Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/e913c7-8320-434c-a70f-f936783fabdb/1/R30rpnAywzEkcaJCVZ-e55TOk-Q.roa
File: R30rpnAywzEkcaJCVZ-e55TOk-Q.roa (raw, json)
Hash identifier: H8ErPoXp6iCVV7Z8PHpP6F+i6dRBe8ULSss+cbq7HfM=
Subject key identifier: 47:7D:2B:A6:70:32:C3:31:24:71:A2:42:55:9F:9E:E7:94:CE:93:E4
Certificate issuer: /CN=ddd8d5d3b29099b269261ee2714da1e9548c4632
Certificate serial: D6E60C
Authority key identifier: DD:D8:D5:D3:B2:90:99:B2:69:26:1E:E2:71:4D:A1:E9:54:8C:46:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3djV07KQmbJpJh7icU2h6VSMRjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/e913c7-8320-434c-a70f-f936783fabdb/1/R30rpnAywzEkcaJCVZ-e55TOk-Q.roa
Signing time: Sat 01 Jan 2022 11:54:44 +0000
ROA not before: Sat 01 Jan 2022 11:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 194.104.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14083596 (0xd6e60c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddd8d5d3b29099b269261ee2714da1e9548c4632
Validity
Not Before: Jan 1 11:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=477d2ba67032c3312471a242559f9ee794ce93e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f6:f7:88:3a:6d:a5:55:23:1b:4c:18:ed:ef:
75:49:d1:f6:b7:6c:b6:1c:c1:f1:78:8d:56:a0:d4:
90:c5:8e:a4:9b:87:d4:26:49:d9:57:80:03:f8:29:
1d:85:a1:91:e3:0d:98:e9:5c:16:c2:be:55:9c:6c:
f9:9f:57:26:ed:87:2c:ea:64:3d:e7:ef:4c:5d:80:
fd:f8:60:02:e9:a5:2d:0b:38:b0:9c:f6:17:05:bc:
67:c9:65:4b:b5:56:7c:d2:c1:79:f7:61:4d:47:c6:
87:52:5b:85:0c:ce:7d:0e:e2:2f:34:c3:e1:7e:56:
bf:fe:1f:51:c2:f9:07:28:41:70:a8:4b:a4:6f:f0:
3c:fe:fa:b2:12:70:4d:09:1e:7e:92:cf:de:1b:3a:
5a:fa:8f:b0:f2:ed:57:bf:05:d1:26:06:3e:1e:86:
ef:9d:ae:bd:06:ea:6b:b5:46:7f:3b:36:d2:4e:00:
58:43:64:19:6e:39:b5:1b:51:c0:5e:6c:d7:54:e5:
6f:25:7b:72:60:96:60:40:79:f5:f0:76:fc:a1:2f:
12:13:59:6e:9c:70:f7:c2:43:1a:2e:ef:b5:e7:fe:
8b:01:13:b7:5b:82:eb:90:8b:37:ab:df:cd:28:83:
f3:ba:62:68:31:e0:2a:fe:05:fd:c3:94:8c:a9:b1:
60:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7D:2B:A6:70:32:C3:31:24:71:A2:42:55:9F:9E:E7:94:CE:93:E4
X509v3 Authority Key Identifier:
keyid:DD:D8:D5:D3:B2:90:99:B2:69:26:1E:E2:71:4D:A1:E9:54:8C:46:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3djV07KQmbJpJh7icU2h6VSMRjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/e913c7-8320-434c-a70f-f936783fabdb/1/R30rpnAywzEkcaJCVZ-e55TOk-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/e913c7-8320-434c-a70f-f936783fabdb/1/3djV07KQmbJpJh7icU2h6VSMRjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.233.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:88:64:d2:62:b9:af:c3:e8:55:34:29:c4:5f:e7:75:a3:6d:
