Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/9OAScsmdSbx34zlEuibFV3217-4.roa
File: 9OAScsmdSbx34zlEuibFV3217-4.roa (raw, json)
Hash identifier: H0IShSwpTpOXbzbuTlX+Oi91gdCbzf3SFFB0MiZ90uc=
Subject key identifier: F4:E0:12:72:C9:9D:49:BC:77:E3:39:44:BA:26:C5:57:7D:B5:EF:EE
Certificate issuer: /CN=77bdd75f2efc244f86a321b150e62936a14029db
Certificate serial: 080EA52E
Authority key identifier: 77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/9OAScsmdSbx34zlEuibFV3217-4.roa
Signing time: Sat 01 Jan 2022 12:03:44 +0000
ROA not before: Sat 01 Jan 2022 12:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 195.234.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135177518 (0x80ea52e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bdd75f2efc244f86a321b150e62936a14029db
Validity
Not Before: Jan 1 12:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4e01272c99d49bc77e33944ba26c5577db5efee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:0c:59:d9:8f:64:b2:7b:cf:c0:43:ee:43:
5b:5d:56:d7:30:4d:d8:80:7d:30:17:86:79:67:9d:
db:1a:37:cc:89:d7:b7:ca:21:11:24:b3:72:ee:9b:
2b:9f:bd:ad:c0:42:fc:61:35:f7:bd:52:9b:56:a1:
da:96:52:95:5e:92:2c:32:08:5a:cb:da:0b:71:30:
f2:c0:79:b8:e7:56:a3:fa:bb:83:3c:40:6e:8f:b2:
29:fe:f7:fa:6e:27:07:29:54:6e:b0:c2:16:70:25:
ac:64:8a:b6:54:bf:df:b2:24:41:5d:5e:4e:81:55:
82:b4:ad:87:aa:14:70:2f:4a:dd:03:cb:a6:53:04:
aa:b5:85:4a:e9:a7:93:3a:b5:4c:b0:17:e5:e5:6a:
4b:c1:de:ce:71:db:44:25:12:ca:0a:80:c6:ac:57:
91:7f:ac:af:10:0f:d8:f1:ab:62:31:19:23:27:01:
12:41:f1:05:0e:cf:b3:d5:83:aa:cb:a2:69:8d:63:
f6:39:83:a9:1e:12:45:4b:7a:6d:17:b0:db:df:30:
2b:f9:c6:55:70:b9:d1:61:62:69:26:ec:d2:97:8f:
2d:69:2f:df:06:81:01:e4:90:37:7b:62:10:df:1b:
e0:63:ee:1b:8e:05:42:cc:12:b0:bf:fa:00:6c:01:
74:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E0:12:72:C9:9D:49:BC:77:E3:39:44:BA:26:C5:57:7D:B5:EF:EE
X509v3 Authority Key Identifier:
keyid:77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/9OAScsmdSbx34zlEuibFV3217-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.155.0/24
Signature Algorithm: sha256WithRSAEncryption
87:5d:db:4c:2f:a8:bb:63:3a:f6:b9:46:45:f5:05:84:27:a2:
b3:64:64:49:30:74:e5:b2:c8:e4:b4:1e:ad:ad:e8:e5:9a:e7:
77:53:4c:1a:cb:b9:b3:58:6b:52:5e:2d:0d:3e:e5:62:34:5e:
93:35:9d:34:c9:7f:3c:65:48:83:56:db:2f:23:ef:13:20:f2:
73:7e:80:0d:41:69:a8:50:1f:e3:37:b9:da:37:7d:de:ba:2a:
77:32:45:b0:0b:f8:4c:f2:66:bf:57:6d:4d:3a:8b:e2:15:f3:
21:0d:36:03:72:30:45:16:81:6d:a1:34:f5:12:00:4b:9a:9b:
f4:59:fe:c2:83:44:ad:53:1c:ef:92:ab:d5:64:6f:e6:1c:1d:
b5:5c:bd:40:a3:ac:b1:d3:86:54:ac:84:80:8c:7c:7e:bf:9a:
81:2f:8b:30:6f:8f:bc:6d:cc:26:2e:58:f3:6b:60:97:80:93:
17:28:cc:aa:e2:cd:33:05:0e:c3:ba:74:ff:99:2e:be:d2:a9:
47:ad:48:83:a1:44:d1:09:09:bc:6b:10:93:3b:6b:4b:10:91:
e5:23:2e:d6:7f:e9:6d:a2:0c:2d:02:10:6f:f2:83:06:d7:42:
7b:1d:80:03:f9:42:f3:d1:cf:5b:05:2b:c4:be:d4:e7:c2:ae:
c7:13:9b:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECA6lLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2JkZDc1ZjJlZmMyNDRmODZhMzIxYjE1MGU2MjkzNmExNDAyOWRiMB4XDTIyMDEw
MTEyMDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRlMDEyNzJjOTlk
NDliYzc3ZTMzOTQ0YmEyNmM1NTc3ZGI1ZWZlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuuDFnZj2Sye8/AQ+5DW11W1zBN2IB9MBeGeWed2xo3zInX
t8ohESSzcu6bK5+9rcBC/GE1971Sm1ah2pZSlV6SLDIIWsvaC3Ew8sB5uOdWo/q7
gzxAbo+yKf73+m4nBylUbrDCFnAlrGSKtlS/37IkQV1eToFVgrSth6oUcC9K3QPL
plMEqrWFSumnkzq1TLAX5eVqS8HeznHbRCUSygqAxqxXkX+srxAP2PGrYjEZIycB
EkHxBQ7Ps9WDqsuiaY1j9jmDqR4SRUt6bRew298wK/nGVXC50WFiaSbs0pePLWkv
3waBAeSQN3tiEN8b4GPuG44FQswSsL/6AGwBdKcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT04BJyyZ1JvHfjOUS6JsVXfbXv7jAfBgNVHSMEGDAWgBR3vddfLvwkT4aj
IbFQ5ik2oUAp2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q3M1hYeTc4SkUtR295R3hVT1lwTnFGQUtkcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvMjZhMzRlLTIwOTQtNGU3Ni1hMWVhLTFkZWRiZTdiNWJhZi8x
LzlPQVNjc21kU2J4MzR6bEV1aWJGVjMyMTctNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
MjZhMzRlLTIwOTQtNGU3Ni1hMWVhLTFkZWRiZTdiNWJhZi8xL2Q3M1hYeTc4SkUt
R295R3hVT1lwTnFGQUtkcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPqmzANBgkqhkiG9w0BAQsFAAOC
AQEAh13bTC+ou2M69rlGRfUFhCeis2RkSTB05bLI5LQera3o5Zrnd1NMGsu5s1hr
Ul4tDT7lYjRekzWdNMl/PGVIg1bbLyPvEyDyc36ADUFpqFAf4ze52jd93roqdzJF
sAv4TPJmv1dtTTqL4hXzIQ02A3IwRRaBbaE09RIAS5qb9Fn+woNErVMc75Kr1WRv
5hwdtVy9QKOssdOGVKyEgIx8fr+agS+LMG+PvG3MJi5Y82tgl4CTFyjMquLNMwUO
w7p0/5kuvtKpR61Ig6FE0QkJvGsQkztrSxCR5SMu1n/pbaIMLQIQb/KDBtdCex2A
A/lC89HPWwUrxL7U58KuxxObYw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:21 2023 by rpki-client on console-ams.rpki-client.org