Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/54faaa-37e6-4ad0-9ef5-6870684566e2/1/gfUT3ax9TOPUQJbcUM5xmkHtaak.roa
File: gfUT3ax9TOPUQJbcUM5xmkHtaak.roa (raw, json)
Hash identifier: /q+NQ77PCCe9jef+egm1Vvydffd4uFIiTcQ5tKII5OQ=
Subject key identifier: 81:F5:13:DD:AC:7D:4C:E3:D4:40:96:DC:50:CE:71:9A:41:ED:69:A9
Certificate issuer: /CN=b8b8da567492dcbf59f98a6bf1d1974ab42bc7d0
Certificate serial: 02129191
Authority key identifier: B8:B8:DA:56:74:92:DC:BF:59:F9:8A:6B:F1:D1:97:4A:B4:2B:C7:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uLjaVnSS3L9Z-Ypr8dGXSrQrx9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/54faaa-37e6-4ad0-9ef5-6870684566e2/1/gfUT3ax9TOPUQJbcUM5xmkHtaak.roa
Signing time: Sat 01 Jan 2022 03:58:45 +0000
ROA not before: Sat 01 Jan 2022 03:58:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13135
IP address blocks: 192.76.124.0/24 maxlen: 24
194.55.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34771345 (0x2129191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8b8da567492dcbf59f98a6bf1d1974ab42bc7d0
Validity
Not Before: Jan 1 03:58:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81f513ddac7d4ce3d44096dc50ce719a41ed69a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:fa:04:4d:04:4c:d4:47:cc:17:8f:7a:10:
54:4f:ae:92:d7:e4:0c:60:6a:60:e7:04:a3:29:70:
dc:dc:84:02:92:6d:e5:3c:18:47:09:f9:56:a5:a3:
a8:b5:49:a3:4c:49:3a:16:de:75:3b:95:5a:b6:0a:
a1:57:cc:58:6f:e2:54:6e:ee:e4:d5:33:3c:65:b3:
7a:1d:2f:d7:92:d5:70:63:23:a1:da:50:c7:54:cf:
4d:f5:98:1d:fd:56:99:47:08:0e:d3:d7:22:e3:a8:
72:2b:43:88:fa:50:d2:00:99:ce:30:75:86:5a:31:
d5:8a:0f:d8:28:26:42:0e:e1:aa:a3:ca:5f:cc:71:
17:d3:81:a9:12:f5:13:69:b2:04:5b:51:d9:e5:f9:
ce:77:ed:68:a7:f9:72:0a:4f:28:d2:b4:2f:b5:a9:
8c:ad:f3:a7:7c:a4:45:a4:81:6b:81:6d:17:50:48:
ad:d4:ac:4b:a8:36:2f:15:1c:94:a5:a9:80:01:b4:
70:e6:15:f7:9c:e5:c9:a5:df:a6:15:e0:d1:71:a3:
3e:e8:64:14:e6:1f:97:b2:a5:c1:80:66:43:6a:fc:
47:cb:07:3a:9a:48:fc:b8:5c:b7:5a:ac:a6:e0:77:
c8:5b:c6:d1:9c:1e:01:0f:82:f2:b8:d3:1a:8f:9e:
c4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F5:13:DD:AC:7D:4C:E3:D4:40:96:DC:50:CE:71:9A:41:ED:69:A9
X509v3 Authority Key Identifier:
keyid:B8:B8:DA:56:74:92:DC:BF:59:F9:8A:6B:F1:D1:97:4A:B4:2B:C7:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uLjaVnSS3L9Z-Ypr8dGXSrQrx9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/54faaa-37e6-4ad0-9ef5-6870684566e2/1/gfUT3ax9TOPUQJbcUM5xmkHtaak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/54faaa-37e6-4ad0-9ef5-6870684566e2/1/uLjaVnSS3L9Z-Ypr8dGXSrQrx9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.76.124.0/24
