Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/Q44CENUAf9nfnUbLkmJN4SRScz8.roa
File: Q44CENUAf9nfnUbLkmJN4SRScz8.roa (raw, json)
Hash identifier: 0hHFr9s+vHke2oxETh73eLSjpJhUgaIoc+6fWEmmOqw=
Subject key identifier: 43:8E:02:10:D5:00:7F:D9:DF:9D:46:CB:92:62:4D:E1:24:52:73:3F
Certificate issuer: /CN=76e2ae4fe0c0d6cb0749b877ae155a629fe2afd6
Certificate serial: 0C533EA8
Authority key identifier: 76:E2:AE:4F:E0:C0:D6:CB:07:49:B8:77:AE:15:5A:62:9F:E2:AF:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duKuT-DA1ssHSbh3rhVaYp_ir9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/Q44CENUAf9nfnUbLkmJN4SRScz8.roa
Signing time: Thu 26 May 2022 13:00:13 +0000
ROA not before: Thu 26 May 2022 13:00:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44761
IP address blocks: 195.28.18.0/23 maxlen: 23
195.28.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206782120 (0xc533ea8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e2ae4fe0c0d6cb0749b877ae155a629fe2afd6
Validity
Not Before: May 26 13:00:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=438e0210d5007fd9df9d46cb92624de12452733f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:7e:5d:75:10:cb:4e:eb:26:5e:ce:b1:d9:
6f:77:83:8e:b3:20:e4:dd:12:c9:10:33:17:85:f0:
ab:71:86:63:f0:d1:ba:c0:89:64:4c:72:a6:37:16:
73:fb:41:11:bf:db:18:a4:45:94:dc:49:0d:88:39:
d2:61:11:4d:e6:46:f8:ce:50:89:7d:98:82:23:89:
ae:63:ba:07:56:4e:98:a4:2d:a0:be:02:81:bf:de:
a4:2c:9c:f0:67:a6:d1:16:83:38:72:21:ed:33:7e:
9d:fc:99:63:f8:35:5a:65:ce:69:06:13:f6:0a:e5:
d0:7c:a9:26:ba:61:00:a5:80:68:1c:07:f9:5d:9d:
0e:3c:0f:96:37:0c:93:49:9f:5d:b9:84:6a:37:38:
dc:6d:03:6c:54:c8:61:6c:2c:6b:fb:4b:56:88:09:
fe:af:06:2d:f9:e6:fb:7f:2a:b3:bb:96:8d:f8:a7:
1b:70:a9:aa:25:88:e3:84:ec:ca:59:18:14:61:be:
99:dd:9a:dd:2e:86:21:dd:cd:e1:4d:41:2a:22:c8:
a6:96:2a:e0:4c:1c:0a:95:db:3a:3d:3d:54:cf:2d:
68:80:d1:30:b2:f2:b7:4d:cb:9b:d9:97:e3:82:70:
74:ff:4a:9d:a8:b9:99:58:c5:e8:be:e9:43:88:78:
cc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8E:02:10:D5:00:7F:D9:DF:9D:46:CB:92:62:4D:E1:24:52:73:3F
X509v3 Authority Key Identifier:
keyid:76:E2:AE:4F:E0:C0:D6:CB:07:49:B8:77:AE:15:5A:62:9F:E2:AF:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duKuT-DA1ssHSbh3rhVaYp_ir9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/Q44CENUAf9nfnUbLkmJN4SRScz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.18.0/23
Signature Algorithm: sha256WithRSAEncryption
06:61:1a:dc:f6:2a:1d:6a:bf:ab:f1:9d:36:13:dd:25:46:77:
