Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/M5vA2D8uzYTNHQ06zXhKipRilt8.roa
File: M5vA2D8uzYTNHQ06zXhKipRilt8.roa (raw, json)
Hash identifier: XG/TI5JkfgRNqBwt6tWeG/9aimqmbYa+Q1ZW4D3JpnM=
Subject key identifier: 33:9B:C0:D8:3F:2E:CD:84:CD:1D:0D:3A:CD:78:4A:8A:94:62:96:DF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CCA6D2D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/M5vA2D8uzYTNHQ06zXhKipRilt8.roa
Signing time: Sat 01 Jan 2022 05:05:09 +0000
ROA not before: Sat 01 Jan 2022 05:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211826
IP address blocks: 194.32.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214592813 (0xcca6d2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=339bc0d83f2ecd84cd1d0d3acd784a8a946296df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:77:08:68:92:7a:d7:56:75:47:19:2c:91:0a:
85:a5:c8:30:4d:0a:ba:e5:71:ab:00:31:e0:36:f3:
e0:ad:58:0a:bf:a6:ce:f2:db:53:bf:e6:68:18:c4:
63:6a:30:a5:47:52:2c:c9:d3:e5:02:9f:e2:83:c1:
c8:35:f8:62:62:0d:29:24:32:a0:75:48:ed:d5:0f:
f8:2b:f7:ab:1d:74:bc:b8:fa:0f:fb:f0:19:b2:7a:
5b:9f:04:13:ec:6b:ac:0a:81:98:8a:c8:f4:7d:d4:
8b:13:62:e4:58:69:e2:62:44:f0:6f:be:30:36:07:
bd:e0:36:73:3f:ca:1a:5c:45:ae:27:88:77:d7:a1:
62:f0:f9:43:5a:8c:95:68:58:cd:31:9e:50:fb:d0:
bf:b6:88:69:bf:d8:52:21:32:e7:d1:2e:c4:1d:1e:
4a:cf:38:98:d8:90:1a:05:4e:13:26:87:6b:f9:3c:
2e:d4:c9:fe:5c:16:86:8e:a5:5e:05:28:35:16:3a:
ca:0f:ba:ae:6d:ad:0a:05:99:f0:8d:32:24:19:31:
b3:51:3f:a1:af:68:62:aa:70:f3:5f:c9:63:1c:f5:
95:8f:ab:d8:79:f3:2b:1c:0d:14:95:76:32:f3:44:
f1:04:71:85:0e:50:b9:38:d8:51:88:6a:c3:db:f9:
89:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9B:C0:D8:3F:2E:CD:84:CD:1D:0D:3A:CD:78:4A:8A:94:62:96:DF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/M5vA2D8uzYTNHQ06zXhKipRilt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.123.0/24
Signature Algorithm: sha256WithRSAEncryption
78:56:b9:4f:89:e9:08:7a:d2:bc:84:88:21:99:ab:0b:46:95:
87:f2:e4:39:8d:68:d8:0b:58:d3:87:6a:e5:e8:a6:9a:38:16:
74:bb:4d:b8:ce:eb:44:a2:12:81:35:89:2c:da:ca:bc:90:8c:
e6:16:c0:01:86:db:19:35:7c:35:c6:35:36:d8:4e:f3:40:c9:
e5:01:53:ce:cc:2e:92:04:8c:7b:85:15:d6:70:65:0d:75:31:
20:25:15:d6:6a:02:bb:7a:f2:99:3c:17:29:14:df:dd:8b:87:
a6:7a:37:21:d0:c6:95:b5:0e:0a:45:b9:d1:82:20:8b:78:6f:
26:51:a0:d5:b9:cd:87:8d:dd:ac:f1:34:54:ec:7a:50:c7:2f:
29:07:49:61:b5:e7:05:cf:12:d8:b0:2c:97:55:a9:fd:15:ac:
48:e3:42:83:5a:ca:7b:ac:b7:b2:57:ef:dd:c5:86:89:d5:de:
f8:aa:e6:88:62:45:2b:cb:07:62:f4:86:1c:5a:52:1f:15:ac:
57:22:b7:fd:67:0a:d6:82:b3:7f:89:d0:ef:c9:99:c8:f8:2f:
33:e4:5f:89:52:31:89:48:78:8c:50:20:8e:36:66:f4:bd:4d:
59:ec:36:bd:e6:c3:4c:75:ee:55:45:bc:27:d2:de:47:1e:84:
42:17:df:7a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDMptLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM5YmMwZDgzZjJl
Y2Q4NGNkMWQwZDNhY2Q3ODRhOGE5NDYyOTZkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV3CGiSetdWdUcZLJEKhaXIME0KuuVxqwAx4Dbz4K1YCr+m
zvLbU7/maBjEY2owpUdSLMnT5QKf4oPByDX4YmINKSQyoHVI7dUP+Cv3qx10vLj6
D/vwGbJ6W58EE+xrrAqBmIrI9H3UixNi5Fhp4mJE8G++MDYHveA2cz/KGlxFrieI
d9ehYvD5Q1qMlWhYzTGeUPvQv7aIab/YUiEy59EuxB0eSs84mNiQGgVOEyaHa/k8
LtTJ/lwWho6lXgUoNRY6yg+6rm2tCgWZ8I0yJBkxs1E/oa9oYqpw81/JYxz1lY+r
2HnzKxwNFJV2MvNE8QRxhQ5QuTjYUYhqw9v5iRsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQzm8DYPy7NhM0dDTrNeEqKlGKW3zAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L001dkEyRDh1ellUTkhRMDZ6WGhLaXBSaWx0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIgezANBgkqhkiG9w0BAQsFAAOC
AQEAeFa5T4npCHrSvISIIZmrC0aVh/LkOY1o2AtY04dq5eimmjgWdLtNuM7rRKIS
gTWJLNrKvJCM5hbAAYbbGTV8NcY1NthO80DJ5QFTzswukgSMe4UV1nBlDXUxICUV
1moCu3rymTwXKRTf3YuHpno3IdDGlbUOCkW50YIgi3hvJlGg1bnNh43drPE0VOx6
UMcvKQdJYbXnBc8S2LAsl1Wp/RWsSONCg1rKe6y3slfv3cWGidXe+KrmiGJFK8sH
YvSGHFpSHxWsVyK3/WcK1oKzf4nQ78mZyPgvM+RfiVIxiUh4jFAgjjZm9L1NWew2
vebDTHXuVUW8J9LeRx6EQhffeg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org