Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/391092-82f3-48bc-b426-fcc6d27f444f/1/Ic9ker7NClZCEIlYRtsy-iutmtQ.roa
File: Ic9ker7NClZCEIlYRtsy-iutmtQ.roa (raw, json)
Hash identifier: e5AaBPwaK/9TWQ1ogeoW6Ia1jdsBTlPMpI5gWg2klk0=
Subject key identifier: 21:CF:64:7A:BE:CD:0A:56:42:10:89:58:46:DB:32:FA:2B:AD:9A:D4
Certificate issuer: /CN=ce235c504019c504021e0662f70133b7ee733173
Certificate serial: 0382A400
Authority key identifier: CE:23:5C:50:40:19:C5:04:02:1E:06:62:F7:01:33:B7:EE:73:31:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ziNcUEAZxQQCHgZi9wEzt-5zMXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/391092-82f3-48bc-b426-fcc6d27f444f/1/Ic9ker7NClZCEIlYRtsy-iutmtQ.roa
Signing time: Sat 01 Jan 2022 15:06:06 +0000
ROA not before: Sat 01 Jan 2022 15:06:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29561
IP address blocks: 194.146.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58893312 (0x382a400)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce235c504019c504021e0662f70133b7ee733173
Validity
Not Before: Jan 1 15:06:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21cf647abecd0a564210895846db32fa2bad9ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2b:9a:0d:34:51:2c:51:e2:99:b9:cc:b0:7a:
8d:d7:9a:36:e9:94:51:dc:79:34:ba:83:c8:7e:30:
25:28:db:96:bd:44:7f:5f:19:1b:60:78:01:39:d1:
47:1f:4d:ef:7b:86:e9:53:f5:3a:6d:88:9b:ef:1a:
86:f2:6f:49:79:ac:9f:ba:58:cf:52:38:21:e5:51:
6d:bb:bc:20:19:ec:99:30:75:49:44:64:2d:17:3c:
9c:76:ce:f3:ec:27:1c:2e:17:d0:dc:10:b7:d7:c1:
bf:33:07:4c:39:a1:24:a8:45:67:5d:ba:0f:02:25:
39:82:36:f2:75:5e:97:06:10:3d:d9:00:80:b9:f3:
c0:e3:5a:70:e4:1c:2d:17:27:5b:11:bb:3a:95:a9:
fe:d7:07:e7:e0:34:97:ae:37:3d:08:02:a5:52:83:
0b:3a:fc:45:15:49:86:70:17:d4:c8:0b:d8:45:e1:
72:fe:50:99:41:3f:f1:63:ae:65:2c:b7:93:55:00:
f5:5e:91:2d:09:c6:5c:84:e3:a3:9a:f7:06:b7:73:
19:e5:97:0c:3f:99:f8:b7:65:e3:94:d1:81:f8:a4:
21:81:29:1d:67:d0:4e:05:b4:b9:99:66:49:30:d1:
fe:5b:61:61:18:9b:08:c4:40:00:3d:c3:73:dd:bb:
8f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CF:64:7A:BE:CD:0A:56:42:10:89:58:46:DB:32:FA:2B:AD:9A:D4
X509v3 Authority Key Identifier:
keyid:CE:23:5C:50:40:19:C5:04:02:1E:06:62:F7:01:33:B7:EE:73:31:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ziNcUEAZxQQCHgZi9wEzt-5zMXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/391092-82f3-48bc-b426-fcc6d27f444f/1/Ic9ker7NClZCEIlYRtsy-iutmtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/391092-82f3-48bc-b426-fcc6d27f444f/1/ziNcUEAZxQQCHgZi9wEzt-5zMXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.119.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:8a:e1:34:7f:44:d1:78:f3:c5:f6:df:11:c1:19:48:82:d0:
