Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/RhN_2o7u5VkENDHPNYnflkcH-gA.roa
File: RhN_2o7u5VkENDHPNYnflkcH-gA.roa (raw, json)
Hash identifier: VU2vccRHW64xbtKpQtdLmQvWNOfyL8nYA3P4GI+kLco=
Subject key identifier: 46:13:7F:DA:8E:EE:E5:59:04:34:31:CF:35:89:DF:96:47:07:FA:00
Certificate issuer: /CN=9098153bde0e34584bac91fa1868d7ef24d68bcf
Certificate serial: 043F7C76
Authority key identifier: 90:98:15:3B:DE:0E:34:58:4B:AC:91:FA:18:68:D7:EF:24:D6:8B:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kJgVO94ONFhLrJH6GGjX7yTWi88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/RhN_2o7u5VkENDHPNYnflkcH-gA.roa
Signing time: Wed 09 Mar 2022 23:05:38 +0000
ROA not before: Wed 09 Mar 2022 23:05:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 193.218.190.0/24 maxlen: 24
94.158.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71269494 (0x43f7c76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9098153bde0e34584bac91fa1868d7ef24d68bcf
Validity
Not Before: Mar 9 23:05:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46137fda8eeee559043431cf3589df964707fa00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:53:d7:1d:de:1e:7a:6c:c7:6e:22:3d:89:d5:
80:41:dc:26:2e:eb:bd:43:94:76:9c:4a:89:4c:6e:
cb:86:64:a2:e2:fc:26:43:1b:71:da:12:ac:b4:29:
0c:83:f3:ad:e4:6b:74:d4:22:60:d2:e3:b1:bc:16:
3d:14:bf:ad:40:32:6b:6d:34:21:f6:31:31:38:2f:
c6:85:ec:5e:5e:52:94:45:80:4e:7f:35:de:35:dc:
88:72:ed:36:77:64:a8:9a:b9:6e:fb:70:3f:10:ff:
02:25:46:7b:9c:39:34:c4:6f:45:00:e9:13:d6:50:
66:82:70:9a:b6:3f:be:20:42:8b:ec:8b:a2:f8:7a:
4b:f4:d3:de:31:5b:7a:1e:ff:4d:20:df:e9:06:d7:
e2:d2:bf:99:ee:ec:eb:d9:ed:4f:1c:0b:f4:61:7f:
00:10:4b:09:99:5a:5e:07:07:71:0c:fd:e0:05:d2:
b1:cc:16:e5:c2:11:72:de:90:3d:a7:86:50:14:c6:
03:f8:c5:d9:e1:4f:8f:91:7b:7d:8f:31:2f:b5:54:
9a:47:0c:51:df:e4:26:6e:60:96:72:31:87:e5:7c:
d7:e3:0a:58:d8:59:0e:eb:60:c0:c7:4b:6a:9d:a9:
a0:fb:a2:ad:66:5f:56:ac:5b:49:e5:4f:50:fa:f0:
82:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:13:7F:DA:8E:EE:E5:59:04:34:31:CF:35:89:DF:96:47:07:FA:00
X509v3 Authority Key Identifier:
keyid:90:98:15:3B:DE:0E:34:58:4B:AC:91:FA:18:68:D7:EF:24:D6:8B:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kJgVO94ONFhLrJH6GGjX7yTWi88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/RhN_2o7u5VkENDHPNYnflkcH-gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/kJgVO94ONFhLrJH6GGjX7yTWi88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.219.0/24
193.218.190.0/24
Signature Algorithm: sha256WithRSAEncryption
