Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/IvmHbYZSt5gXtAPrp1YBa1aCyxk.roa
File: IvmHbYZSt5gXtAPrp1YBa1aCyxk.roa (raw, json)
Hash identifier: KdYToShl9AVhyghRdC2gNcIQjD7QYp9MZmmCpIochDc=
Subject key identifier: 22:F9:87:6D:86:52:B7:98:17:B4:03:EB:A7:56:01:6B:56:82:CB:19
Certificate issuer: /CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20
Certificate serial: F8B1
Authority key identifier: 8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/IvmHbYZSt5gXtAPrp1YBa1aCyxk.roa
Signing time: Tue 19 Apr 2022 09:47:41 +0000
ROA not before: Tue 19 Apr 2022 09:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8735
IP address blocks: 194.59.45.0/24 maxlen: 24
193.227.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63665 (0xf8b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20
Validity
Not Before: Apr 19 09:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22f9876d8652b79817b403eba756016b5682cb19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:29:dd:27:7f:34:77:89:1a:54:cb:b2:9b:
94:2e:db:a2:2a:10:5c:34:80:9b:62:45:c8:03:80:
76:ba:7c:01:8f:01:d5:ef:d3:64:3d:07:5c:46:d2:
90:2a:8d:b1:4a:bc:bb:10:96:d2:55:fc:2a:7e:a6:
59:a9:ac:06:b9:75:bd:e0:08:c4:2b:2c:07:73:75:
cb:db:9a:25:45:ac:27:9a:1e:05:67:77:bf:c3:de:
4d:46:d4:16:61:a4:09:b5:fd:9b:1e:b0:9a:bb:79:
1c:03:17:d3:58:e3:11:17:c8:5e:4b:a1:6a:98:54:
96:69:ef:19:ad:f3:78:3e:db:3c:f7:61:09:e6:54:
d2:cd:52:e4:6f:1b:b8:91:29:85:d1:3b:58:a6:fd:
16:e0:24:0d:fc:a0:ab:bd:87:59:94:90:4c:b3:75:
10:79:d2:b6:65:11:ab:7c:ae:00:6b:97:8b:25:15:
ce:7b:06:a9:6c:b9:d5:af:46:74:f3:c5:3c:98:06:
00:17:08:8c:35:de:78:a6:d4:58:24:af:ec:99:3f:
2f:82:9f:62:2f:d3:bf:28:38:75:97:93:90:ef:46:
06:8c:6e:40:ec:61:a5:0f:b1:49:5c:90:a7:1d:09:
8f:e0:60:ce:92:de:98:22:b1:98:f4:a5:75:b5:71:
d4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F9:87:6D:86:52:B7:98:17:B4:03:EB:A7:56:01:6B:56:82:CB:19
X509v3 Authority Key Identifier:
keyid:8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/IvmHbYZSt5gXtAPrp1YBa1aCyxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.227.203.0/24
194.59.45.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:87:29:ff:1c:66:b0:e6:0c:bb:e0:68:79:7b:b8:4b:9a:d4:
e5:be:59:b7:68:40:fa:3e:08:29:61:75:41:83:50:f0:ec:53:
f8:83:5f:87:ef:5c:0e:d4:ab:88:42:95:8f:65:8f:29:14:7c:
c8:5e:43:75:bc:7e:98:32:67:50:94:4c:29:26:6f:47:b9:e9:
94:a5:e6:28:7d:db:02:6b:18:0b:37:c7:ac:8c:46:62:82:4d:
e3:44:66:69:cc:88:64:78:d1:15:07:52:82:0e:e6:c2:69:cf:
3f:2e:6e:14:b5:18:8a:fd:01:cc:a3:0c:24:f0:52:3a:87:22:
94:ca:19:b2:62:99:6c:8f:0c:cd:40:dd:13:81:3f:5c:44:d2:
bb:fc:a4:a7:65:df:44:8d:88:96:12:4f:f7:98:a7:bd:1c:51:
ad:22:d8:b5:e3:1f:41:64:84:0e:72:e7:97:b4:8f:1f:27:df:
ed:6b:21:aa:3f:b7:1c:db:2e:da:77:39:a9:ef:4b:4b:b2:69:
3e:30:c6:64:95:5c:46:00:58:57:85:e6:e3:60:44:8b:0b:44:
17:5b:c1:97:c0:41:8b:d4:f5:98:76:4e:6a:ac:41:ca:68:2d:
52:bd:c8:12:c2:2d:3e:77:e4:db:57:73:61:3f:b9:5e:5b:5a:
46:5f:ea:d9
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAPixMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhh
YWY3OGI2OTc3NGE1NTUwN2RlYWJmOGM0Yzk2OTQyZTllZjBkMjAwHhcNMjIwNDE5
MDk0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMmY5ODc2ZDg2NTJi
Nzk4MTdiNDAzZWJhNzU2MDE2YjU2ODJjYjE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuI8p3Sd/NHeJGlTLspuULtuiKhBcNICbYkXIA4B2unwBjwHV
79NkPQdcRtKQKo2xSry7EJbSVfwqfqZZqawGuXW94AjEKywHc3XL25olRawnmh4F
Z3e/w95NRtQWYaQJtf2bHrCau3kcAxfTWOMRF8heS6FqmFSWae8ZrfN4Pts892EJ
5lTSzVLkbxu4kSmF0TtYpv0W4CQN/KCrvYdZlJBMs3UQedK2ZRGrfK4Aa5eLJRXO
ewapbLnVr0Z088U8mAYAFwiMNd54ptRYJK/smT8vgp9iL9O/KDh1l5OQ70YGjG5A
7GGlD7FJXJCnHQmP4GDOkt6YIrGY9KV1tXHUswIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFCL5h22GUreYF7QD66dWAWtWgssZMB8GA1UdIwQYMBaAFIqveLaXdKVVB96r
+MTJaULp7w0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84ZS83OTczOTAtODFkNC00YzVkLWFiNzEtNzA4ODU2OGM1MWMwLzEv
SXZtSGJZWlN0NWdYdEFQcnAxWUJhMWFDeXhrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83
OTczOTAtODFkNC00YzVkLWFiNzEtNzA4ODU2OGM1MWMwLzEvaXE5NHRwZDBwVlVI
M3F2NHhNbHBRdW52RFNBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwePLAwQAwjstMA0GCSqGSIb3DQEB
CwUAA4IBAQBthyn/HGaw5gy74Gh5e7hLmtTlvlm3aED6PggpYXVBg1Dw7FP4g1+H
71wO1KuIQpWPZY8pFHzIXkN1vH6YMmdQlEwpJm9HuemUpeYofdsCaxgLN8esjEZi
gk3jRGZpzIhkeNEVB1KCDubCac8/Lm4UtRiK/QHMowwk8FI6hyKUyhmyYplsjwzN
QN0TgT9cRNK7/KSnZd9EjYiWEk/3mKe9HFGtIti14x9BZIQOcueXtI8fJ9/tayGq
P7cc2y7adzmp70tLsmk+MMZklVxGAFhXhebjYESLC0QXW8GXwEGL1PWYdk5qrEHK
aC1SvcgSwi0+d+TbV3NhP7leW1pGX+rZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:55 2024 by rpki-client on console-fra.rpki-client.org