Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/aMwji6rIubbsLHkIiIvwVeWMaI4.roa
File: aMwji6rIubbsLHkIiIvwVeWMaI4.roa (raw, json)
Hash identifier: NaiFuO47NqTAao7s1Jc0c/XEBMO1QJTuxGYlAt0Kexs=
Subject key identifier: 68:CC:23:8B:AA:C8:B9:B6:EC:2C:79:08:88:8B:F0:55:E5:8C:68:8E
Certificate issuer: /CN=aa563f5200a4933024e7b47d778619458568adb0
Certificate serial: 8497CB
Authority key identifier: AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/aMwji6rIubbsLHkIiIvwVeWMaI4.roa
Signing time: Sat 01 Jan 2022 01:53:10 +0000
ROA not before: Sat 01 Jan 2022 01:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 194.26.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8689611 (0x8497cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa563f5200a4933024e7b47d778619458568adb0
Validity
Not Before: Jan 1 01:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68cc238baac8b9b6ec2c7908888bf055e58c688e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8c:79:94:bd:30:e3:ed:28:75:b1:6d:0c:66:
05:08:e3:cc:91:88:15:f7:ff:37:fa:e9:91:ca:0a:
bc:1a:3c:84:d4:da:a9:01:7a:95:55:0e:72:23:a1:
82:1e:3a:14:04:e5:b2:91:f5:0f:cf:aa:2d:83:c0:
c1:8a:12:5d:1c:f1:e0:06:fb:7d:cd:57:89:38:d0:
af:be:80:23:de:bf:a6:ff:44:9f:43:55:c1:bb:16:
59:51:19:9f:aa:18:11:10:34:bb:32:55:21:43:59:
04:41:f7:b0:7e:0f:a1:de:2b:70:a0:17:8d:00:03:
77:6b:d0:5d:f8:98:f2:a9:36:30:09:b9:bd:c5:11:
23:4b:41:70:b0:10:f9:e0:04:dc:47:ab:c5:4a:32:
89:e2:55:b9:e4:f7:63:82:1b:1a:f3:70:79:61:46:
4a:3e:a1:b8:83:b3:32:02:3c:a6:74:2e:a4:fb:4f:
4c:40:35:ff:80:b4:35:e6:b2:5b:e9:d9:2a:bb:5d:
bc:68:38:5c:33:b4:ca:fc:29:c9:ba:9c:a2:85:48:
40:1c:38:d3:5e:c1:27:8b:69:55:80:50:c6:3e:e1:
bc:2d:44:46:3d:76:be:09:34:5b:b0:31:cd:ff:a7:
7c:43:e8:ab:f0:38:c9:59:85:d1:f5:2a:1b:29:78:
34:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CC:23:8B:AA:C8:B9:B6:EC:2C:79:08:88:8B:F0:55:E5:8C:68:8E
X509v3 Authority Key Identifier:
keyid:AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/aMwji6rIubbsLHkIiIvwVeWMaI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/qlY_UgCkkzAk57R9d4YZRYVorbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.223.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ad:cd:32:ad:ae:9f:06:18:9d:51:d5:4a:24:58:11:a6:68:
d8:a8:64:0b:12:b9:58:b3:4c:1e:15:e5:50:31:d0:a0:22:7f:
30:f0:45:12:8b:c6:e6:fc:68:4a:c2:86:d8:93:1c:fa:40:b5:
50:5b:da:57:3d:fd:15:4b:4b:1f:3b:08:d9:91:58:60:8d:7e:
1b:69:3d:1f:d0:14:a4:19:d3:4a:b3:90:4f:e4:ce:53:64:a9:
fe:39:fb:51:c0:5c:22:1e:4b:e9:8a:d6:35:68:ef:73:a6:c9:
ee:1f:d1:bf:63:38:f4:ef:0a:9a:8b:33:3b:f1:27:00:c5:35:
8c:85:87:a9:be:c9:de:8d:a3:2c:a9:16:9a:fd:0b:6a:a3:9e:
04:b1:92:88:6e:17:05:f7:9b:00:23:78:82:07:e5:a6:85:36:
2a:1e:a9:2c:b9:bd:43:51:25:70:4e:47:66:fa:1c:7f:5b:4a:
60:75:a9:d2:c7:15:83:7e:53:c7:60:07:74:61:dd:a9:01:7e:
c9:b2:32:2e:2f:c0:af:63:79:f6:d8:d4:c2:45:30:9a:0a:d8:
a1:13:9d:48:6f:cd:fb:1b:b0:38:ff:01:0d:bd:75:66:04:22:
75:de:b0:cb:69:e0:fe:d2:8f:c1:8f:c5:d5:63:3e:4c:be:1d:
b8:a7:bd:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAISXyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTU2M2Y1MjAwYTQ5MzMwMjRlN2I0N2Q3Nzg2MTk0NTg1NjhhZGIwMB4XDTIyMDEw
MTAxNTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhjYzIzOGJhYWM4
YjliNmVjMmM3OTA4ODg4YmYwNTVlNThjNjg4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6MeZS9MOPtKHWxbQxmBQjjzJGIFff/N/rpkcoKvBo8hNTa
qQF6lVUOciOhgh46FATlspH1D8+qLYPAwYoSXRzx4Ab7fc1XiTjQr76AI96/pv9E
n0NVwbsWWVEZn6oYERA0uzJVIUNZBEH3sH4Pod4rcKAXjQADd2vQXfiY8qk2MAm5
vcURI0tBcLAQ+eAE3EerxUoyieJVueT3Y4IbGvNweWFGSj6huIOzMgI8pnQupPtP
TEA1/4C0NeayW+nZKrtdvGg4XDO0yvwpybqcooVIQBw4017BJ4tpVYBQxj7hvC1E
Rj12vgk0W7Axzf+nfEPoq/A4yVmF0fUqGyl4NE0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRozCOLqsi5tuwseQiIi/BV5YxojjAfBgNVHSMEGDAWgBSqVj9SAKSTMCTn
tH13hhlFhWitsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FsWV9VZ0Nra3pBazU3UjlkNFlaUllWb3JiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMzFmMzk3LTQzMTUtNDRmMC1iYWQ5LTI2NDllMWZkYTBmNS8x
L2FNd2ppNnJJdWJic0xIa0lpSXZ3VmVXTWFJNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MzFmMzk3LTQzMTUtNDRmMC1iYWQ5LTI2NDllMWZkYTBmNS8xL3FsWV9VZ0Nra3pB
azU3UjlkNFlaUllWb3JiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIa3zANBgkqhkiG9w0BAQsFAAOC
AQEAga3NMq2unwYYnVHVSiRYEaZo2KhkCxK5WLNMHhXlUDHQoCJ/MPBFEovG5vxo
SsKG2JMc+kC1UFvaVz39FUtLHzsI2ZFYYI1+G2k9H9AUpBnTSrOQT+TOU2Sp/jn7
UcBcIh5L6YrWNWjvc6bJ7h/Rv2M49O8KmoszO/EnAMU1jIWHqb7J3o2jLKkWmv0L
aqOeBLGSiG4XBfebACN4ggflpoU2Kh6pLLm9Q1ElcE5HZvocf1tKYHWp0scVg35T
x2AHdGHdqQF+ybIyLi/Ar2N59tjUwkUwmgrYoROdSG/N+xuwOP8BDb11ZgQidd6w
y2ng/tKPwY/F1WM+TL4duKe95A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:07 2023 by rpki-client on console-fra.rpki-client.org