Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4bf3cc-023d-4b02-8028-c59efd348158/1/GhkpxesIoUKHwEfnQKheTiryOf0.roa
File: GhkpxesIoUKHwEfnQKheTiryOf0.roa (raw, json)
Hash identifier: i4Bjt5VC1tRazj+OcWkCkjt4aXRGgH39I0fNJ8tykF0=
Subject key identifier: 1A:19:29:C5:EB:08:A1:42:87:C0:47:E7:40:A8:5E:4E:2A:F2:39:FD
Certificate issuer: /CN=156849587a23bfb5d65b2a1404082232b439271b
Certificate serial: 01843C865F470B0235B661D470E40596E7B2
Authority key identifier: 15:68:49:58:7A:23:BF:B5:D6:5B:2A:14:04:08:22:32:B4:39:27:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FWhJWHojv7XWWyoUBAgiMrQ5Jxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4bf3cc-023d-4b02-8028-c59efd348158/1/GhkpxesIoUKHwEfnQKheTiryOf0.roa
Signing time: Thu 03 Nov 2022 08:05:49 +0000
ROA not before: Thu 03 Nov 2022 08:05:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197883
IP address blocks: 195.24.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:86:5f:47:0b:02:35:b6:61:d4:70:e4:05:96:e7:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=156849587a23bfb5d65b2a1404082232b439271b
Validity
Not Before: Nov 3 08:05:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a1929c5eb08a14287c047e740a85e4e2af239fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9f:c4:f8:89:dc:bc:a8:df:2c:1d:e5:1d:26:
3d:b9:3c:5e:6a:dd:74:a3:e9:92:ba:1a:a2:a9:74:
91:41:cf:46:02:08:b6:92:87:a2:2c:17:ee:13:b2:
21:5e:aa:d9:b2:52:4c:b6:00:90:f9:04:07:34:ce:
73:0d:f6:77:d0:d8:5d:1a:a5:85:87:a4:25:6d:ad:
a6:4d:01:c1:cd:a2:db:26:d4:f5:6a:dc:c1:9a:49:
62:e2:b1:ea:0a:81:a4:e9:61:19:dc:65:39:af:25:
1e:ad:d6:7e:15:0d:7a:a4:8e:cb:1b:86:3a:0f:87:
79:9c:bb:a4:64:e2:fa:ff:5b:1d:c5:aa:7a:1f:8d:
c4:87:af:cb:ed:67:ef:69:f3:2c:8b:4d:44:41:59:
57:6c:72:c4:3e:82:48:e6:bd:2d:30:43:65:7a:ec:
c6:0d:eb:bf:09:e2:c8:58:1d:b6:eb:a7:8e:8d:01:
ff:8f:90:a2:84:32:b0:0f:79:08:ab:34:37:cd:0a:
95:45:93:58:bc:7e:c2:8e:6d:b9:27:0e:68:f1:52:
12:63:18:9b:a8:8a:29:1a:57:fd:a5:17:b3:2e:62:
8a:40:01:9a:54:98:7f:75:30:1f:cd:f7:6d:bd:c1:
ea:81:54:fd:83:d0:2c:fa:38:3c:f8:42:c5:1c:b8:
68:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:19:29:C5:EB:08:A1:42:87:C0:47:E7:40:A8:5E:4E:2A:F2:39:FD
X509v3 Authority Key Identifier:
keyid:15:68:49:58:7A:23:BF:B5:D6:5B:2A:14:04:08:22:32:B4:39:27:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FWhJWHojv7XWWyoUBAgiMrQ5Jxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4bf3cc-023d-4b02-8028-c59efd348158/1/GhkpxesIoUKHwEfnQKheTiryOf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4bf3cc-023d-4b02-8028-c59efd348158/1/FWhJWHojv7XWWyoUBAgiMrQ5Jxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.24.244.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a8:da:78:e7:01:fa:ef:c8:07:71:35:a4:b1:0c:24:87:28:
