Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/4QK9cDt6ctw06t83SNi9pQYDRME.roa
File: 4QK9cDt6ctw06t83SNi9pQYDRME.roa (raw, json)
Hash identifier: TFL2tFJaHJMawxPeiCP9vIjUWkyWCcwNolSof9R70VQ=
Subject key identifier: E1:02:BD:70:3B:7A:72:DC:34:EA:DF:37:48:D8:BD:A5:06:03:44:C1
Certificate issuer: /CN=1d861782973c382cc1ce670f5ad50df8fb53c82e
Certificate serial: 093200
Authority key identifier: 1D:86:17:82:97:3C:38:2C:C1:CE:67:0F:5A:D5:0D:F8:FB:53:C8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYXgpc8OCzBzmcPWtUN-PtTyC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/4QK9cDt6ctw06t83SNi9pQYDRME.roa
Signing time: Thu 30 Jun 2022 14:10:02 +0000
ROA not before: Thu 30 Jun 2022 14:10:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44704
IP address blocks: 195.42.96.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 602624 (0x93200)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d861782973c382cc1ce670f5ad50df8fb53c82e
Validity
Not Before: Jun 30 14:10:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e102bd703b7a72dc34eadf3748d8bda5060344c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fc:03:24:0f:d9:eb:92:ed:06:b7:02:fc:87:
fe:b1:e1:d7:c6:7d:9e:b1:1c:9c:44:6d:36:a7:0c:
f5:ed:df:77:ae:19:c6:c1:dd:df:ca:74:73:03:c1:
97:10:3c:51:43:fc:6a:03:23:3f:22:74:ea:ab:38:
b4:33:cb:1e:00:0f:b1:cc:f6:29:70:f2:9f:45:51:
e8:60:3f:15:b3:da:74:6c:1a:7b:4d:f2:f3:d5:f9:
d2:af:cb:36:eb:0f:0f:1b:82:89:ff:fa:dd:11:15:
e1:56:2c:19:d9:f1:16:ce:00:3f:61:b3:fc:76:e1:
4d:58:f9:c4:cd:c9:e3:c3:84:13:bf:71:9c:cc:38:
97:4b:03:23:5d:2f:cd:e3:c6:27:43:e3:c2:8b:4a:
39:5c:7d:7a:6a:c2:a3:9e:b8:fd:c5:af:3d:db:8e:
30:ff:c2:57:cb:52:0a:02:a0:1c:28:dc:3c:fc:f3:
4b:10:09:8d:81:af:ef:4b:af:a4:1a:04:25:02:a7:
b2:8b:e8:61:17:40:c1:f6:2b:64:70:4c:a1:f3:6d:
e2:a1:c7:92:5d:27:db:b7:2d:c9:dc:75:1d:bf:06:
48:2a:53:83:55:1d:c7:11:eb:54:ea:eb:a3:1e:a6:
39:03:ad:15:52:93:37:ee:b7:d9:e4:47:89:da:83:
db:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:02:BD:70:3B:7A:72:DC:34:EA:DF:37:48:D8:BD:A5:06:03:44:C1
X509v3 Authority Key Identifier:
keyid:1D:86:17:82:97:3C:38:2C:C1:CE:67:0F:5A:D5:0D:F8:FB:53:C8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYXgpc8OCzBzmcPWtUN-PtTyC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/4QK9cDt6ctw06t83SNi9pQYDRME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cceaf2-7561-42a7-8d12-8e060ca96fac/1/HYYXgpc8OCzBzmcPWtUN-PtTyC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.96.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:16:10:61:eb:c9:30:ca:fa:77:04:59:03:ef:f5:55:60:5c:
