Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/2fDVZfFC5bAu2ipwL6MzzAgnG_o.roa
File: 2fDVZfFC5bAu2ipwL6MzzAgnG_o.roa (raw, json)
Hash identifier: M419XftlVm+4JsRZlYN8CLugTf9JBIRwCVR8UB1yREI=
Subject key identifier: D9:F0:D5:65:F1:42:E5:B0:2E:DA:2A:70:2F:A3:33:CC:08:27:1B:FA
Certificate issuer: /CN=f939b03f1294ebd35a3b15d695d7e91f8cb41fa0
Certificate serial: 02FDCEB7
Authority key identifier: F9:39:B0:3F:12:94:EB:D3:5A:3B:15:D6:95:D7:E9:1F:8C:B4:1F:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TmwPxKU69NaOxXWldfpH4y0H6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/2fDVZfFC5bAu2ipwL6MzzAgnG_o.roa
Signing time: Sat 01 Jan 2022 04:02:44 +0000
ROA not before: Sat 01 Jan 2022 04:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200530
IP address blocks: 194.5.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50187959 (0x2fdceb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f939b03f1294ebd35a3b15d695d7e91f8cb41fa0
Validity
Not Before: Jan 1 04:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9f0d565f142e5b02eda2a702fa333cc08271bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3b:17:5e:f1:43:64:c2:d0:3a:92:b0:db:1a:
c9:65:5f:92:dd:61:15:50:74:35:3b:c5:70:9a:58:
ff:cd:86:8f:0d:ae:11:e9:85:f0:d0:db:07:82:8b:
8f:ff:6a:a4:0d:f4:22:5b:0d:38:a9:0f:af:b0:d0:
8b:57:e8:f0:29:3a:8c:e0:49:5e:a0:a5:60:83:5d:
17:59:8c:b1:3f:fd:57:e5:a3:5b:8f:50:4a:7b:85:
f7:82:4d:84:f3:4f:c7:5a:1c:13:01:69:99:3b:3a:
d9:c4:cc:c0:9a:19:e1:5d:62:f5:08:e5:96:04:20:
2a:72:d5:d0:03:1c:28:15:55:6d:04:51:68:03:64:
ee:10:c4:5a:54:d3:75:45:3a:5c:69:5f:17:96:5f:
da:fc:c6:6f:7a:6e:d2:52:b4:6f:61:0d:cf:cc:4f:
c6:31:df:98:ca:ec:1c:60:7e:5c:2a:f9:20:81:6d:
a4:bf:1d:1a:e5:0e:e1:f6:de:43:9b:3a:07:67:c6:
c7:53:21:10:74:b7:84:19:3e:ca:a0:35:11:32:ce:
15:ea:ee:51:fa:51:55:36:68:9a:c8:6b:48:c4:42:
d2:c1:22:cc:2f:85:f6:68:91:25:73:e2:24:65:c2:
51:97:b5:62:1f:61:0f:14:b7:d4:08:a9:a0:79:f0:
20:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F0:D5:65:F1:42:E5:B0:2E:DA:2A:70:2F:A3:33:CC:08:27:1B:FA
X509v3 Authority Key Identifier:
keyid:F9:39:B0:3F:12:94:EB:D3:5A:3B:15:D6:95:D7:E9:1F:8C:B4:1F:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TmwPxKU69NaOxXWldfpH4y0H6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/2fDVZfFC5bAu2ipwL6MzzAgnG_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/0c9de8-cef2-4d8d-a920-76594a19177c/1/1-TmwPxKU69NaOxXWldfpH4y0H6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:7a:93:6f:43:12:07:6d:c1:8c:70:e3:1e:87:26:02:b9:8f:
