Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/IUTtD2BwCxba9vyqgLOE5atsG64.roa
File: IUTtD2BwCxba9vyqgLOE5atsG64.roa (raw, json)
Hash identifier: 9pO0T3aXQyUS530kR/C8RxaRY0AOq9YVVN11kkoMgYU=
Subject key identifier: 21:44:ED:0F:60:70:0B:16:DA:F6:FC:AA:80:B3:84:E5:AB:6C:1B:AE
Certificate issuer: /CN=e23c0c3e0106c965d460cd0c3cbc5e234f82a6b4
Certificate serial: 01A24300
Authority key identifier: E2:3C:0C:3E:01:06:C9:65:D4:60:CD:0C:3C:BC:5E:23:4F:82:A6:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jwMPgEGyWXUYM0MPLxeI0-CprQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/IUTtD2BwCxba9vyqgLOE5atsG64.roa
Signing time: Sat 01 Jan 2022 11:56:23 +0000
ROA not before: Sat 01 Jan 2022 11:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39762
IP address blocks: 195.60.71.0/24 maxlen: 24
195.60.70.0/23 maxlen: 23
195.60.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27411200 (0x1a24300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23c0c3e0106c965d460cd0c3cbc5e234f82a6b4
Validity
Not Before: Jan 1 11:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2144ed0f60700b16daf6fcaa80b384e5ab6c1bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:f0:d3:4f:26:34:cb:43:1b:a0:91:10:51:01:
61:c3:ee:46:a8:fd:f3:d5:89:da:18:f9:e9:c6:03:
1f:95:9f:2a:33:d2:80:a6:29:9d:aa:b3:cd:fc:e4:
84:49:19:89:fb:dd:1b:14:de:30:78:da:d6:31:db:
82:f5:88:d2:89:29:97:b2:8e:84:8e:e0:31:2d:9e:
10:9b:3c:0f:e8:df:f3:cc:ca:35:b5:7a:bc:a9:62:
bb:8d:4c:7e:41:0d:66:9d:da:dc:1b:44:c6:4e:46:
87:4a:09:26:c6:b8:e2:bf:62:70:e6:86:9d:24:f6:
97:20:f9:92:23:56:d3:9b:c7:33:38:32:7c:ba:e9:
f4:3a:a1:e3:a1:5b:89:27:48:ac:b8:9e:2f:06:7b:
b2:a9:1e:e4:81:2b:c1:78:a4:50:4e:d1:aa:5d:98:
0b:7b:b1:4e:2a:9f:50:d7:da:b8:d9:1c:dc:6a:29:
3a:2c:76:8d:fd:b4:29:8d:c2:dd:4b:09:b1:08:c9:
2b:c8:59:79:02:17:ab:07:e8:f4:1d:94:c5:50:ce:
2f:79:40:76:b6:3f:b6:38:15:4e:02:9d:71:0d:6f:
83:a1:4b:94:73:a0:96:d7:9b:68:d3:6d:37:08:55:
32:48:32:5c:7b:b2:a3:ed:e5:80:4c:d8:b0:df:df:
aa:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:44:ED:0F:60:70:0B:16:DA:F6:FC:AA:80:B3:84:E5:AB:6C:1B:AE
X509v3 Authority Key Identifier:
keyid:E2:3C:0C:3E:01:06:C9:65:D4:60:CD:0C:3C:BC:5E:23:4F:82:A6:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jwMPgEGyWXUYM0MPLxeI0-CprQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/IUTtD2BwCxba9vyqgLOE5atsG64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/4jwMPgEGyWXUYM0MPLxeI0-CprQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.70.0/23
Signature Algorithm: sha256WithRSAEncryption
