Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/tCZETFw4-1FiKPQJgvBo_eCaVfM.roa
File: tCZETFw4-1FiKPQJgvBo_eCaVfM.roa (raw, json)
Hash identifier: W2r/wC+GtVl/3T3BSG26WZPSRqfyo7+s/dTXk27bPU4=
Subject key identifier: B4:26:44:4C:5C:38:FB:51:62:28:F4:09:82:F0:68:FD:E0:9A:55:F3
Certificate issuer: /CN=b538c7295bcd474b829e4e47eebcb0e093ce523a
Certificate serial: 7436
Authority key identifier: B5:38:C7:29:5B:CD:47:4B:82:9E:4E:47:EE:BC:B0:E0:93:CE:52:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTjHKVvNR0uCnk5H7ryw4JPOUjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/tCZETFw4-1FiKPQJgvBo_eCaVfM.roa
Signing time: Tue 29 Mar 2022 13:41:24 +0000
ROA not before: Tue 29 Mar 2022 13:41:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210906
IP address blocks: 195.64.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29750 (0x7436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b538c7295bcd474b829e4e47eebcb0e093ce523a
Validity
Not Before: Mar 29 13:41:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b426444c5c38fb516228f40982f068fde09a55f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ba:b9:38:56:9a:6b:09:e3:5e:cf:57:a2:75:
23:77:c1:65:3d:13:11:14:ad:68:a6:d2:4a:75:2f:
ee:f7:33:66:7b:7c:37:ff:19:a8:8d:4a:da:3c:36:
e8:3a:97:41:9e:38:40:5b:a6:e3:44:f0:af:72:85:
e4:97:a6:ce:80:ae:b6:23:a4:72:02:f3:19:9e:a4:
ff:ce:3c:1e:17:28:09:aa:7e:f4:05:1f:9b:87:3b:
9c:fd:42:8e:0f:21:7a:ca:33:a3:72:4c:e0:2e:85:
c3:46:8a:d9:8d:b8:44:ab:3e:be:ed:76:e5:e1:cd:
0e:78:76:a8:52:d6:1d:c8:38:e5:f4:48:41:cc:fc:
49:ee:3d:8b:61:6b:f8:46:87:6e:1b:c9:10:d3:a2:
a9:37:50:48:4c:7e:7f:44:b8:aa:eb:bb:84:9d:df:
81:2b:08:95:81:ab:92:c2:4a:64:30:29:5e:70:71:
27:de:3c:10:db:5b:7e:1f:af:a0:2c:4a:87:38:0d:
36:a8:0e:67:a3:17:59:c0:59:90:c4:72:14:df:03:
a7:3f:8a:b5:37:32:26:e7:e2:41:5e:44:56:54:40:
84:42:d0:d1:06:60:56:fd:df:2c:f3:39:b7:ee:08:
79:b5:d1:9e:25:bc:58:1b:ff:97:eb:b7:03:c7:97:
e5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:26:44:4C:5C:38:FB:51:62:28:F4:09:82:F0:68:FD:E0:9A:55:F3
X509v3 Authority Key Identifier:
keyid:B5:38:C7:29:5B:CD:47:4B:82:9E:4E:47:EE:BC:B0:E0:93:CE:52:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTjHKVvNR0uCnk5H7ryw4JPOUjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/tCZETFw4-1FiKPQJgvBo_eCaVfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/tTjHKVvNR0uCnk5H7ryw4JPOUjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.97.0/24
Signature Algorithm: sha256WithRSAEncryption
74:55:54:ef:a5:03:fa:63:5e:e5:6b:2a:0b:2b:c3:4c:56:2c:
