Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/HFurzeIjdDzeXW0bSR1mXldoSFE.roa
File: HFurzeIjdDzeXW0bSR1mXldoSFE.roa (raw, json)
Hash identifier: OtgC6dPd0l6Y/Y8INz6Z+B+HKYAYodLsqa+hnY7Z1Zg=
Subject key identifier: 1C:5B:AB:CD:E2:23:74:3C:DE:5D:6D:1B:49:1D:66:5E:57:68:48:51
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 1582620D
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/HFurzeIjdDzeXW0bSR1mXldoSFE.roa
Signing time: Sat 01 Jan 2022 14:59:11 +0000
ROA not before: Sat 01 Jan 2022 14:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8881
IP address blocks: 194.6.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 360866317 (0x1582620d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jan 1 14:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c5babcde223743cde5d6d1b491d665e57684851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c4:15:21:9a:7d:3e:48:b6:9a:f9:8a:2c:99:
9e:53:0e:78:f4:9f:2e:1a:95:95:ac:0d:90:3b:6c:
24:69:d7:83:a1:29:66:7a:89:90:e6:d2:20:95:90:
59:3f:44:f8:2d:00:c6:06:93:20:98:0d:63:51:e2:
ee:bb:4e:aa:a4:d8:30:83:fa:8b:b7:54:f2:c5:83:
28:73:80:b5:cb:2f:24:61:e9:43:65:0e:d8:ce:b0:
3a:23:cd:d8:3a:72:0f:cd:9f:7d:60:76:40:6b:84:
f1:56:9f:bc:73:95:ec:6d:d3:59:88:51:25:ab:d0:
ad:7d:cb:56:4a:a5:56:c8:be:04:c3:0a:e4:06:fe:
8c:e9:c0:fb:7b:b9:49:9a:a1:b5:06:45:88:8e:6f:
09:69:c8:e6:8c:ea:ea:21:cd:a5:03:fd:06:ec:99:
74:9c:33:31:60:81:c8:20:ec:df:99:6e:ce:52:f1:
85:25:78:f4:48:1c:01:a4:2f:9e:7d:48:1f:de:c0:
7f:05:30:10:7a:61:ff:95:cc:80:25:81:48:b7:9b:
2d:5e:a6:bf:36:e4:63:62:3f:50:1f:5d:a0:97:c4:
7c:22:31:cb:4c:b0:d4:e0:c5:79:78:f3:19:5c:69:
de:d5:ad:96:4f:15:25:96:11:9f:b8:25:f5:fe:fc:
9b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5B:AB:CD:E2:23:74:3C:DE:5D:6D:1B:49:1D:66:5E:57:68:48:51
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/HFurzeIjdDzeXW0bSR1mXldoSFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.239.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ab:69:14:3a:0f:4e:d3:7b:d4:3e:d9:89:7d:c5:fd:2f:10:
ae:c1:69:93:41:98:cc:90:1e:ea:d6:c1:d5:d7:64:98:ad:44:
b5:58:e1:64:03:3a:0b:49:3a:66:c0:40:fc:e9:05:d2:dc:d2:
a2:30:f5:02:af:9d:43:88:b5:eb:55:c0:93:68:64:08:8b:41:
d9:06:b1:39:00:20:63:7d:e4:8d:4a:5c:7c:c5:e6:5e:a9:dd:
23:24:b0:c1:cf:3d:83:cd:4c:4a:58:4b:b9:75:91:81:67:d1:
30:53:9d:f2:52:1e:f6:d7:73:28:51:8e:0a:7b:12:89:bb:e7:
26:c8:0b:85:d1:ab:19:8e:16:3d:77:2a:71:76:60:25:0c:40:
33:a6:5d:e0:57:89:84:2b:96:ad:be:a7:f7:b0:e1:7f:1d:a4:
da:d9:21:64:87:c5:77:34:1c:37:aa:06:99:49:42:a0:41:fc:
af:3d:66:79:38:53:1e:52:f6:9c:44:7e:af:8b:90:8c:b2:82:
47:5a:8f:08:7c:d6:99:fb:78:a3:06:cc:54:54:d6:d2:84:e2:
69:f8:81:e8:c0:29:42:00:ec:bf:44:77:29:e3:24:6e:37:6d:
a0:18:a9:6f:db:6f:b4:12:bc:64:f3:de:b2:28:28:c0:a1:bc:
9e:fc:82:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFYJiDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGI3NjlhNTNkZDg2MzUyZDM0NDBmMjIyYmRmOTA3Y2YwOWMyZGJhMB4XDTIyMDEw
MTE0NTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM1YmFiY2RlMjIz
NzQzY2RlNWQ2ZDFiNDkxZDY2NWU1NzY4NDg1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLEFSGafT5Itpr5iiyZnlMOePSfLhqVlawNkDtsJGnXg6Ep
ZnqJkObSIJWQWT9E+C0AxgaTIJgNY1Hi7rtOqqTYMIP6i7dU8sWDKHOAtcsvJGHp
Q2UO2M6wOiPN2DpyD82ffWB2QGuE8VafvHOV7G3TWYhRJavQrX3LVkqlVsi+BMMK
5Ab+jOnA+3u5SZqhtQZFiI5vCWnI5ozq6iHNpQP9BuyZdJwzMWCByCDs35luzlLx
hSV49EgcAaQvnn1IH97AfwUwEHph/5XMgCWBSLebLV6mvzbkY2I/UB9doJfEfCIx
y0yw1ODFeXjzGVxp3tWtlk8VJZYRn7gl9f78m5cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQcW6vN4iN0PN5dbRtJHWZeV2hIUTAfBgNVHSMEGDAWgBT0t2mlPdhjUtNE
DyIr35B88JwtujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlMZHBwVDNZWTFMVFJBOGlLOS1RZlBDY0xiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvNzBkNTBmLWZmM2MtNGY2My04ZGVjLWQ3YzM2YzI3YzA4Ny8x
L0hGdXJ6ZUlqZER6ZVhXMGJTUjFtWGxkb1NGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
NzBkNTBmLWZmM2MtNGY2My04ZGVjLWQ3YzM2YzI3YzA4Ny8xLzlMZHBwVDNZWTFM
VFJBOGlLOS1RZlBDY0xiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIG7zANBgkqhkiG9w0BAQsFAAOC
AQEAYatpFDoPTtN71D7ZiX3F/S8QrsFpk0GYzJAe6tbB1ddkmK1EtVjhZAM6C0k6
ZsBA/OkF0tzSojD1Aq+dQ4i161XAk2hkCItB2QaxOQAgY33kjUpcfMXmXqndIySw
wc89g81MSlhLuXWRgWfRMFOd8lIe9tdzKFGOCnsSibvnJsgLhdGrGY4WPXcqcXZg
JQxAM6Zd4FeJhCuWrb6n97Dhfx2k2tkhZIfFdzQcN6oGmUlCoEH8rz1meThTHlL2
nER+r4uQjLKCR1qPCHzWmft4owbMVFTW0oTiafiB6MApQgDsv0R3KeMkbjdtoBip
b9tvtBK8ZPPesigowKG8nvyC5w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:56 2023 by rpki-client on console-fra.rpki-client.org