56:c5:f9:1b:71:c0:fb:bd:49:14:5a:be:eb:76:4d:a4:ad:d2:
53:36:1a:67:69:7d:de:40:8c:b8:69:6c:21:c4:71:72:b7:c8:
21:47:40:1e:97:c8:25:03:c0:6b:02:96:6f:0a:59:2a:a5:86:
b1:35:ca:a0:74:85:2d:7d:e3:50:f3:a9:33:3f:39:51:f5:52:
29:57:85:15:d6:ca:91:91:1a:d3:43:a7:1f:a2:05:07:3f:24:
aa:1a:08:1b:c4:cc:cb:6a:3a:e0:39:8a:cd:7b:ac:34:11:be:
43:b8:03:0a:d8:32:aa:f7:37:93:90:cf:e6:95:1a:8d:50:51:
d4:79:60:0b:48:70:47:79:41:bd:87:ac:f3:5f:1f:b8:7e:be:
1f:5e:a9:5f:92:7c:fb:87:e1:0d:4b:d5:6b:e7:d6:e4:b4:e9:
59:c4:23:f4:9e:61:8a:b8:76:2f:21:35:5c:97:a8:e9:32:52:
28:10:09:49:ab:4e:ef:7f:ad:6f:8d:aa:8d:36:e6:fa:11:d7:
62:19:4b:23:08:85:ff:7f:37:8c:7c:6d:ef:6f:6b:98:3d:1b:
7c:f7:64:56:fe:db:37:f3:14:f7:f3:1d:09:c9:99:ac:2f:f9:
3e:6e:57:92:72:0d:c0:14:39:ee:28:58:9d:f6:04:72:2e:4a:
4b:6a:a5:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAaJDADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjNjMGMzZTAxMDZjOTY1ZDQ2MGNkMGMzY2JjNWUyMzRmODJhNmI0MB4XDTIyMDEw
MTExNTYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE0NGVkMGY2MDcw
MGIxNmRhZjZmY2FhODBiMzg0ZTVhYjZjMWJhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPnw008mNMtDG6CREFEBYcPuRqj989WJ2hj56cYDH5WfKjPS
gKYpnaqzzfzkhEkZifvdGxTeMHja1jHbgvWI0okpl7KOhI7gMS2eEJs8D+jf88zK
NbV6vKliu41MfkENZp3a3BtExk5Gh0oJJsa44r9icOaGnST2lyD5kiNW05vHMzgy
fLrp9Dqh46FbiSdIrLieLwZ7sqke5IErwXikUE7Rql2YC3uxTiqfUNfauNkc3Gop
Oix2jf20KY3C3UsJsQjJK8hZeQIXqwfo9B2UxVDOL3lAdrY/tjgVTgKdcQ1vg6FL
lHOgltebaNNtNwhVMkgyXHuyo+3lgEzYsN/fqqECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhRO0PYHALFtr2/KqAs4Tlq2wbrjAfBgNVHSMEGDAWgBTiPAw+AQbJZdRg
zQw8vF4jT4KmtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRqd01QZ0VHeVdYVVlNME1QTHhlSTAtQ3ByUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvNjQ3ZjI4LTU5Y2YtNGQ2OC1hNTBmLTE3NjRiMDM2MThmYy8x
L0lVVHREMkJ3Q3hiYTl2eXFnTE9FNWF0c0c2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
NjQ3ZjI4LTU5Y2YtNGQ2OC1hNTBmLTE3NjRiMDM2MThmYy8xLzRqd01QZ0VHeVdY
VVlNME1QTHhlSTAtQ3ByUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcM8RjANBgkqhkiG9w0BAQsFAAOC
AQEAVsX5G3HA+71JFFq+63ZNpK3SUzYaZ2l93kCMuGlsIcRxcrfIIUdAHpfIJQPA
awKWbwpZKqWGsTXKoHSFLX3jUPOpMz85UfVSKVeFFdbKkZEa00OnH6IFBz8kqhoI
G8TMy2o64DmKzXusNBG+Q7gDCtgyqvc3k5DP5pUajVBR1HlgC0hwR3lBvYes818f
uH6+H16pX5J8+4fhDUvVa+fW5LTpWcQj9J5hirh2LyE1XJeo6TJSKBAJSatO73+t
b42qjTbm+hHXYhlLIwiF/383jHxt729rmD0bfPdkVv7bN/MU9/MdCcmZrC/5Pm5X
knINwBQ57ihYnfYEci5KS2qlWQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:25 2023 by rpki-client on console-ams.rpki-client.org