Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/ofFXqUj75S0V96DsKJUyAZwJwfU.roa
File: ofFXqUj75S0V96DsKJUyAZwJwfU.roa (raw, json)
Hash identifier: eYX+wkwLmhiSb5BA7f2m1ltBM1PhPerzIiHv5ocCHLY=
Subject key identifier: A1:F1:57:A9:48:FB:E5:2D:15:F7:A0:EC:28:95:32:01:9C:09:C1:F5
Certificate issuer: /CN=aa563f5200a4933024e7b47d778619458568adb0
Certificate serial: DDEF37
Authority key identifier: AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/ofFXqUj75S0V96DsKJUyAZwJwfU.roa
Signing time: Thu 10 Feb 2022 22:29:22 +0000
ROA not before: Thu 10 Feb 2022 22:29:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 194.26.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14544695 (0xddef37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa563f5200a4933024e7b47d778619458568adb0
Validity
Not Before: Feb 10 22:29:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1f157a948fbe52d15f7a0ec289532019c09c1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1f:f1:90:6f:f3:07:8e:6a:d9:0d:5d:7c:45:
a9:8c:24:88:8c:34:40:9e:f1:dd:39:6f:44:ea:df:
41:04:b2:99:ec:73:06:90:86:3b:b2:37:08:5d:96:
45:46:4a:45:48:fe:fe:70:bb:26:34:82:27:07:1c:
f8:3b:08:a9:29:f5:dc:5c:92:e9:28:cc:3d:8a:5a:
d2:ee:4b:4c:7a:33:78:84:d7:d2:df:56:46:48:0b:
b3:9e:e3:a6:7e:26:9e:c2:55:c9:2e:07:cc:e0:a8:
30:3c:ed:b8:52:ee:82:62:db:0b:3f:9c:1a:d3:a9:
98:3a:8f:53:b7:87:ae:35:72:dc:25:91:b9:a7:71:
49:26:81:da:54:fb:8b:6f:51:fd:dc:c8:26:3f:f4:
45:c1:ad:7a:47:0e:40:42:9f:32:1d:47:0c:a7:3f:
5f:b5:f2:ac:97:a3:1b:50:60:ab:6e:d5:35:a6:c6:
95:5c:69:c0:16:38:d1:bf:b9:13:83:f2:88:d1:1d:
d1:43:0e:8a:fe:5e:f7:56:ed:db:68:9c:ef:54:9d:
e4:b3:3e:70:b1:68:f3:21:b0:52:63:84:72:a6:bd:
e3:3b:98:bb:cf:74:ee:f8:67:f0:54:fd:b5:f2:94:
d1:a8:01:0e:18:eb:ed:b9:43:55:49:21:58:dc:32:
35:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F1:57:A9:48:FB:E5:2D:15:F7:A0:EC:28:95:32:01:9C:09:C1:F5
X509v3 Authority Key Identifier:
keyid:AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/ofFXqUj75S0V96DsKJUyAZwJwfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/qlY_UgCkkzAk57R9d4YZRYVorbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.223.0/24
Signature Algorithm: sha256WithRSAEncryption
47:93:cc:0c:e1:f7:75:4e:4e:b3:e0:17:5a:84:1d:4a:3d:d3:
4a:70:61:a8:31:66:f7:31:1e:c6:36:31:f4:ff:8d:c9:4c:cc:
14:01:fb:9c:9a:22:b1:8a:07:9d:32:ef:47:49:ec:a2:41:1c:
24:67:5f:42:ae:7e:ff:35:1d:0b:4e:de:31:d6:43:c0:81:66:
fc:24:59:c2:d5:45:d3:8e:06:ff:21:78:b6:c4:e1:3b:65:65:
cc:4b:53:04:7f:f5:4a:7e:f9:3a:ea:8a:ab:99:51:3f:b2:74:
e1:79:49:fb:80:5c:97:4e:05:05:31:05:9e:ca:0f:87:c2:c6:
ba:ef:9d:1d:4a:81:7e:25:31:21:28:7d:c8:e6:0b:c5:ca:cd:
0e:5a:96:9c:0b:8c:8a:e8:e0:ef:02:1c:65:05:3e:93:43:cf:
c3:00:7d:6e:a5:21:ee:9a:2e:6d:65:bc:79:ad:93:dc:84:33:
20:91:58:01:35:15:28:f9:06:3a:3c:17:3a:ca:c5:a0:15:99:
7e:da:4c:3f:18:d6:19:c7:e5:1f:e8:f5:d3:43:ac:a8:b5:53:
6e:06:13:b9:f0:fd:12:28:66:5e:4e:f4:d7:7e:f0:54:3f:70:
fb:70:93:f8:70:c4:70:60:b7:89:e6:20:55:b3:c1:55:52:dc:
13:ac:aa:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAN3vNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTU2M2Y1MjAwYTQ5MzMwMjRlN2I0N2Q3Nzg2MTk0NTg1NjhhZGIwMB4XDTIyMDIx
MDIyMjkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFmMTU3YTk0OGZi
ZTUyZDE1ZjdhMGVjMjg5NTMyMDE5YzA5YzFmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEf8ZBv8weOatkNXXxFqYwkiIw0QJ7x3TlvROrfQQSymexz
BpCGO7I3CF2WRUZKRUj+/nC7JjSCJwcc+DsIqSn13FyS6SjMPYpa0u5LTHozeITX
0t9WRkgLs57jpn4mnsJVyS4HzOCoMDztuFLugmLbCz+cGtOpmDqPU7eHrjVy3CWR
uadxSSaB2lT7i29R/dzIJj/0RcGtekcOQEKfMh1HDKc/X7XyrJejG1Bgq27VNabG
lVxpwBY40b+5E4PyiNEd0UMOiv5e91bt22ic71Sd5LM+cLFo8yGwUmOEcqa94zuY
u8907vhn8FT9tfKU0agBDhjr7blDVUkhWNwyNZsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSh8VepSPvlLRX3oOwolTIBnAnB9TAfBgNVHSMEGDAWgBSqVj9SAKSTMCTn
tH13hhlFhWitsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FsWV9VZ0Nra3pBazU3UjlkNFlaUllWb3JiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMzFmMzk3LTQzMTUtNDRmMC1iYWQ5LTI2NDllMWZkYTBmNS8x
L29mRlhxVWo3NVMwVjk2RHNLSlV5QVp3SndmVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MzFmMzk3LTQzMTUtNDRmMC1iYWQ5LTI2NDllMWZkYTBmNS8xL3FsWV9VZ0Nra3pB
azU3UjlkNFlaUllWb3JiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIa3zANBgkqhkiG9w0BAQsFAAOC
AQEAR5PMDOH3dU5Os+AXWoQdSj3TSnBhqDFm9zEexjYx9P+NyUzMFAH7nJoisYoH
nTLvR0nsokEcJGdfQq5+/zUdC07eMdZDwIFm/CRZwtVF044G/yF4tsThO2VlzEtT
BH/1Sn75OuqKq5lRP7J04XlJ+4Bcl04FBTEFnsoPh8LGuu+dHUqBfiUxISh9yOYL
xcrNDlqWnAuMiujg7wIcZQU+k0PPwwB9bqUh7poubWW8ea2T3IQzIJFYATUVKPkG
OjwXOsrFoBWZftpMPxjWGcflH+j100OsqLVTbgYTufD9EihmXk70137wVD9w+3CT
+HDEcGC3ieYgVbPBVVLcE6yqDw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:54 2023 by rpki-client on console-ams.rpki-client.org