e6:f0:14:d2:cb:91:f8:3b:9f:f4:99:33:53:1e:97:b6:3e:d4:
4a:da:fd:13:71:e3:9a:46:85:af:67:fe:c6:b7:3d:e3:92:c3:
9e:59:f4:61:a4:ba:49:59:79:32:4d:4c:cb:ee:61:0c:a1:74:
d8:a1:9d:39:cd:0e:85:77:28:54:eb:56:98:c2:59:e6:52:76:
17:82:c5:5a:73:03:8a:2a:26:a1:f0:44:b7:a8:c2:62:f4:fd:
3a:5c:ae:71:c7:9f:36:00:e6:69:ea:dd:1d:1a:62:10:e3:49:
f8:2d:9d:64:36:8c:33:0e:78:bf:f6:b4:1a:f5:05:52:10:db:
fa:0a:6b:49:ef:b1:b9:18:bb:49:49:f1:d1:dd:b6:5b:db:ba:
c8:01:27:36:5e:24:d0:6b:cd:0e:d5:23:72:d3:3c:0e:91:cd:
05:16:58:38:da:92:02:ab:63:b2:36:8e:8d:a0:d3:1f:7e:bc:
e7:74:1b:aa:7b:9a:80:b1:02:9b:e4:0e:e4:35:ff:b3:22:79:
9f:c5:f3:83:37:db:87:e5:44:db:e9:e0:ea:09:e1:c9:05:18:
4e:78:21:3f:1e:41:4b:2b:59:5d:76:c5:22:14:aa:fa:6d:5d:
b4:96:62:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4KkADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTIzNWM1MDQwMTljNTA0MDIxZTA2NjJmNzAxMzNiN2VlNzMzMTczMB4XDTIyMDEw
MTE1MDYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFjZjY0N2FiZWNk
MGE1NjQyMTA4OTU4NDZkYjMyZmEyYmFkOWFkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUrmg00USxR4pm5zLB6jdeaNumUUdx5NLqDyH4wJSjblr1E
f18ZG2B4ATnRRx9N73uG6VP1Om2Im+8ahvJvSXmsn7pYz1I4IeVRbbu8IBnsmTB1
SURkLRc8nHbO8+wnHC4X0NwQt9fBvzMHTDmhJKhFZ126DwIlOYI28nVelwYQPdkA
gLnzwONacOQcLRcnWxG7OpWp/tcH5+A0l643PQgCpVKDCzr8RRVJhnAX1MgL2EXh
cv5QmUE/8WOuZSy3k1UA9V6RLQnGXITjo5r3BrdzGeWXDD+Z+Ldl45TRgfikIYEp
HWfQTgW0uZlmSTDR/lthYRibCMRAAD3Dc927j/cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhz2R6vs0KVkIQiVhG2zL6K62a1DAfBgNVHSMEGDAWgBTOI1xQQBnFBAIe
BmL3ATO37nMxczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ppTmNVRUFaeFFRQ0hnWmk5d0V6dC01ek1YTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvMzkxMDkyLTgyZjMtNDhiYy1iNDI2LWZjYzZkMjdmNDQ0Zi8x
L0ljOWtlcjdOQ2xaQ0VJbFlSdHN5LWl1dG10US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
MzkxMDkyLTgyZjMtNDhiYy1iNDI2LWZjYzZkMjdmNDQ0Zi8xL3ppTmNVRUFaeFFR
Q0hnWmk5d0V6dC01ek1YTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKSdzANBgkqhkiG9w0BAQsFAAOC
AQEAs4rhNH9E0XjzxfbfEcEZSILQ5vAU0suR+Duf9JkzUx6Xtj7UStr9E3HjmkaF
r2f+xrc945LDnln0YaS6SVl5Mk1My+5hDKF02KGdOc0OhXcoVOtWmMJZ5lJ2F4LF
WnMDiiomofBEt6jCYvT9OlyuccefNgDmaerdHRpiEONJ+C2dZDaMMw54v/a0GvUF
UhDb+gprSe+xuRi7SUnx0d22W9u6yAEnNl4k0GvNDtUjctM8DpHNBRZYONqSAqtj
sjaOjaDTH36853QbqnuagLECm+QO5DX/syJ5n8Xzgzfbh+VE2+ng6gnhyQUYTngh
Px5BSytZXXbFIhSq+m1dtJZi4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:54 2024 by rpki-client on console-fra.rpki-client.org