61:da:83:79:3c:bc:de:d7:95:a9:84:6d:59:5a:ce:1a:30:82:
56:3b:9b:c2:60:30:0f:25:37:15:c6:18:fa:87:53:45:8a:e2:
3f:72:a8:df:4d:99:55:f5:4f:c5:d2:85:1f:5f:00:ed:84:89:
40:43:2c:11:28:e3:64:8b:81:65:24:65:2c:fb:6a:3c:64:8e:
9f:ff:f6:cd:22:ea:fa:f9:70:62:47:ea:ab:56:7c:f4:cb:a7:
21:d1:1a:fa:6e:8c:7c:e6:f2:53:3c:13:25:34:1d:1d:c7:95:
98:34:fb:e6:4b:fe:0f:60:8e:c1:12:2f:06:a2:e9:08:27:57:
d0:ee:45:62:c1:3c:67:9d:1e:05:05:3f:8c:f5:a4:ed:d3:71:
9d:60:6e:13:fe:b1:58:79:a3:81:50:fb:1d:81:88:db:5f:f2:
ce:5a:3a:03:27:28:8b:95:1d:bb:32:48:ad:79:dc:75:d9:dc:
7d:40:af:36:41:b1:97:ce:e2:5c:49:0d:23:ff:59:c4:93:17:
10:af:92:08:5f:74:a1:4b:88:e9:d1:41:e5:6b:cc:2a:5f:70:
a9:c0:df:d5:fd:ed:5b:ac:43:65:d9:fa:29:09:9b:6e:e8:be:
d5:35:5f:2e:40:f5:67:69:70:6f:3c:b0:91:ca:63:bb:4c:86:
89:2f:5a:91
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBD98djANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDk4MTUzYmRlMGUzNDU4NGJhYzkxZmExODY4ZDdlZjI0ZDY4YmNmMB4XDTIyMDMw
OTIzMDUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDYxMzdmZGE4ZWVl
ZTU1OTA0MzQzMWNmMzU4OWRmOTY0NzA3ZmEwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFT1x3eHnpsx24iPYnVgEHcJi7rvUOUdpxKiUxuy4ZkouL8
JkMbcdoSrLQpDIPzreRrdNQiYNLjsbwWPRS/rUAya200IfYxMTgvxoXsXl5SlEWA
Tn813jXciHLtNndkqJq5bvtwPxD/AiVGe5w5NMRvRQDpE9ZQZoJwmrY/viBCi+yL
ovh6S/TT3jFbeh7/TSDf6QbX4tK/me7s69ntTxwL9GF/ABBLCZlaXgcHcQz94AXS
scwW5cIRct6QPaeGUBTGA/jF2eFPj5F7fY8xL7VUmkcMUd/kJm5glnIxh+V81+MK
WNhZDutgwMdLap2poPuirWZfVqxbSeVPUPrwgj0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRGE3/aju7lWQQ0Mc81id+WRwf6ADAfBgNVHSMEGDAWgBSQmBU73g40WEus
kfoYaNfvJNaLzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tKZ1ZPOTRPTkZoTHJKSDZHR2pYN3lUV2k4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYmE5MDAzLWQ0MzMtNDA5NS04NGI3LTJmOTMzZDk4OTZlMC8x
L1JoTl8ybzd1NVZrRU5ESFBOWW5mbGtjSC1nQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YmE5MDAzLWQ0MzMtNDA5NS04NGI3LTJmOTMzZDk4OTZlMC8xL2tKZ1ZPOTRPTkZo
THJKSDZHR2pYN3lUV2k4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF6e2wMEAMHavjANBgkqhkiG9w0B
AQsFAAOCAQEAYdqDeTy83teVqYRtWVrOGjCCVjubwmAwDyU3FcYY+odTRYriP3Ko
302ZVfVPxdKFH18A7YSJQEMsESjjZIuBZSRlLPtqPGSOn//2zSLq+vlwYkfqq1Z8
9MunIdEa+m6MfObyUzwTJTQdHceVmDT75kv+D2COwRIvBqLpCCdX0O5FYsE8Z50e
BQU/jPWk7dNxnWBuE/6xWHmjgVD7HYGI21/yzlo6Aycoi5UduzJIrXncddncfUCv
NkGxl87iXEkNI/9ZxJMXEK+SCF90oUuI6dFB5WvMKl9wqcDf1f3tW6xDZdn6KQmb
bui+1TVfLkD1Z2lwbzywkcpju0yGiS9akQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:05 2023 by rpki-client on console-fra.rpki-client.org