Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/op5qzKquou_xye4q67keJMLHFIo.roa
File: op5qzKquou_xye4q67keJMLHFIo.roa (raw, json)
Hash identifier: aFaOKCa8ilW0LFYi4+CPHhT30hj+F4QrxaBXh7A9ag4=
Subject key identifier: A2:9E:6A:CC:AA:AE:A2:EF:F1:C9:EE:2A:EB:B9:1E:24:C2:C7:14:8A
Certificate issuer: /CN=e6502200a6e63f76397adb94dfd834c116809b9f
Certificate serial: 01832288F07C9144933D91584EB5371CCD72
Authority key identifier: E6:50:22:00:A6:E6:3F:76:39:7A:DB:94:DF:D8:34:C1:16:80:9B:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5lAiAKbmP3Y5etuU39g0wRaAm58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/op5qzKquou_xye4q67keJMLHFIo.roa
Signing time: Fri 09 Sep 2022 13:55:42 +0000
ROA not before: Fri 09 Sep 2022 13:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39276
IP address blocks: 195.238.91.0/24 maxlen: 24
195.238.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:88:f0:7c:91:44:93:3d:91:58:4e:b5:37:1c:cd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6502200a6e63f76397adb94dfd834c116809b9f
Validity
Not Before: Sep 9 13:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a29e6accaaaea2eff1c9ee2aebb91e24c2c7148a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:0b:85:2e:fa:2d:37:fe:6e:ce:a6:63:87:
fc:90:cf:6f:88:17:3b:d1:e1:ed:39:c0:74:78:14:
17:6c:2c:f8:8b:47:0d:d0:57:d6:b0:87:c5:7f:0b:
aa:2b:d7:59:2d:06:21:79:5c:2e:7c:28:07:81:8b:
dc:9f:13:7d:69:be:b6:67:fd:49:76:31:8d:9c:62:
fc:14:ae:c4:0b:72:76:e7:21:b8:e2:ca:55:c0:4a:
bd:0b:8d:1b:a6:5d:51:44:1d:e6:9a:6c:69:46:64:
3c:87:50:55:44:e0:8e:a7:7d:60:76:5f:e1:4a:10:
cc:7d:31:dd:dc:d8:00:f4:ac:9c:82:70:82:d0:64:
f5:1a:ef:df:1a:5a:a0:99:1d:6b:35:5e:87:58:ad:
3f:21:ee:96:3d:b1:3e:58:ce:2e:5d:7e:61:aa:7a:
91:e3:9e:3d:a9:6f:01:8d:ca:82:69:5b:f4:b0:ba:
f7:6b:f7:36:11:60:98:f6:7b:f3:4c:62:28:87:90:
c1:09:01:80:77:03:9c:17:91:26:a8:71:60:67:0a:
bf:f0:02:80:7d:88:13:9f:5c:8e:15:f5:e3:ff:64:
96:09:70:cb:88:98:e1:8a:15:35:15:2c:a6:06:0a:
10:6a:24:7f:98:ae:bb:86:48:26:6a:59:f7:76:c1:
b0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9E:6A:CC:AA:AE:A2:EF:F1:C9:EE:2A:EB:B9:1E:24:C2:C7:14:8A
X509v3 Authority Key Identifier:
keyid:E6:50:22:00:A6:E6:3F:76:39:7A:DB:94:DF:D8:34:C1:16:80:9B:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5lAiAKbmP3Y5etuU39g0wRaAm58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/op5qzKquou_xye4q67keJMLHFIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/5lAiAKbmP3Y5etuU39g0wRaAm58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.90.0/23
Signature Algorithm: sha256WithRSAEncryption
