Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/h55apJ9Vq5V6rgzN7YUFKyyXPGw.roa
File: h55apJ9Vq5V6rgzN7YUFKyyXPGw.roa (raw, json)
Hash identifier: J7ovwbfaSPOQdPAKxOHxfl7p5WDcTxRwZ01expBHSt0=
Subject key identifier: 87:9E:5A:A4:9F:55:AB:95:7A:AE:0C:CD:ED:85:05:2B:2C:97:3C:6C
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 018248D6A7F348CEC16911CD0A14846DC89D
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/h55apJ9Vq5V6rgzN7YUFKyyXPGw.roa
Signing time: Fri 29 Jul 2022 07:23:23 +0000
ROA not before: Fri 29 Jul 2022 07:23:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203833
IP address blocks: 159.100.24.0/22 maxlen: 24
79.133.32.0/23 maxlen: 23
79.133.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:48:d6:a7:f3:48:ce:c1:69:11:cd:0a:14:84:6d:c8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jul 29 07:23:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=879e5aa49f55ab957aae0ccded85052b2c973c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:6e:3f:02:48:10:ea:dd:61:db:e2:6b:89:
c4:11:cc:c4:af:02:fd:25:47:45:1b:39:af:6d:9e:
b9:6e:ec:4f:19:97:ee:e6:2a:a8:ae:37:cd:c2:b8:
8a:a1:dd:f1:9b:30:f4:7d:3e:5a:23:91:ff:bb:3d:
a4:34:c4:58:70:ed:db:cb:b7:46:92:d9:b1:70:91:
a7:16:6b:4d:b8:a1:5e:7c:fe:a3:b3:e7:c0:98:98:
e7:fa:e0:7c:e0:f4:52:bf:24:35:1c:62:ba:d0:75:
4a:bf:bd:e2:a0:86:65:51:ba:95:33:98:94:f4:ca:
05:d4:96:55:39:06:11:fd:60:9b:48:84:bf:d8:99:
24:bb:3b:3e:ef:5a:cc:86:1d:63:44:1b:b5:b2:20:
6c:d3:f1:c9:e9:4a:03:32:a8:f8:aa:19:85:72:b5:
19:6d:7a:5a:07:fc:1c:d6:3a:f0:3a:74:f4:f3:2e:
e8:38:78:1c:40:6a:bf:7e:d8:11:89:b4:4d:0e:48:
ea:8e:73:59:57:a2:3c:ae:f5:f6:78:eb:23:a1:61:
cc:e3:09:82:45:c4:a5:a6:d0:12:9e:d5:1f:a3:e4:
f6:fa:a8:0a:08:99:b8:96:04:55:20:33:3c:0e:ad:
07:aa:ab:08:34:b4:07:59:6d:c1:16:35:b9:27:60:
86:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9E:5A:A4:9F:55:AB:95:7A:AE:0C:CD:ED:85:05:2B:2C:97:3C:6C
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/h55apJ9Vq5V6rgzN7YUFKyyXPGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.32.0/23
79.133.43.0/24
159.100.24.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:69:91:33:34:5b:dc:fe:67:6f:11:ca:72:98:82:2e:25:0f:
17:6f:2a:46:fb:8a:25:02:d9:25:9e:c6:8d:70:75:e6:ef:a1:
5d:43:18:99:64:57:96:45:b0:6f:f0:c2:f0:c3:fb:24:a6:92:
62:12:62:18:d6:2f:22:7c:a6:07:18:62:00:07:b2:d7:06:de:
44:94:d6:ef:f9:60:d6:f7:62:bb:7b:4d:24:30:26:68:4f:ae:
02:92:97:4d:60:60:03:2c:92:b1:7c:b7:b3:7d:c1:8d:92:a7:
cc:b0:bc:2f:f0:15:44:39:39:75:d4:89:6b:aa:a6:3c:70:a0:
be:65:6b:71:9a:e9:d1:56:09:1e:a0:10:31:ff:70:65:8d:15:
22:c7:86:26:6d:2e:5b:c2:ba:92:8d:31:7c:ba:80:45:c4:7a:
a4:7f:bb:89:d1:0b:d9:16:e3:6e:70:f7:db:ee:76:29:ea:d3:
74:56:0d:26:75:ec:8d:08:00:51:a5:92:b0:f9:0e:3f:a2:04:
be:aa:d2:8e:02:c0:64:55:8b:31:d6:d7:8e:56:02:b2:fb:5a:
9b:5d:72:da:4b:f8:f4:f2:84:88:e5:76:9b:c8:3c:27:37:66:
e4:88:70:ac:8c:b7:21:9b:73:5d:aa:49:75:65:e0:5f:75:9c:
90:82:cb:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJI1qfzSM7BaRHNChSEbcidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjIwNzI5MDcyMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzllNWFhNDlmNTVhYjk1N2FhZTBjY2RlZDg1MDUyYjJjOTczYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPFuPwJIEOrdYdvia4nEEczErwL9
JUdFGzmvbZ65buxPGZfu5iqorjfNwriKod3xmzD0fT5aI5H/uz2kNMRYcO3by7dG
ktmxcJGnFmtNuKFefP6js+fAmJjn+uB84PRSvyQ1HGK60HVKv73ioIZlUbqVM5iU
9MoF1JZVOQYR/WCbSIS/2Jkkuzs+71rMhh1jRBu1siBs0/HJ6UoDMqj4qhmFcrUZ
bXpaB/wc1jrwOnT08y7oOHgcQGq/ftgRibRNDkjqjnNZV6I8rvX2eOsjoWHM4wmC
RcSlptASntUfo+T2+qgKCJm4lgRVIDM8Dq0HqqsINLQHWW3BFjW5J2CGPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIeeWqSfVauVeq4Mze2FBSsslzxsMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvaDU1YXBKOVZxNVY2cmd6TjdZVUZLeXlYUEd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBT4UgAwQA
T4UrAwQCn2QYMA0GCSqGSIb3DQEBCwUAA4IBAQB7aZEzNFvc/mdvEcpymIIuJQ8X
bypG+4olAtklnsaNcHXm76FdQxiZZFeWRbBv8MLww/skppJiEmIY1i8ifKYHGGIA
B7LXBt5ElNbv+WDW92K7e00kMCZoT64CkpdNYGADLJKxfLezfcGNkqfMsLwv8BVE
OTl11IlrqqY8cKC+ZWtxmunRVgkeoBAx/3BljRUix4YmbS5bwrqSjTF8uoBFxHqk
f7uJ0QvZFuNucPfb7nYp6tN0Vg0mdeyNCABRpZKw+Q4/ogS+qtKOAsBkVYsx1teO
VgKy+1qbXXLaS/j08oSI5XabyDwnN2bkiHCsjLchm3Ndqkl1ZeBfdZyQgssU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:36 2024 by rpki-client on console-fra.rpki-client.org