e6:07:ca:0d:f6:c1:4b:a4:49:97:83:9b:69:c1:b7:bc:24:8a:
af:8a:5f:2d:0a:21:9f:de:8b:56:3e:97:78:de:25:a5:89:93:
b1:a3:c0:ae:cb:ae:a5:b3:d6:36:14:f7:2c:64:7f:fe:a2:4f:
b7:8e:48:03:ba:56:8f:fd:fb:45:f3:7a:86:68:69:69:91:03:
b7:13:8a:d3:5f:68:cf:92:ad:9d:2b:4c:36:71:71:95:23:27:
cd:71:17:73:24:90:0d:68:f3:89:a5:7f:97:72:0e:ad:8e:59:
49:a0:78:32:7c:f6:b4:2a:31:eb:2d:a0:7f:76:4b:3a:73:2f:
6d:16:2e:2e:14:e2:1b:bd:0e:18:ac:dc:e8:4e:89:ad:2f:8f:
8c:fb:ef:ff:4c:c5:c3:33:95:c3:8e:92:f3:a4:72:4b:67:c5:
06:cf:3a:d5:9e:9b:98:36:bf:b6:df:2e:71:21:d4:91:38:ed:
f0:77:83:16:15:e5:eb:5d:bf:ce:c8:f4:48:d2:0b:44:17:c5:
73:37:a6:dc:a6:3e:4e:f1:0e:e7:55:40:2b:1d:23:4f:55:34:
7e:92:28:79:28:7b:85:3b:bb:e8:5a:93:3e:40:14:1e:f0:6b:
e1:9e:78:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDFM+qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmUyYWU0ZmUwYzBkNmNiMDc0OWI4NzdhZTE1NWE2MjlmZTJhZmQ2MB4XDTIyMDUy
NjEzMDAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM4ZTAyMTBkNTAw
N2ZkOWRmOWQ0NmNiOTI2MjRkZTEyNDUyNzMzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVLfl11EMtO6yZezrHZb3eDjrMg5N0SyRAzF4Xwq3GGY/DR
usCJZExypjcWc/tBEb/bGKRFlNxJDYg50mERTeZG+M5QiX2YgiOJrmO6B1ZOmKQt
oL4Cgb/epCyc8Gem0RaDOHIh7TN+nfyZY/g1WmXOaQYT9grl0HypJrphAKWAaBwH
+V2dDjwPljcMk0mfXbmEajc43G0DbFTIYWwsa/tLVogJ/q8GLfnm+38qs7uWjfin
G3CpqiWI44TsylkYFGG+md2a3S6GId3N4U1BKiLIppYq4EwcCpXbOj09VM8taIDR
MLLyt03Lm9mX44JwdP9Knai5mVjF6L7pQ4h4zHsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRDjgIQ1QB/2d+dRsuSYk3hJFJzPzAfBgNVHSMEGDAWgBR24q5P4MDWywdJ
uHeuFVpin+Kv1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2R1S3VULURBMXNzSFNiaDNyaFZhWXBfaXI5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvOWE1MmZkLTAzNjQtNDE1MC1hYWNhLTQxNjAyZmRjOWZkZS8x
L1E0NENFTlVBZjluZm5VYkxrbUpONFNSU2N6OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
OWE1MmZkLTAzNjQtNDE1MC1hYWNhLTQxNjAyZmRjOWZkZS8xL2R1S3VULURBMXNz
SFNiaDNyaFZhWXBfaXI5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcMcEjANBgkqhkiG9w0BAQsFAAOC
AQEABmEa3PYqHWq/q/GdNhPdJUZ35gfKDfbBS6RJl4ObacG3vCSKr4pfLQohn96L
Vj6XeN4lpYmTsaPArsuupbPWNhT3LGR//qJPt45IA7pWj/37RfN6hmhpaZEDtxOK
019oz5KtnStMNnFxlSMnzXEXcySQDWjziaV/l3IOrY5ZSaB4Mnz2tCox6y2gf3ZL
OnMvbRYuLhTiG70OGKzc6E6JrS+PjPvv/0zFwzOVw46S86RyS2fFBs861Z6bmDa/
tt8ucSHUkTjt8HeDFhXl612/zsj0SNILRBfFczem3KY+TvEO51VAKx0jT1U0fpIo
eSh7hTu76FqTPkAUHvBr4Z54EQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:42 2024 by rpki-client on console-fra.rpki-client.org