Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/CkGRPECtxuvHOhMwkJJkWD76NOA.roa
File: CkGRPECtxuvHOhMwkJJkWD76NOA.roa (raw, json)
Hash identifier: aO//BMHaE/SFbhf5bIfap9EgNaISnb5dITFEWnMjn6o=
Subject key identifier: 0A:41:91:3C:40:AD:C6:EB:C7:3A:13:30:90:92:64:58:3E:FA:34:E0
Certificate issuer: /CN=e6502200a6e63f76397adb94dfd834c116809b9f
Certificate serial: 018322B3F74113F9CD9619F4C64F56F86FA2
Authority key identifier: E6:50:22:00:A6:E6:3F:76:39:7A:DB:94:DF:D8:34:C1:16:80:9B:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5lAiAKbmP3Y5etuU39g0wRaAm58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/CkGRPECtxuvHOhMwkJJkWD76NOA.roa
Signing time: Fri 09 Sep 2022 14:42:43 +0000
ROA not before: Fri 09 Sep 2022 14:42:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39276
IP address blocks: 195.238.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:b3:f7:41:13:f9:cd:96:19:f4:c6:4f:56:f8:6f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6502200a6e63f76397adb94dfd834c116809b9f
Validity
Not Before: Sep 9 14:42:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a41913c40adc6ebc73a1330909264583efa34e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fb:40:ef:b8:27:d3:db:0c:c4:a2:0c:33:2c:
cc:89:35:d9:dd:02:79:53:a3:e2:37:8f:b2:c5:f8:
f8:2f:ed:82:bf:af:00:78:d5:2a:21:bd:67:a6:8f:
07:95:c4:aa:16:31:e4:55:ab:20:61:a3:a9:7d:a8:
d1:98:72:00:2f:43:f2:47:0c:e8:ed:9a:bb:b6:26:
97:57:57:b2:47:d8:58:06:83:38:e2:59:1a:56:7f:
91:ac:fc:01:43:a4:24:03:96:b0:2e:b9:b4:28:24:
7b:cb:d0:54:fb:33:b8:24:f9:a2:4a:2c:b6:22:52:
b9:29:a6:e7:a6:f8:38:af:ac:27:c0:71:b0:11:5b:
1b:d6:b2:dc:45:34:0c:31:8c:f1:ec:a5:c0:60:71:
a0:a3:ab:13:51:49:d9:e6:71:6d:e6:c8:ce:c9:17:
3f:f6:2d:c5:6a:03:f8:b4:19:97:6b:67:4a:0f:00:
01:a2:98:00:38:fa:87:81:69:ca:17:ea:31:c6:16:
bd:4f:cf:84:d5:ee:5a:79:63:c3:f0:dd:70:c8:6c:
11:b3:d4:3f:4f:b9:d3:ea:6a:04:92:69:f5:96:ab:
56:9c:b6:c0:9e:83:22:72:d9:84:04:c3:fb:7d:c8:
dc:e1:b2:f2:12:8f:25:cc:5d:d8:69:f8:1b:3c:04:
41:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:41:91:3C:40:AD:C6:EB:C7:3A:13:30:90:92:64:58:3E:FA:34:E0
X509v3 Authority Key Identifier:
keyid:E6:50:22:00:A6:E6:3F:76:39:7A:DB:94:DF:D8:34:C1:16:80:9B:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5lAiAKbmP3Y5etuU39g0wRaAm58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/CkGRPECtxuvHOhMwkJJkWD76NOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/5lAiAKbmP3Y5etuU39g0wRaAm58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.91.0/24
Signature Algorithm: sha256WithRSAEncryption