3c:d7:46:df:9b:f5:58:a4:f9:5a:89:10:6d:66:ca:63:d8:07:
22:ae:3e:9d:b0:a7:6b:c9:07:68:7d:c4:30:55:79:f7:53:3f:
c0:de:0b:ae:2a:0e:6a:2c:81:15:14:76:c7:ab:76:00:e9:6e:
4d:d8:86:e3:f8:ce:8f:20:a1:cc:9c:78:85:43:f1:d2:43:04:
8e:15:fd:7a:a4:50:e7:c8:ab:3c:ac:02:31:73:8f:6d:7f:fb:
8c:93:10:e3:26:b6:9e:ee:53:5b:bf:d4:16:fe:ce:d4:f9:e1:
cc:bd:6a:25:5b:95:48:45:a8:43:26:c2:8a:c1:e2:14:06:d2:
5f:70:e2:3a:f6:df:80:8c:07:27:59:69:5e:28:1b:16:8f:a1:
49:b4:cb:86:14:84:4b:81:f4:a4:df:4f:e0:eb:e0:5e:da:22:
fc:3b:68:14:14:d1:2c:7d:0c:bf:67:82:bb:c3:f4:62:0d:13:
c9:ed:8c:86:25:25:f6:75:4d:5d:fb:d7:40:51:6f:f1:1e:05:
d2:2e:c1:cb:21:39:6d:c4:3b:a8:2a:58:50:d5:90:a9:ed:c3:
0c:6a:5e:e2:2c:6d:46:d1:80:ba:42:55:91:45:70:2a:7c:c1:
e1:ef:83:15
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDCTIAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFk
ODYxNzgyOTczYzM4MmNjMWNlNjcwZjVhZDUwZGY4ZmI1M2M4MmUwHhcNMjIwNjMw
MTQxMDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMTAyYmQ3MDNiN2E3
MmRjMzRlYWRmMzc0OGQ4YmRhNTA2MDM0NGMxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvfwDJA/Z65LtBrcC/If+seHXxn2esRycRG02pwz17d93rhnG
wd3fynRzA8GXEDxRQ/xqAyM/InTqqzi0M8seAA+xzPYpcPKfRVHoYD8Vs9p0bBp7
TfLz1fnSr8s26w8PG4KJ//rdERXhViwZ2fEWzgA/YbP8duFNWPnEzcnjw4QTv3Gc
zDiXSwMjXS/N48YnQ+PCi0o5XH16asKjnrj9xa89244w/8JXy1IKAqAcKNw8/PNL
EAmNga/vS6+kGgQlAqeyi+hhF0DB9itkcEyh823ioceSXSfbty3J3HUdvwZIKlOD
VR3HEetU6uujHqY5A60VUpM37rfZ5EeJ2oPb3wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFOECvXA7enLcNOrfN0jYvaUGA0TBMB8GA1UdIwQYMBaAFB2GF4KXPDgswc5n
D1rVDfj7U8guMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SFlZWGdwYzhPQ3pCem1jUFd0VU4tUHRUeUM0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZi9jY2VhZjItNzU2MS00MmE3LThkMTItOGUwNjBjYTk2ZmFjLzEv
NFFLOWNEdDZjdHcwNnQ4M1NOaTlwUVlEUk1FLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9j
Y2VhZjItNzU2MS00MmE3LThkMTItOGUwNjBjYTk2ZmFjLzEvSFlZWGdwYzhPQ3pC
em1jUFd0VU4tUHRUeUM0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwypgMA0GCSqGSIb3DQEBCwUAA4IB
AQDGFhBh68kwyvp3BFkD7/VVYFw810bfm/VYpPlaiRBtZspj2Acirj6dsKdryQdo
fcQwVXn3Uz/A3guuKg5qLIEVFHbHq3YA6W5N2Ibj+M6PIKHMnHiFQ/HSQwSOFf16
pFDnyKs8rAIxc49tf/uMkxDjJrae7lNbv9QW/s7U+eHMvWolW5VIRahDJsKKweIU
BtJfcOI69t+AjAcnWWleKBsWj6FJtMuGFIRLgfSk30/g6+Be2iL8O2gUFNEsfQy/
Z4K7w/RiDRPJ7YyGJSX2dU1d+9dAUW/xHgXSLsHLITltxDuoKlhQ1ZCp7cMMal7i
LG1G0YC6QlWRRXAqfMHh74MV
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:08 2023 by rpki-client on console-ams.rpki-client.org