81:34:68:46:ce:d5:b9:8d:fd:90:94:61:25:01:da:9b:45:ee:
90:eb:44:4c:78:de:a2:5e:00:82:98:2c:8c:c8:ee:2c:98:a6:
6f:cb:db:e2:44:05:2e:7c:e0:69:c5:a1:5a:79:75:2c:2f:93:
a1:78:c3:81:ab:c1:01:12:f4:e6:74:18:2c:31:63:67:d7:63:
c8:a0:aa:81:f6:af:01:35:2b:88:d1:de:ab:93:e7:f3:e3:4e:
13:16:45:79:ac:1b:2c:d5:79:e0:79:f6:f2:d1:af:e8:70:e7:
58:43:ff:eb:fb:e5:1d:e1:74:9e:2f:d1:7d:f9:90:51:6d:a2:
9e:f9:60:41:26:02:6c:42:24:19:d5:0d:1f:fd:a8:1d:f8:3e:
31:8a:51:4c:42:21:8f:d2:98:25:f3:52:c6:93:8c:3c:2e:63:
82:81:69:c1:10:be:7d:a4:87:db:32:fc:c2:29:5c:5e:66:28:
55:b4:42:a5:ac:3f:35:90:6f:1f:35:32:aa:b8:ab:2f:0a:96:
74:65:b0:56:6b:bb:cc:d3:49:a5:86:ff:d7:98:d2:78:bd:d4:
e0:a7:df:97:7d:fa:24:52:e7:43:de:bc:42:91:b3:f7:46:0d:
5f:ca:55:33
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICdDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYjUz
OGM3Mjk1YmNkNDc0YjgyOWU0ZTQ3ZWViY2IwZTA5M2NlNTIzYTAeFw0yMjAzMjkx
MzQxMjRaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGI0MjY0NDRjNWMzOGZi
NTE2MjI4ZjQwOTgyZjA2OGZkZTA5YTU1ZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCKurk4VpprCeNez1eidSN3wWU9ExEUrWim0kp1L+73M2Z7fDf/
GaiNSto8Nug6l0GeOEBbpuNE8K9yheSXps6ArrYjpHIC8xmepP/OPB4XKAmqfvQF
H5uHO5z9Qo4PIXrKM6NyTOAuhcNGitmNuESrPr7tduXhzQ54dqhS1h3IOOX0SEHM
/EnuPYtha/hGh24byRDToqk3UEhMfn9EuKrru4Sd34ErCJWBq5LCSmQwKV5wcSfe
PBDbW34fr6AsSoc4DTaoDmejF1nAWZDEchTfA6c/irU3Mibn4kFeRFZUQIRC0NEG
YFb93yzzObfuCHm10Z4lvFgb/5frtwPHl+WtAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUtCZETFw4+1FiKPQJgvBo/eCaVfMwHwYDVR0jBBgwFoAUtTjHKVvNR0uCnk5H
7ryw4JPOUjowDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC90
VGpIS1Z2TlIwdUNuazVIN3J5dzRKUE9Vam8uY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzk5L2RiZjc3Mi05Mzk2LTQxMDEtYjNlOC00M2Y5YWI2NzM0ZWMvMS90
Q1pFVEZ3NC0xRmlLUFFKZ3ZCb19lQ2FWZk0ucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5L2Ri
Zjc3Mi05Mzk2LTQxMDEtYjNlOC00M2Y5YWI2NzM0ZWMvMS90VGpIS1Z2TlIwdUNu
azVIN3J5dzRKUE9Vam8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDQGEwDQYJKoZIhvcNAQELBQADggEB
AHRVVO+lA/pjXuVrKgsrw0xWLIE0aEbO1bmN/ZCUYSUB2ptF7pDrREx43qJeAIKY
LIzI7iyYpm/L2+JEBS584GnFoVp5dSwvk6F4w4GrwQES9OZ0GCwxY2fXY8igqoH2
rwE1K4jR3quT5/PjThMWRXmsGyzVeeB59vLRr+hw51hD/+v75R3hdJ4v0X35kFFt
op75YEEmAmxCJBnVDR/9qB34PjGKUUxCIY/SmCXzUsaTjDwuY4KBacEQvn2kh9sy
/MIpXF5mKFW0QqWsPzWQbx81Mqq4qy8KlnRlsFZru8zTSaWG/9eY0ni91OCn35d9
+iRS50PevEKRs/dGDV/KVTM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:51 2023 by rpki-client on console-fra.rpki-client.org