28:68:95:d4:7e:5c:00:07:13:11:5f:67:7e:92:3f:26:f7:38:
eb:c2:81:90:15:1f:ad:7e:49:bf:f0:48:9f:d7:27:7b:ea:77:
92:3b:32:72:a8:79:48:92:bf:3d:9c:4a:24:b7:d1:90:11:1d:
81:2d:24:ab:54:0a:39:5f:e1:23:64:4a:71:0a:52:11:7d:ed:
86:4a:7f:2e:8b:e9:85:bc:27:85:df:c1:59:2a:81:21:57:93:
8b:f1:e3:f1:97:73:b8:8b:1f:ea:f6:da:3a:49:91:dc:84:46:
9a:e9:74:01:53:f7:dc:70:11:bd:0a:92:03:e9:21:71:af:22:
5c:b7:1c:7d:3c:71:fc:d8:c2:5e:d6:da:89:18:7b:6b:01:b7:
7f:df:3f:7b:f7:62:09:65:77:bc:7f:0c:88:f3:04:52:09:38:
46:82:c2:f3:72:93:dc:10:fa:c6:0b:44:e4:e6:e1:5d:79:09:
59:39:98:91:e9:0d:b5:ab:a4:8e:08:ab:9f:5f:3f:ec:07:5a:
fc:54:a4:0e:e1:a5:57:28:0e:42:4e:30:06:a8:13:72:cf:87:
ee:0f:5a:9e:fb:13:f5:99:2c:2d:50:fd:b6:b2:7b:ce:cc:ec:
91:0d:6a:50:e1:41:f6:71:d0:b3:1f:87:3c:d4:98:59:2c:61:
f3:cf:b0:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMis/dBE/nNlhn0xk9W+G+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NTAyMjAwYTZlNjNmNzYzOTdhZGI5NGRmZDgzNGMxMTY4
MDliOWYwHhcNMjIwOTA5MTQ0MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQxOTEzYzQwYWRjNmViYzczYTEzMzA5MDkyNjQ1ODNlZmEzNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPtA77gn09sMxKIMMyzMiTXZ3QJ5
U6PiN4+yxfj4L+2Cv68AeNUqIb1npo8HlcSqFjHkVasgYaOpfajRmHIAL0PyRwzo
7Zq7tiaXV1eyR9hYBoM44lkaVn+RrPwBQ6QkA5awLrm0KCR7y9BU+zO4JPmiSiy2
IlK5Kabnpvg4r6wnwHGwEVsb1rLcRTQMMYzx7KXAYHGgo6sTUUnZ5nFt5sjOyRc/
9i3FagP4tBmXa2dKDwABopgAOPqHgWnKF+oxxha9T8+E1e5aeWPD8N1wyGwRs9Q/
T7nT6moEkmn1lqtWnLbAnoMictmEBMP7fcjc4bLyEo8lzF3YafgbPARB0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApBkTxArcbrxzoTMJCSZFg++jTgMB8GA1UdIwQY
MBaAFOZQIgCm5j92OXrblN/YNMEWgJufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWxBaUFLYm1QM1k1ZXR1VTM5ZzB3UmFBbTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy85ZmY2MDItYjBiZC00YzNmLWFmOTQt
MmZjMzRhZDlkZDQ3LzEvQ2tHUlBFQ3R4dXZIT2hNd2tKSmtXRDc2Tk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy85ZmY2MDItYjBiZC00YzNmLWFmOTQtMmZjMzRhZDlkZDQ3
LzEvNWxBaUFLYm1QM1k1ZXR1VTM5ZzB3UmFBbTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+5bMA0G
CSqGSIb3DQEBCwUAA4IBAQAoaJXUflwABxMRX2d+kj8m9zjrwoGQFR+tfkm/8Eif
1yd76neSOzJyqHlIkr89nEokt9GQER2BLSSrVAo5X+EjZEpxClIRfe2GSn8ui+mF
vCeF38FZKoEhV5OL8ePxl3O4ix/q9to6SZHchEaa6XQBU/fccBG9CpID6SFxryJc
txx9PHH82MJe1tqJGHtrAbd/3z9792IJZXe8fwyI8wRSCThGgsLzcpPcEPrGC0Tk
5uFdeQlZOZiR6Q21q6SOCKufXz/sB1r8VKQO4aVXKA5CTjAGqBNyz4fuD1qe+xP1
mSwtUP22snvOzOyRDWpQ4UH2cdCzH4c81JhZLGHzz7Bk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:04 2023 by rpki-client on console-fra.rpki-client.org