Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/o6kOD9XBFtCqPZaIcqRt691SI2k.roa
File: o6kOD9XBFtCqPZaIcqRt691SI2k.roa (raw, json)
Hash identifier: K7e9nbk8u6hE4B16cPL31SZtQFLwF9MHzZuFI6SHi3o=
Subject key identifier: A3:A9:0E:0F:D5:C1:16:D0:AA:3D:96:88:72:A4:6D:EB:DD:52:23:69
Certificate issuer: /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial: 0184C4DEBD3B155729B425327C10C52A983C
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/o6kOD9XBFtCqPZaIcqRt691SI2k.roa
Signing time: Tue 29 Nov 2022 19:30:42 +0000
ROA not before: Tue 29 Nov 2022 19:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 195.34.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:de:bd:3b:15:57:29:b4:25:32:7c:10:c5:2a:98:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Validity
Not Before: Nov 29 19:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3a90e0fd5c116d0aa3d968872a46debdd522369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cf:88:fb:96:34:da:34:ad:db:95:94:d5:27:
1b:23:39:2b:3c:5e:c3:a8:5c:e3:0b:9a:03:04:05:
09:d1:05:bf:25:88:4c:b0:67:72:f1:b6:f4:1e:69:
5b:f6:b8:55:a0:5e:6c:7a:9b:1f:ea:7e:13:2a:94:
b1:87:de:93:2c:d4:c3:8c:48:51:56:4d:1e:71:a9:
a4:dc:84:04:9a:68:07:a1:87:2f:d4:71:9a:3f:ca:
ce:15:5e:f3:ae:e3:95:38:13:b6:17:b7:ba:ce:e0:
bb:9d:80:34:1b:c3:a9:b1:e9:32:d3:f9:42:ba:0f:
f1:08:d8:98:af:4a:3a:43:37:c9:04:36:a5:ae:9b:
3b:6d:c3:a8:21:a9:fd:bb:bc:d4:9f:22:32:5f:0a:
39:9a:37:e5:d1:a3:39:28:ae:90:87:2e:e6:65:fe:
ed:12:bb:25:49:fb:66:c0:d7:81:70:cd:bd:bc:61:
70:c2:a1:4a:4d:ed:f3:f0:d9:5c:51:ed:b9:9f:f0:
a5:97:b8:ac:86:5a:5d:3a:6d:50:93:41:50:55:0b:
f3:bc:89:e6:3c:4e:ab:d8:b7:36:42:33:ac:00:56:
44:8e:b1:d8:88:4f:ce:cf:83:d7:52:86:06:cc:51:
5a:82:dd:64:a8:a9:63:98:11:bd:d5:b1:bb:2d:1e:
11:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A9:0E:0F:D5:C1:16:D0:AA:3D:96:88:72:A4:6D:EB:DD:52:23:69
X509v3 Authority Key Identifier:
keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/o6kOD9XBFtCqPZaIcqRt691SI2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.78.0/24
Signature Algorithm: sha256WithRSAEncryption
55:28:6a:e1:e6:4c:e5:58:1e:21:48:7c:e2:f4:41:cd:46:da:
ff:e9:5b:2d:31:d3:68:42:aa:d8:00:87:92:2d:30:ee:54:a2:
3a:20:d5:88:39:b3:cd:3d:c2:68:4f:5a:2e:3a:fd:51:34:03:
f6:7b:4e:5c:72:3d:ba:89:01:74:61:cf:b9:a1:43:0c:c0:11:
7f:a1:08:34:5e:e4:1a:d3:17:5d:17:0c:e0:74:64:0e:39:f7:
42:b0:1e:e3:3e:74:27:9b:86:51:1d:61:e2:01:c4:d9:3a:66:
2c:b5:2f:7c:b9:70:30:f0:99:6e:3d:fa:4b:69:0d:0c:a8:f0:
de:a2:a6:fa:e7:da:88:c4:5d:38:5c:03:8f:4e:b0:94:0d:b9:
fd:b3:1a:6a:96:6e:20:60:75:9c:70:17:f5:a4:78:2c:a1:3b:
2c:29:32:ac:69:bc:2c:2a:3e:42:c1:40:b2:bb:d7:c6:f9:81:
d8:9d:b3:9d:2f:4b:61:7c:cf:7b:72:14:0a:18:94:eb:73:6a:
ab:38:b6:ba:55:5f:26:09:b6:be:ef:46:38:ce:a7:87:4e:92:
99:8f:87:cc:0c:88:2c:a3:bf:fa:e2:94:72:af:8f:71:b0:35:
79:09:46:a0:90:ee:c8:28:8a:bc:15:ed:b2:7f:b0:b2:d1:29:
e5:dc:7a:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTE3r07FVcptCUyfBDFKpg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjIxMTI5MTkzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E5MGUwZmQ1YzExNmQwYWEzZDk2ODg3MmE0NmRlYmRkNTIyMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis+I+5Y02jSt25WU1ScbIzkrPF7D
qFzjC5oDBAUJ0QW/JYhMsGdy8bb0Hmlb9rhVoF5sepsf6n4TKpSxh96TLNTDjEhR
Vk0ecamk3IQEmmgHoYcv1HGaP8rOFV7zruOVOBO2F7e6zuC7nYA0G8Opseky0/lC
ug/xCNiYr0o6QzfJBDalrps7bcOoIan9u7zUnyIyXwo5mjfl0aM5KK6Qhy7mZf7t
ErslSftmwNeBcM29vGFwwqFKTe3z8NlcUe25n/Cll7ishlpdOm1Qk0FQVQvzvInm
PE6r2Lc2QjOsAFZEjrHYiE/Oz4PXUoYGzFFagt1kqKljmBG91bG7LR4R/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOpDg/VwRbQqj2WiHKkbevdUiNpMB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvbzZrT0Q5WEJGdENxUFphSWNxUnQ2OTFTSTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyJOMA0G
CSqGSIb3DQEBCwUAA4IBAQBVKGrh5kzlWB4hSHzi9EHNRtr/6VstMdNoQqrYAIeS
LTDuVKI6INWIObPNPcJoT1ouOv1RNAP2e05ccj26iQF0Yc+5oUMMwBF/oQg0XuQa
0xddFwzgdGQOOfdCsB7jPnQnm4ZRHWHiAcTZOmYstS98uXAw8JluPfpLaQ0MqPDe
oqb659qIxF04XAOPTrCUDbn9sxpqlm4gYHWccBf1pHgsoTssKTKsabwsKj5CwUCy
u9fG+YHYnbOdL0thfM97chQKGJTrc2qrOLa6VV8mCba+70Y4zqeHTpKZj4fMDIgs
o7/64pRyr49xsDV5CUagkO7IKIq8Fe2yf7Cy0Snl3HoB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org