Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/tT9g4pvD4Uzt3_NY-FFT0gNG4lQ.roa
File: tT9g4pvD4Uzt3_NY-FFT0gNG4lQ.roa (raw, json)
Hash identifier: poLcnC3G7TcUf1BRMd4MJfxDdEttzIayMQcIzlYKA50=
Subject key identifier: B5:3F:60:E2:9B:C3:E1:4C:ED:DF:F3:58:F8:51:53:D2:03:46:E2:54
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185061718271B19A9D1E1A885B3C4C13EDE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/tT9g4pvD4Uzt3_NY-FFT0gNG4lQ.roa
Signing time: Mon 12 Dec 2022 11:27:34 +0000
ROA not before: Mon 12 Dec 2022 11:27:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31088
IP address blocks: 195.78.116.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:18:27:1b:19:a9:d1:e1:a8:85:b3:c4:c1:3e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b53f60e29bc3e14ceddff358f85153d20346e254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:7b:28:aa:30:c2:7e:84:a0:97:4c:c9:0f:
f3:a2:31:66:35:a9:4f:66:d8:9a:cc:89:5c:06:cf:
ad:b9:af:e2:c3:de:f1:00:60:d3:6e:d0:54:e9:8b:
3f:df:ba:23:8c:fb:6f:36:08:8c:fd:ce:8f:c4:26:
60:b2:8f:cd:f0:a6:f5:73:4a:1c:c2:8b:ca:a5:20:
e5:16:60:19:9b:85:01:73:93:9c:43:2b:a3:e6:dd:
a7:72:8e:5c:f2:db:90:bc:16:a8:3e:20:62:5b:5a:
da:dd:c2:8e:56:13:99:db:e7:8c:16:f1:f0:70:46:
1c:39:d9:66:0a:d4:dd:45:ce:bc:e5:2a:99:55:c9:
f1:e5:13:e0:1b:0d:68:50:af:4e:45:c3:11:80:9d:
5f:52:65:87:65:db:36:1e:82:b2:a3:9d:83:7f:a8:
20:bf:ec:71:ff:8f:88:3e:a8:78:63:73:54:71:7b:
0b:07:85:1d:76:00:3d:26:92:d3:9c:d9:35:90:0f:
17:68:71:05:e8:e8:7a:c3:2d:61:75:d6:34:b9:7c:
ac:5b:16:3b:29:c3:ba:c6:71:67:56:77:16:c1:de:
ca:ac:b3:49:4e:61:08:8c:06:b0:7e:18:37:d0:61:
a7:31:ba:8d:ae:33:82:10:3e:5e:3b:79:d5:9e:e1:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3F:60:E2:9B:C3:E1:4C:ED:DF:F3:58:F8:51:53:D2:03:46:E2:54
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/tT9g4pvD4Uzt3_NY-FFT0gNG4lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:90:1e:80:bb:20:00:2a:ec:ea:3d:78:03:72:7b:ee:ec:e4:
1b:38:fa:89:9f:84:90:d6:1d:9f:94:e6:d8:ee:96:3e:a2:46:
e8:17:4f:e6:59:fa:e8:31:53:cd:87:b0:e3:16:f3:29:7c:2d:
a7:6e:08:22:47:25:25:bd:c6:e1:62:a6:02:82:47:ed:bd:b5:
17:6f:20:37:3a:e8:e3:c8:6b:51:4a:10:5c:37:99:ce:2c:ad:
6c:09:d4:77:34:67:3a:98:37:25:c9:08:c5:56:10:8f:b4:50:
69:d0:9a:8c:aa:d9:18:f5:79:b4:9f:01:d2:9f:3c:64:53:cb:
4a:2a:25:3d:9f:42:7b:41:7e:34:ac:29:f6:f1:c0:1d:0a:1b:
55:1a:fa:72:7c:41:50:f1:35:6d:4b:77:ff:42:b7:26:bf:8a:
c7:f7:41:b8:49:2c:d3:fe:64:85:c1:31:d4:62:0c:15:b4:a9:
90:f2:10:04:bc:c5:ed:c3:24:bd:a8:2d:2c:af:54:7f:3d:bc:
1a:df:7a:a6:04:d8:2e:2d:f2:73:c7:55:dd:60:2a:61:de:b0:
27:13:49:c6:ea:b1:42:be:6b:72:91:fc:fb:72:b4:f9:e3:c3:
f7:60:2c:6f:c1:aa:f5:3a:87:da:f2:b3:fb:be:55:5a:37:d0:
8e:ca:c8:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUGFxgnGxmp0eGohbPEwT7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTNmNjBlMjliYzNlMTRjZWRkZmYzNThmODUxNTNkMjAzNDZlMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r57KKowwn6EoJdMyQ/zojFmNalP
ZtiazIlcBs+tua/iw97xAGDTbtBU6Ys/37ojjPtvNgiM/c6PxCZgso/N8Kb1c0oc
wovKpSDlFmAZm4UBc5OcQyuj5t2nco5c8tuQvBaoPiBiW1ra3cKOVhOZ2+eMFvHw
cEYcOdlmCtTdRc685SqZVcnx5RPgGw1oUK9ORcMRgJ1fUmWHZds2HoKyo52Df6gg
v+xx/4+IPqh4Y3NUcXsLB4UddgA9JpLTnNk1kA8XaHEF6Oh6wy1hddY0uXysWxY7
KcO6xnFnVncWwd7KrLNJTmEIjAawfhg30GGnMbqNrjOCED5eO3nVnuFHvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLU/YOKbw+FM7d/zWPhRU9IDRuJUMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdFQ5ZzRwdkQ0VXp0M19OWS1GRlQwZ05HNGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw050MA0G
CSqGSIb3DQEBCwUAA4IBAQCakB6AuyAAKuzqPXgDcnvu7OQbOPqJn4SQ1h2flObY
7pY+okboF0/mWfroMVPNh7DjFvMpfC2nbggiRyUlvcbhYqYCgkftvbUXbyA3Oujj
yGtRShBcN5nOLK1sCdR3NGc6mDclyQjFVhCPtFBp0JqMqtkY9Xm0nwHSnzxkU8tK
KiU9n0J7QX40rCn28cAdChtVGvpyfEFQ8TVtS3f/Qrcmv4rH90G4SSzT/mSFwTHU
YgwVtKmQ8hAEvMXtwyS9qC0sr1R/Pbwa33qmBNguLfJzx1XdYCph3rAnE0nG6rFC
vmtykfz7crT548P3YCxvwar1Oofa8rP7vlVaN9COysgj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:26 2024 by rpki-client on console-fra.rpki-client.org