ba:1e:69:78:ce:99:bb:f5:9b:ed:bb:00:0d:bf:49:8a:ec:97:
9d:99:0e:d5:d2:0e:98:c6:4c:3d:86:ea:60:d2:f8:56:bc:40:
f0:29:09:5f:65:83:cf:08:45:99:9d:ce:b4:3e:cf:cb:e9:cc:
a0:da:6b:76:78:3f:84:0a:b3:f8:a4:a4:51:cb:8c:98:36:8f:
eb:d8:fa:a8:e0:e5:c5:9e:0b:10:3f:53:71:be:0e:43:30:76:
cc:91:96:1e:e3:d0:6a:a8:15:7b:d0:de:11:91:f7:e7:44:fd:
80:60:50:75:5d:87:cd:70:ce:c5:90:02:cf:d9:c6:63:10:0b:
50:87:e8:6e:3a:4f:5f:52:db:4e:a3:7a:81:d9:39:9d:ca:32:
49:57:03:bf:a0:0d:f3:6b:12:c7:9f:ea:6c:d8:da:5e:d2:b7:
ef:6f:69:df:8e:9a:2a:88:fd:a5:96:11:8f:da:d0:06:c9:85:
59:0c:2e:5b:99:5a:a8:86:49:f0:a0:24:e4:bd:51:bf:d4:5f:
7a:e2:3f:15:ef:7a:f9:1e:16:80:6f:17:46:1f:f2:53:1f:ca:
32:fa:a7:64:2a:19:c9:6f:86:f8:aa:15:43:58:2d:c7:0a:97:
d7:95:b1:97
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAv3OtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTM5YjAzZjEyOTRlYmQzNWEzYjE1ZDY5NWQ3ZTkxZjhjYjQxZmEwMB4XDTIyMDEw
MTA0MDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlmMGQ1NjVmMTQy
ZTViMDJlZGEyYTcwMmZhMzMzY2MwODI3MWJmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJo7F17xQ2TC0DqSsNsayWVfkt1hFVB0NTvFcJpY/82Gjw2u
EemF8NDbB4KLj/9qpA30IlsNOKkPr7DQi1fo8Ck6jOBJXqClYINdF1mMsT/9V+Wj
W49QSnuF94JNhPNPx1ocEwFpmTs62cTMwJoZ4V1i9QjllgQgKnLV0AMcKBVVbQRR
aANk7hDEWlTTdUU6XGlfF5Zf2vzGb3pu0lK0b2ENz8xPxjHfmMrsHGB+XCr5IIFt
pL8dGuUO4fbeQ5s6B2fGx1MhEHS3hBk+yqA1ETLOFeruUfpRVTZomshrSMRC0sEi
zC+F9miRJXPiJGXCUZe1Yh9hDxS31AipoHnwIC8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTZ8NVl8ULlsC7aKnAvozPMCCcb+jAfBgNVHSMEGDAWgBT5ObA/EpTr01o7
FdaV1+kfjLQfoDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtVG13UHhLVTY5TmFPeFhXbGRmcEg0eTBINkEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2E3LzBjOWRlOC1jZWYyLTRkOGQtYTkyMC03NjU5NGExOTE3N2Mv
MS8yZkRWWmZGQzViQXUyaXB3TDZNenpBZ25HX28ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3
LzBjOWRlOC1jZWYyLTRkOGQtYTkyMC03NjU5NGExOTE3N2MvMS8xLVRtd1B4S1U2
OU5hT3hYV2xkZnBINHkwSDZBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwgUoMA0GCSqGSIb3DQEBCwUA
A4IBAQCPepNvQxIHbcGMcOMehyYCuY+6Hml4zpm79ZvtuwANv0mK7JedmQ7V0g6Y
xkw9hupg0vhWvEDwKQlfZYPPCEWZnc60Ps/L6cyg2mt2eD+ECrP4pKRRy4yYNo/r
2Pqo4OXFngsQP1Nxvg5DMHbMkZYe49BqqBV70N4RkffnRP2AYFB1XYfNcM7FkALP
2cZjEAtQh+huOk9fUttOo3qB2TmdyjJJVwO/oA3zaxLHn+ps2Npe0rfvb2nfjpoq
iP2llhGP2tAGyYVZDC5bmVqohknwoCTkvVG/1F964j8V73r5HhaAbxdGH/JTH8oy
+qdkKhnJb4b4qhVDWC3HCpfXlbGX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:42 2023 by rpki-client on console-ams.rpki-client.org