Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/R3vUjjWT_WmmPx24rQ5gIurGtcQ.roa
File: R3vUjjWT_WmmPx24rQ5gIurGtcQ.roa (raw, json)
Hash identifier: 3yQuqBL5q0pvN+zpuXC8TNFQIzfKtm84vxu/LiGi5Eo=
Subject key identifier: 47:7B:D4:8E:35:93:FD:69:A6:3F:1D:B8:AD:0E:60:22:EA:C6:B5:C4
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 10A45F
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/R3vUjjWT_WmmPx24rQ5gIurGtcQ.roa
Signing time: Sat 01 Jan 2022 01:55:30 +0000
ROA not before: Sat 01 Jan 2022 01:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 195.95.200.0/23 maxlen: 24
5.249.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1090655 (0x10a45f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 01:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=477bd48e3593fd69a63f1db8ad0e6022eac6b5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:28:fc:88:94:e8:06:b7:14:a5:50:d6:bf:
62:65:e6:cb:a1:27:8c:64:56:be:18:54:60:e2:18:
1d:dc:11:f7:f5:e2:c8:3b:fe:01:10:3d:56:85:59:
c7:44:c7:9d:21:bd:9c:1e:ca:a2:5d:47:1f:d9:67:
0f:5f:32:2d:99:bf:64:37:a3:39:b0:8f:e4:2f:de:
0e:5a:32:8c:25:62:30:05:35:5b:a1:c2:17:05:12:
b1:07:7d:50:ea:09:b6:2d:b7:14:c0:b8:e7:cb:a3:
6e:27:0e:9a:64:04:6a:44:82:f9:4b:df:9e:96:b0:
0c:96:b7:d5:59:b9:c8:0c:b7:c2:57:1e:ec:75:52:
12:9e:11:02:40:f8:8e:69:69:c8:4a:4a:f0:d2:32:
b0:9a:8b:b6:83:7d:11:eb:79:98:76:33:ba:db:5b:
e7:53:a8:c9:4c:4d:b2:70:67:55:8c:38:68:f4:2c:
aa:63:8a:9f:c9:ae:57:ac:79:dd:f8:69:2e:15:5b:
47:e1:b8:83:a3:94:b3:fd:2d:b7:82:11:49:2b:63:
a6:f2:91:1f:7a:43:47:fb:70:00:32:d2:45:fb:d6:
7a:aa:f6:34:aa:ca:c3:f8:fb:d9:71:48:2d:38:9e:
e8:52:45:3f:b4:2c:17:87:65:03:74:d4:67:3d:1e:
62:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7B:D4:8E:35:93:FD:69:A6:3F:1D:B8:AD:0E:60:22:EA:C6:B5:C4
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/R3vUjjWT_WmmPx24rQ5gIurGtcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/20
195.95.200.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:90:f1:92:03:04:08:c6:98:a2:2b:b3:fe:db:67:67:45:78:
e6:cc:88:25:74:71:51:5d:d5:c1:f6:df:98:27:4e:c0:38:9c:
31:ad:38:64:4b:39:06:7a:12:01:08:40:20:82:10:f3:69:dd:
37:59:23:0d:a7:76:08:e5:65:c6:b6:8d:10:67:09:22:60:4f:
42:44:71:85:25:4f:c0:33:4e:d4:ff:b0:01:5d:c0:12:34:88:
33:5b:e4:e1:2f:10:99:0d:fc:5a:bc:cf:09:e6:91:0c:62:2a:
aa:56:7d:e6:7e:e3:9f:3d:a2:42:12:09:96:f1:41:8c:30:aa:
13:6e:ce:93:9a:e7:7b:19:ed:a8:ab:2a:95:42:57:d7:bd:c7:
ed:92:73:f3:13:07:fe:47:91:b5:de:64:a5:87:b8:7b:8a:8b:
cc:4e:4f:b0:90:bb:11:30:5e:a5:17:67:33:95:e9:71:4e:7a:
d7:0b:9b:d3:2f:0f:47:f8:64:30:01:f1:75:6b:b2:32:1c:43:
ff:35:16:18:5a:98:f6:ff:9a:62:b5:6e:4e:e7:88:1f:e4:7d:
de:ef:71:38:b6:82:71:31:08:5a:aa:d6:04:2f:a5:78:a4:9f:
38:d8:70:b7:e5:78:17:e5:88:d4:f9:5b:23:71:f8:75:80:34:
8d:33:5b:cc
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDEKRfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
ODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRkNmNlNTEwHhcNMjIwMTAx
MDE1NTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NzdiZDQ4ZTM1OTNm
ZDY5YTYzZjFkYjhhZDBlNjAyMmVhYzZiNWM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArzEo/IiU6Aa3FKVQ1r9iZebLoSeMZFa+GFRg4hgd3BH39eLI
O/4BED1WhVnHRMedIb2cHsqiXUcf2WcPXzItmb9kN6M5sI/kL94OWjKMJWIwBTVb
ocIXBRKxB31Q6gm2LbcUwLjny6NuJw6aZARqRIL5S9+elrAMlrfVWbnIDLfCVx7s
dVISnhECQPiOaWnISkrw0jKwmou2g30R63mYdjO621vnU6jJTE2ycGdVjDho9Cyq
Y4qfya5XrHnd+GkuFVtH4biDo5Sz/S23ghFJK2Om8pEfekNH+3AAMtJF+9Z6qvY0
qsrD+PvZcUgtOJ7oUkU/tCwXh2UDdNRnPR5ilwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFEd71I41k/1ppj8duK0OYCLqxrXEMB8GA1UdIwQYMBaAFC6Clj/xqnCrENHT
Poax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYwLzEv
UjN2VWpqV1RfV21tUHgyNHJRNWdJdXJHdGNRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85
NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYwLzEvTG9LV1BfR3FjS3NR
MGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBfmwAwQBw1/IMA0GCSqGSIb3DQEB
CwUAA4IBAQCMkPGSAwQIxpiiK7P+22dnRXjmzIgldHFRXdXB9t+YJ07AOJwxrThk
SzkGehIBCEAgghDzad03WSMNp3YI5WXGto0QZwkiYE9CRHGFJU/AM07U/7ABXcAS
NIgzW+ThLxCZDfxavM8J5pEMYiqqVn3mfuOfPaJCEgmW8UGMMKoTbs6Tmud7Ge2o
qyqVQlfXvcftknPzEwf+R5G13mSlh7h7iovMTk+wkLsRMF6lF2czlelxTnrXC5vT
Lw9H+GQwAfF1a7IyHEP/NRYYWpj2/5pitW5O54gf5H3e73E4toJxMQhaqtYEL6V4
pJ842HC35XgX5YjU+Vsjcfh1gDSNM1vM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:30 2023 by rpki-client on console-ams.rpki-client.org