77:a3:59:eb:be:92:5f:61:14:02:db:60:5b:30:fc:39:46:04:
dc:e2:f4:12:cc:46:3a:4e:ff:a5:ea:d8:29:50:3f:0c:aa:0d:
78:a4:6f:0a:b8:51:71:24:67:9a:4b:69:a3:d0:92:6f:0f:be:
a2:ed:1d:f6:e5:6d:73:2e:0f:62:fb:81:42:5f:e6:dc:33:ab:
ca:20:0e:ac:2d:73:ca:82:be:06:2d:d7:e0:da:22:58:33:61:
fa:fe:05:72:b4:84:1b:43:8c:8b:01:91:12:73:4e:c9:10:72:
cd:c4:8b:da:53:b4:3d:8a:58:1a:c3:92:f2:bf:45:d5:3f:3f:
a1:4a:7f:92:24:44:1b:8b:ae:0c:29:f0:5c:28:cd:f3:d5:1a:
b5:66:57:b0:27:8f:e1:29:14:b6:b3:04:3f:74:b5:6e:94:d2:
aa:e6:0c:b8:97:8f:d0:ac:a1:7a:02:e2:81:3d:7e:9b:8b:bd:
3a:6c:07:c2:61:b5:8a:53:33:52:5c:64:10:72:b5:8a:e8:86:
22:57:4d:b6:ee:8a:be:04:41:ff:e0:98:52:f4:5e:f6:f2:87:
0c:05:ec:eb:b4:0f:bc:fa:ff:5e:dd:9d:88:f0:ec:76:c4:5c:
5c:1a:29:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8hl9HCwI1tmHUcOQFlueyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Njg0OTU4N2EyM2JmYjVkNjViMmExNDA0MDgyMjMyYjQz
OTI3MWIwHhcNMjIxMTAzMDgwNTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTE5MjljNWViMDhhMTQyODdjMDQ3ZTc0MGE4NWU0ZTJhZjIzOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ/E+IncvKjfLB3lHSY9uTxeat10
o+mSuhqiqXSRQc9GAgi2koeiLBfuE7IhXqrZslJMtgCQ+QQHNM5zDfZ30NhdGqWF
h6Qlba2mTQHBzaLbJtT1atzBmkli4rHqCoGk6WEZ3GU5ryUerdZ+FQ16pI7LG4Y6
D4d5nLukZOL6/1sdxap6H43Eh6/L7WfvafMsi01EQVlXbHLEPoJI5r0tMENleuzG
Deu/CeLIWB2266eOjQH/j5CihDKwD3kIqzQ3zQqVRZNYvH7Cjm25Jw5o8VISYxib
qIopGlf9pRezLmKKQAGaVJh/dTAfzfdtvcHqgVT9g9As+jg8+ELFHLho8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBoZKcXrCKFCh8BH50CoXk4q8jn9MB8GA1UdIwQY
MBaAFBVoSVh6I7+11lsqFAQIIjK0OScbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRldoSldIb2p2N1hXV3lvVUJBZ2lNclE1SnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80YmYzY2MtMDIzZC00YjAyLTgwMjgt
YzU5ZWZkMzQ4MTU4LzEvR2hrcHhlc0lvVUtId0VmblFLaGVUaXJ5T2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80YmYzY2MtMDIzZC00YjAyLTgwMjgtYzU5ZWZkMzQ4MTU4
LzEvRldoSldIb2p2N1hXV3lvVUJBZ2lNclE1SnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxj0MA0G
CSqGSIb3DQEBCwUAA4IBAQAzqNp45wH678gHcTWksQwkhyh3o1nrvpJfYRQC22Bb
MPw5RgTc4vQSzEY6Tv+l6tgpUD8Mqg14pG8KuFFxJGeaS2mj0JJvD76i7R325W1z
Lg9i+4FCX+bcM6vKIA6sLXPKgr4GLdfg2iJYM2H6/gVytIQbQ4yLAZESc07JEHLN
xIvaU7Q9ilgaw5Lyv0XVPz+hSn+SJEQbi64MKfBcKM3z1Rq1ZlewJ4/hKRS2swQ/
dLVulNKq5gy4l4/QrKF6AuKBPX6bi706bAfCYbWKUzNSXGQQcrWK6IYiV0227oq+
BEH/4JhS9F728ocMBezrtA+8+v9e3Z2I8Ox2xFxcGilw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:00 2023 by rpki-client on console-fra.rpki-client.org