15:25:47:f8:c0:73:16:86:d9:6f:b0:2a:bb:7a:31:5f:26:52:
96:b4:0a:2e:f5:64:4e:68:0b:f8:08:93:75:f8:ad:37:6b:3b:
79:5e:ec:06:06:db:fb:53:58:09:d3:92:10:d2:c6:18:1a:61:
88:83:ab:1d:f7:26:53:f6:b0:e7:76:bd:ca:61:d3:40:c8:84:
4e:68:d9:91:10:b1:60:81:15:e1:38:af:27:3d:7c:f6:dc:8a:
da:50:26:87:02:80:8c:b2:50:18:32:a6:98:8e:c5:56:00:bd:
e6:6b:74:e9:6e:53:d3:db:1e:3b:cf:e3:e6:3a:ef:c2:0d:3a:
82:b3:31:bf:39:b8:41:19:fb:f6:52:37:a3:05:b6:fb:7d:3d:
9f:66:c9:f7:54:08:fe:bc:96:50:80:d9:b6:d2:9c:f0:96:a9:
f6:78:51:d4:f7:43:92:2c:10:a0:9e:6b:c5:88:d2:0d:3b:f9:
c6:fc:12:f0:31:f9:ee:28:c8:62:8f:8a:9e:df:9c:b8:6d:5f:
ac:20:1e:0b:95:3b:61:1c:23:45:b2:90:22:4d:18:29:ee:3b:
57:de:9c:6c:ca:06:73:ec:a4:f3:89:3c:e6:3c:f5:42:4d:f3:
75:1e:38:e2:07:e8:7a:27:d9:0d:4d:94:ab:ba:2d:be:f7:54:
df:bd:4e:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMiiPB8kUSTPZFYTrU3HM1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NTAyMjAwYTZlNjNmNzYzOTdhZGI5NGRmZDgzNGMxMTY4
MDliOWYwHhcNMjIwOTA5MTM1NTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjllNmFjY2FhYWVhMmVmZjFjOWVlMmFlYmI5MWUyNGMyYzcxNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ8LhS76LTf+bs6mY4f8kM9viBc7
0eHtOcB0eBQXbCz4i0cN0FfWsIfFfwuqK9dZLQYheVwufCgHgYvcnxN9ab62Z/1J
djGNnGL8FK7EC3J25yG44spVwEq9C40bpl1RRB3mmmxpRmQ8h1BVROCOp31gdl/h
ShDMfTHd3NgA9KycgnCC0GT1Gu/fGlqgmR1rNV6HWK0/Ie6WPbE+WM4uXX5hqnqR
4549qW8BjcqCaVv0sLr3a/c2EWCY9nvzTGIoh5DBCQGAdwOcF5EmqHFgZwq/8AKA
fYgTn1yOFfXj/2SWCXDLiJjhihU1FSymBgoQaiR/mK67hkgmaln3dsGwMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKeasyqrqLv8cnuKuu5HiTCxxSKMB8GA1UdIwQY
MBaAFOZQIgCm5j92OXrblN/YNMEWgJufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWxBaUFLYm1QM1k1ZXR1VTM5ZzB3UmFBbTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy85ZmY2MDItYjBiZC00YzNmLWFmOTQt
MmZjMzRhZDlkZDQ3LzEvb3A1cXpLcXVvdV94eWU0cTY3a2VKTUxIRklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy85ZmY2MDItYjBiZC00YzNmLWFmOTQtMmZjMzRhZDlkZDQ3
LzEvNWxBaUFLYm1QM1k1ZXR1VTM5ZzB3UmFBbTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+5aMA0G
CSqGSIb3DQEBCwUAA4IBAQAVJUf4wHMWhtlvsCq7ejFfJlKWtAou9WROaAv4CJN1
+K03azt5XuwGBtv7U1gJ05IQ0sYYGmGIg6sd9yZT9rDndr3KYdNAyIROaNmRELFg
gRXhOK8nPXz23IraUCaHAoCMslAYMqaYjsVWAL3ma3TpblPT2x47z+PmOu/CDTqC
szG/ObhBGfv2UjejBbb7fT2fZsn3VAj+vJZQgNm20pzwlqn2eFHU90OSLBCgnmvF
iNINO/nG/BLwMfnuKMhij4qe35y4bV+sIB4LlTthHCNFspAiTRgp7jtX3pxsygZz
7KTziTzmPPVCTfN1HjjiB+h6J9kNTZSrui2+91TfvU5k
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:04 2023 by rpki-client on console-fra.rpki-client.org