Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/xK4woecXpktFZIO_b5CEQpaO70k.roa
File: xK4woecXpktFZIO_b5CEQpaO70k.roa (raw, json)
Hash identifier: l8n9uuLi/zhJrSXHtINPhFvla75/tjz28KkIfxi80mU=
Subject key identifier: C4:AE:30:A1:E7:17:A6:4B:45:64:83:BF:6F:90:84:42:96:8E:EF:49
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 3940A701
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/xK4woecXpktFZIO_b5CEQpaO70k.roa
Signing time: Sat 01 Jan 2022 03:52:59 +0000
ROA not before: Sat 01 Jan 2022 03:52:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8700
IP address blocks: 195.251.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960538369 (0x3940a701)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 03:52:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4ae30a1e717a64b456483bf6f908442968eef49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:47:53:01:03:de:7b:0f:c0:1c:85:35:6b:
80:58:f8:6f:3d:48:e5:cf:ae:03:7a:b0:c3:35:d1:
b6:4f:df:68:bf:54:7b:0a:42:7a:44:8e:a0:eb:05:
1b:3e:b7:b3:29:de:f9:61:1c:60:be:65:b0:81:94:
1b:ae:c6:44:d7:95:6a:f1:52:0c:09:fb:96:93:7c:
eb:fb:26:43:9b:fd:09:ab:00:27:15:23:c2:66:1f:
70:e9:82:cd:bc:b3:60:35:1f:66:54:69:1d:a1:e3:
2c:92:0b:0b:3b:5c:e4:1a:e9:54:12:3c:d0:36:77:
0b:94:a7:aa:a3:32:c3:67:18:bc:ff:ab:55:42:34:
d3:f7:f1:db:2e:04:7d:4a:20:7d:1e:49:62:6b:9b:
26:86:73:40:1b:36:d9:94:3c:a6:95:12:c2:59:ad:
d7:bc:76:c4:be:55:f8:a9:6e:a6:58:75:9b:9c:60:
00:71:de:e5:7e:8a:47:6f:90:12:6a:39:90:4e:79:
96:54:5a:54:90:a8:69:a5:c2:87:3d:4f:32:4b:85:
34:f8:87:ed:92:08:f0:e6:2e:ad:e5:f3:e5:9d:91:
65:75:54:a4:81:08:71:9d:46:f6:6e:09:21:0e:76:
2d:5e:de:82:3d:56:b7:d6:62:ed:fd:e7:c1:88:48:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AE:30:A1:E7:17:A6:4B:45:64:83:BF:6F:90:84:42:96:8E:EF:49
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/xK4woecXpktFZIO_b5CEQpaO70k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.251.124.0/22
Signature Algorithm: sha256WithRSAEncryption
39:7e:5f:59:97:5a:b6:22:40:db:87:55:68:76:0b:ad:70:8d:
69:1c:0d:23:18:78:b9:a5:7d:f6:ca:df:3f:99:4d:13:7f:ab:
a2:d3:f9:ab:66:03:f8:7c:04:76:1f:f2:ce:50:6b:d2:09:21:
19:23:84:2b:88:bc:9b:ef:f2:63:a0:6d:e7:9e:9f:34:2e:db:
b0:70:00:91:33:de:8f:78:8b:9c:d7:11:53:c5:f5:e4:52:81:
bf:b2:93:dc:be:47:02:f2:9b:99:64:9e:81:31:65:d3:1b:2a:
e6:80:9c:13:0e:93:e7:33:e4:77:d4:40:c3:63:31:09:2c:83:
56:2e:14:a0:ec:8e:da:9b:8d:82:35:34:72:e8:e4:08:05:1b:
98:f7:25:ec:9b:ed:eb:04:e5:da:8a:fc:e3:8a:95:da:39:24:
87:66:c6:84:8a:39:99:8c:d1:17:9a:64:0e:78:f7:9f:f7:60:
26:cf:e0:d5:a3:76:d3:36:71:ed:0f:ab:39:5f:0b:e9:5e:84:
10:a0:21:87:96:47:de:a6:99:e6:2a:9f:64:6a:a0:dc:ff:3b:
f2:fa:40:cb:3d:84:45:99:ce:ec:2b:43:d4:93:76:8d:0c:75:
27:81:9a:68:c0:1b:ed:59:7b:53:84:00:fb:90:e3:1b:c4:f3:
ce:01:df:12
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOUCnATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTZmOTI5NTUyMWRmMzBhMTU4ZjUwNmJhN2NiODczYWI5NTI5ZGMzMB4XDTIyMDEw
MTAzNTI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRhZTMwYTFlNzE3
YTY0YjQ1NjQ4M2JmNmY5MDg0NDI5NjhlZWY0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpRR1MBA957D8AchTVrgFj4bz1I5c+uA3qwwzXRtk/faL9U
ewpCekSOoOsFGz63syne+WEcYL5lsIGUG67GRNeVavFSDAn7lpN86/smQ5v9CasA
JxUjwmYfcOmCzbyzYDUfZlRpHaHjLJILCztc5BrpVBI80DZ3C5SnqqMyw2cYvP+r
VUI00/fx2y4EfUogfR5JYmubJoZzQBs22ZQ8ppUSwlmt17x2xL5V+Kluplh1m5xg
AHHe5X6KR2+QEmo5kE55llRaVJCoaaXChz1PMkuFNPiH7ZII8OYureXz5Z2RZXVU
pIEIcZ1G9m4JIQ52LV7egj1Wt9Zi7f3nwYhIK08CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTErjCh5xemS0Vkg79vkIRClo7vSTAfBgNVHSMEGDAWgBRab5KVUh3zChWP
UGuny4c6uVKdwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtLVNsVklkOHdvVmoxQnJwOHVIT3JsU25jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8x
L3hLNHdvZWNYcGt0RlpJT19iNUNFUXBhTzcway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8xL1dtLVNsVklkOHdv
VmoxQnJwOHVIT3JsU25jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsP7fDANBgkqhkiG9w0BAQsFAAOC
AQEAOX5fWZdatiJA24dVaHYLrXCNaRwNIxh4uaV99srfP5lNE3+rotP5q2YD+HwE
dh/yzlBr0gkhGSOEK4i8m+/yY6Bt556fNC7bsHAAkTPej3iLnNcRU8X15FKBv7KT
3L5HAvKbmWSegTFl0xsq5oCcEw6T5zPkd9RAw2MxCSyDVi4UoOyO2puNgjU0cujk
CAUbmPcl7Jvt6wTl2or844qV2jkkh2bGhIo5mYzRF5pkDnj3n/dgJs/g1aN20zZx
7Q+rOV8L6V6EEKAhh5ZH3qaZ5iqfZGqg3P878vpAyz2ERZnO7CtD1JN2jQx1J4Ga
aMAb7Vl7U4QA+5DjG8TzzgHfEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org