBRH0GT7PlQfI1Yw
ZeSPMA8s/f4AmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1I5QmstejVVSHlOV01HWGtqekFQTFAzLUFKby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvZDU2NjkzLTIyNTQtNGEzYi1hY2JiLWVmYWFmZjBhOTgyZi8x
L1Q4eTBzdDRZZmFCUGZWbUpQZ1NRTXJVcndrUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ZDU2NjkzLTIyNTQtNGEzYi1hY2JiLWVmYWFmZjBhOTgyZi8xL1I5QmstejVVSHlO
V01HWGtqekFQTFAzLUFKby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcP0HDANBgkqhkiG9w0BAQsFAAOC
AQEATIAkqzKGa1xMofUqiwxDYNpLbWG9qxJGU6PPqy4KyH/JkRtn6nYgHXW2KZbl
KIeHvYIYhDFv6FBvC1rkJBye+Iu5jZY1lAvIVfePFTw16QwgGM3XYNP6AvtxiDBh
uuTlwItrn+bHQ07c9MRrQ+XershA+bX0eRmqDmfg5v4AwBRx6M/jU/bbTUzG4EAk
IYYuvX50wKhE0jMgFmn2c/50JgV82RYEKyLeBFrQz6YhxjvlIqdbvbg7289o5RWW
28GDF3UpHv7c476ErFCVu3PDdVnKVbDZuxhJBnDnDV+gWVTtLXPKkbLBBAnZ+Hvz
9LOEKXz7+IrbtlDPYGbAr7WwOg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:01 2023 by rpki-client on console-fra.rpki-client.org