Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/oDQXcRfsptwm3nvnNto6qCXYlnw.roa
File: oDQXcRfsptwm3nvnNto6qCXYlnw.roa (raw, json)
Hash identifier: nr3wUMY8OaH5ORF87znUxlLkjm8zV0E+jAmqqby2eg4=
Subject key identifier: A0:34:17:71:17:EC:A6:DC:26:DE:7B:E7:36:DA:3A:A8:25:D8:96:7C
Certificate issuer: /CN=24350aa8a94af666099fd073ec621cd15d04b316
Certificate serial: 2894021D
Authority key identifier: 24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/oDQXcRfsptwm3nvnNto6qCXYlnw.roa
Signing time: Sat 01 Jan 2022 02:01:35 +0000
ROA not before: Sat 01 Jan 2022 02:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29276
IP address blocks: 213.229.248.0/21 maxlen: 21
95.159.192.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680788509 (0x2894021d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24350aa8a94af666099fd073ec621cd15d04b316
Validity
Not Before: Jan 1 02:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a034177117eca6dc26de7be736da3aa825d8967c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9c:bf:60:08:cc:be:0a:90:90:38:2c:80:19:
9b:3b:01:f9:17:12:51:bc:87:bc:84:48:dc:82:24:
44:56:b0:45:1f:e2:4e:b7:20:c0:d8:27:02:e8:17:
3a:e8:91:b4:86:06:d7:92:da:f6:35:87:08:4f:dc:
c4:9d:d2:bb:95:12:27:71:2a:e3:dd:02:b0:05:89:
d5:ca:9b:89:0c:47:6c:14:c9:7a:70:8a:96:ef:fe:
12:f0:20:3f:ba:85:58:4f:db:f8:8f:8f:50:0a:e5:
b9:6d:d1:10:4c:49:24:41:36:7c:00:00:4f:6a:22:
de:7a:c2:62:ec:87:d7:2b:96:4c:68:1f:0a:01:12:
e8:af:d0:6a:0e:11:f6:9e:f9:14:de:e6:48:eb:b8:
84:e7:b3:7f:22:a3:48:94:12:c9:f7:65:04:80:97:
cd:23:6d:a4:26:18:ed:1d:7e:4c:f8:87:7a:cd:a3:
61:a5:a7:d3:94:c6:fe:b8:16:a0:b9:21:0c:52:ea:
80:04:de:7e:1d:1d:1c:a4:d8:ae:7f:68:ff:9e:46:
b1:a8:3b:c3:12:b0:9e:12:60:51:b5:ad:12:1a:79:
a1:23:6e:65:f1:8a:c8:42:2d:bf:62:1d:20:90:af:
74:72:4e:2b:d5:bd:f4:fa:31:46:cc:92:7f:53:df:
02:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:34:17:71:17:EC:A6:DC:26:DE:7B:E7:36:DA:3A:A8:25:D8:96:7C
X509v3 Authority Key Identifier:
keyid:24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/oDQXcRfsptwm3nvnNto6qCXYlnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.159.192.0/24
213.229.248.0/21
Signature Algorithm: sha256WithRSAEncryption
55:75:0a:5b:16:9d:9e:9c:6b:26:2a:44:ff:ae:72:09:b6:54:
58:b4:ab:95:69:b3:fb:db:5f:ca:81:5b:9c:50:e8:d2:90:58:
9f:1a:a7:82:64:85:f8:ca:a4:8e:a5:32:c8:f5:e2:36:64:e5:
f6:ce:bb:0a:4a:62:ac:38:df:7e:8f:42:52:b5:98:b8:81:a3:
18:49:0d:af:e3:d5:6c:f7:57:c7:79:2c:5b:71:9b:c7:59:c4:
99:ad:f4:76:29:8e:5c:22:6f:8f:bb:69:2d:05:ba:66:b6:64:
99:b8:3e:df:28:d6:83:e1:f8:6e:b4:f3:f8:eb:e3:84:1c:28:
72:a3:e2:1a:34:98:ab:98:aa:92:67:67:24:5f:88:2c:15:44:
a2:36:4e:0e:d2:28:98:e1:f4:4c:b4:b7:15:6d:4d:94:7f:42:
d5:f9:f5:dd:71:52:47:e6:e4:79:f5:17:7f:58:11:db:f8:21:
08:5c:93:25:25:c2:f0:1f:f2:3b:fb:74:2f:32:75:cf:06:47:
9c:61:49:6b:84:e3:f5:1f:dd:e0:4e:ec:ad:a0:20:72:bf:39:
c0:19:bf:83:bc:19:3c:b8:20:57:a4:6c:8e:a9:e5:0c:11:aa:
f0:28:36:b2:11:1a:87:72:3c:83:b1:0a:c5:67:19:f0:25:6d:
d8:45:f3:a3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEKJQCHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDM1MGFhOGE5NGFmNjY2MDk5ZmQwNzNlYzYyMWNkMTVkMDRiMzE2MB4XDTIyMDEw
MTAyMDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAzNDE3NzExN2Vj
YTZkYzI2ZGU3YmU3MzZkYTNhYTgyNWQ4OTY3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKScv2AIzL4KkJA4LIAZmzsB+RcSUbyHvIRI3IIkRFawRR/i
TrcgwNgnAugXOuiRtIYG15La9jWHCE/cxJ3Su5USJ3Eq490CsAWJ1cqbiQxHbBTJ
enCKlu/+EvAgP7qFWE/b+I+PUArluW3REExJJEE2fAAAT2oi3nrCYuyH1yuWTGgf
CgES6K/Qag4R9p75FN7mSOu4hOezfyKjSJQSyfdlBICXzSNtpCYY7R1+TPiHes2j
YaWn05TG/rgWoLkhDFLqgATefh0dHKTYrn9o/55Gsag7wxKwnhJgUbWtEhp5oSNu
ZfGKyEItv2IdIJCvdHJOK9W99PoxRsySf1PfAj8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSgNBdxF+ym3Cbee+c22jqoJdiWfDAfBgNVHSMEGDAWgBQkNQqoqUr2Zgmf
0HPsYhzRXQSzFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pEVUtxS2xLOW1ZSm45Qno3R0ljMFYwRXN4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvYWI2MmU3LTczNjctNGJkZS05MzRhLWI0MjUyMmQwNTg5NS8x
L29EUVhjUmZzcHR3bTNudm5OdG82cUNYWWxudy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
YWI2MmU3LTczNjctNGJkZS05MzRhLWI0MjUyMmQwNTg5NS8xL0pEVUtxS2xLOW1Z
Sm45Qno3R0ljMFYwRXN4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF+fwAMEA9Xl+DANBgkqhkiG9w0B
AQsFAAOCAQEAVXUKWxadnpxrJipE/65yCbZUWLSrlWmz+9tfyoFbnFDo0pBYnxqn
gmSF+MqkjqUyyPXiNmTl9s67CkpirDjffo9CUrWYuIGjGEkNr+PVbPdXx3ksW3Gb
x1nEma30dimOXCJvj7tpLQW6ZrZkmbg+3yjWg+H4brTz+OvjhBwocqPiGjSYq5iq
kmdnJF+ILBVEojZODtIomOH0TLS3FW1NlH9C1fn13XFSR+bkefUXf1gR2/ghCFyT
JSXC8B/yO/t0LzJ1zwZHnGFJa4Tj9R/d4E7sraAgcr85wBm/g7wZPLggV6Rsjqnl
DBGq8Cg2shEah3I8g7EKxWcZ8CVt2EXzow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:13 2024 by rpki-client on console-ams.rpki-client.org