194.55.156.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:01:5d:63:79:8c:4c:ce:b1:c6:6e:09:dc:7d:5d:fc:e4:38:
41:2d:6e:6d:5d:b6:69:c7:17:14:3f:98:8d:1e:35:3f:bb:93:
fc:07:12:d9:d2:6b:66:1a:04:38:3d:bb:64:d4:61:79:ca:44:
e3:3e:42:03:e7:c9:8c:d3:40:69:48:9d:5f:bf:90:ce:f8:41:
5a:09:30:21:79:a2:70:db:f9:7e:60:54:53:dc:6d:33:95:4a:
cf:e3:fb:8b:df:ef:c0:43:6c:4a:1d:7e:e9:cd:d0:bc:0f:01:
4d:e6:d8:67:d8:a5:25:72:f6:d3:83:ae:9c:58:97:f6:ad:f4:
72:0b:0f:32:60:0a:1d:0b:9f:de:8e:ea:a3:14:b3:5c:dc:7b:
38:08:6c:1d:10:5d:88:8a:6f:9f:98:76:df:3b:da:b7:7d:fd:
d8:58:77:4c:d1:dc:75:bc:b3:0d:21:98:0e:e4:90:b7:e1:a3:
51:5e:29:54:d8:9a:b5:0c:fd:4e:ad:85:9b:f1:31:e4:38:13:
a1:a5:37:39:93:ec:3d:77:45:33:b4:b7:7d:78:66:17:63:a6:
41:8e:cf:75:36:3f:3e:c5:14:f5:d8:ea:da:a0:53:b9:ed:a3:
8a:f3:92:51:9b:b3:aa:02:ac:f3:b8:ac:7e:b5:39:0c:cc:37:
38:fa:1a:0e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAhKRkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OGI4ZGE1Njc0OTJkY2JmNTlmOThhNmJmMWQxOTc0YWI0MmJjN2QwMB4XDTIyMDEw
MTAzNTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFmNTEzZGRhYzdk
NGNlM2Q0NDA5NmRjNTBjZTcxOWE0MWVkNjlhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfO+gRNBEzUR8wXj3oQVE+uktfkDGBqYOcEoylw3NyEApJt
5TwYRwn5VqWjqLVJo0xJOhbedTuVWrYKoVfMWG/iVG7u5NUzPGWzeh0v15LVcGMj
odpQx1TPTfWYHf1WmUcIDtPXIuOocitDiPpQ0gCZzjB1hlox1YoP2CgmQg7hqqPK
X8xxF9OBqRL1E2myBFtR2eX5znftaKf5cgpPKNK0L7WpjK3zp3ykRaSBa4FtF1BI
rdSsS6g2LxUclKWpgAG0cOYV95zlyaXfphXg0XGjPuhkFOYfl7KlwYBmQ2r8R8sH
OppI/Lhct1qspuB3yFvG0ZweAQ+C8rjTGo+exFkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSB9RPdrH1M49RAltxQznGaQe1pqTAfBgNVHSMEGDAWgBS4uNpWdJLcv1n5
imvx0ZdKtCvH0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VMamFWblNTM0w5Wi1ZcHI4ZEdYU3JRcng5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvNTRmYWFhLTM3ZTYtNGFkMC05ZWY1LTY4NzA2ODQ1NjZlMi8x
L2dmVVQzYXg5VE9QVVFKYmNVTTV4bWtIdGFhay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
NTRmYWFhLTM3ZTYtNGFkMC05ZWY1LTY4NzA2ODQ1NjZlMi8xL3VMamFWblNTM0w5
Wi1ZcHI4ZEdYU3JRcng5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMBMfAMEAMI3nDANBgkqhkiG9w0B
AQsFAAOCAQEAPwFdY3mMTM6xxm4J3H1d/OQ4QS1ubV22accXFD+YjR41P7uT/AcS
2dJrZhoEOD27ZNRhecpE4z5CA+fJjNNAaUidX7+QzvhBWgkwIXmicNv5fmBUU9xt
M5VKz+P7i9/vwENsSh1+6c3QvA8BTebYZ9ilJXL204OunFiX9q30cgsPMmAKHQuf
3o7qoxSzXNx7OAhsHRBdiIpvn5h23zvat3392Fh3TNHcdbyzDSGYDuSQt+GjUV4p
VNiatQz9Tq2Fm/Ex5DgToaU3OZPsPXdFM7S3fXhmF2OmQY7PdTY/PsUU9djq2qBT
ue2jivOSUZuzqgKs87isfrU5DMw3OPoaDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:47 2024 by rpki-client on console-fra.rpki-client.org