38:f6:2f:c1:d1:47:b5:b0:ec:0e:9e:5e:67:72:42:95:41:61:
f1:e0:9c:39:c4:0e:cf:23:2c:61:a7:87:68:5c:7a:81:c2:95:
44:a5:4e:05:ea:70:bc:bf:f0:e0:7f:d0:6c:36:8a:e4:00:f7:
a2:e8:91:10:17:f8:7d:89:e3:f4:7f:5d:bf:92:48:6c:77:7b:
d3:e4:35:5f:fd:35:22:1d:28:07:f5:15:ff:77:4e:db:e0:0c:
50:47:f0:d4:86:38:bd:7b:47:f4:66:86:e4:91:6b:bf:ad:e0:
46:3b:e5:8d:cd:c0:23:cd:c1:c6:87:5d:5a:41:10:f1:6b:51:
86:76:41:66:cf:b3:80:4a:ad:24:91:7c:bf:06:ba:92:b6:05:
ae:7c:5b:be:0c:35:a8:27:d5:90:cd:f6:90:c5:df:88:d4:69:
07:fc:44:ae:85:3c:fa:ec:91:3f:9f:78:ee:21:25:56:12:63:
75:67:6b:57:c6:6f:39:41:93:d6:65:14:1e:84:d8:f3:6f:3a:
cc:e3:f7:aa:47:a5:33:49:b0:5b:ff:a0:65:6e:e9:00:29:b6:
2d:92:8c:d0:c8:73:d8:3c:02:03:42:f8:f8:cb:68:12:c5:97:
ce:f8:7e:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANbmDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZGQ4ZDVkM2IyOTA5OWIyNjkyNjFlZTI3MTRkYTFlOTU0OGM0NjMyMB4XDTIyMDEw
MTExNTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc3ZDJiYTY3MDMy
YzMzMTI0NzFhMjQyNTU5ZjllZTc5NGNlOTNlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7294g6baVVIxtMGO3vdUnR9rdsthzB8XiNVqDUkMWOpJuH
1CZJ2VeAA/gpHYWhkeMNmOlcFsK+VZxs+Z9XJu2HLOpkPefvTF2A/fhgAumlLQs4
sJz2FwW8Z8llS7VWfNLBefdhTUfGh1JbhQzOfQ7iLzTD4X5Wv/4fUcL5ByhBcKhL
pG/wPP76shJwTQkefpLP3hs6WvqPsPLtV78F0SYGPh6G752uvQbqa7VGfzs20k4A
WENkGW45tRtRwF5s11TlbyV7cmCWYEB59fB2/KEvEhNZbpxw98JDGi7vtef+iwET
t1uC65CLN6vfzSiD87piaDHgKv4F/cOUjKmxYD8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRHfSumcDLDMSRxokJVn57nlM6T5DAfBgNVHSMEGDAWgBTd2NXTspCZsmkm
HuJxTaHpVIxGMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNkalYwN0tRbWJKcEpoN2ljVTJoNlZTTVJqSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZTkxM2M3LTgzMjAtNDM0Yy1hNzBmLWY5MzY3ODNmYWJkYi8x
L1IzMHJwbkF5d3pFa2NhSkNWWi1lNTVUT2stUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZTkxM2M3LTgzMjAtNDM0Yy1hNzBmLWY5MzY3ODNmYWJkYi8xLzNkalYwN0tRbWJK
cEpoN2ljVTJoNlZTTVJqSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo6TANBgkqhkiG9w0BAQsFAAOC
AQEAHohk0mK5r8PoVTQpxF/ndaNtOPYvwdFHtbDsDp5eZ3JClUFh8eCcOcQOzyMs
YaeHaFx6gcKVRKVOBepwvL/w4H/QbDaK5AD3ouiREBf4fYnj9H9dv5JIbHd70+Q1
X/01Ih0oB/UV/3dO2+AMUEfw1IY4vXtH9GaG5JFrv63gRjvljc3AI83BxoddWkEQ
8WtRhnZBZs+zgEqtJJF8vwa6krYFrnxbvgw1qCfVkM32kMXfiNRpB/xEroU8+uyR
P5947iElVhJjdWdrV8ZvOUGT1mUUHoTY8286zOP3qkelM0mwW/+gZW7pACm2LZKM
0Mhz2DwCA0L4+MtoEsWXzvh+Bw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:20 2023 by rpki-client on console-fra.rpki-client.org