Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/GDKFjHwtDH1KJQ0kHOeHYcIMZ4c.roa
File: GDKFjHwtDH1KJQ0kHOeHYcIMZ4c.roa (raw, json)
Hash identifier: LITfk1Weq1Vax6EBt2iik+O0TsQZcmllGgcEtcIxJ3w=
Subject key identifier: 18:32:85:8C:7C:2D:0C:7D:4A:25:0D:24:1C:E7:87:61:C2:0C:67:87
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 17A33457
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/GDKFjHwtDH1KJQ0kHOeHYcIMZ4c.roa
Signing time: Sat 01 Jan 2022 13:03:29 +0000
ROA not before: Sat 01 Jan 2022 13:03:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211281
IP address blocks: 5.1.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396571735 (0x17a33457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1832858c7c2d0c7d4a250d241ce78761c20c6787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fc:56:17:fc:8f:55:e1:19:0b:7c:6e:06:9d:
6f:0f:88:87:18:ed:a4:4c:f6:0d:8e:13:18:b4:f5:
ac:03:aa:bb:6c:70:ca:0a:08:2a:fe:4f:33:0f:91:
93:6a:76:76:2f:da:c4:4e:a3:f0:6f:2c:46:f0:48:
25:1e:ea:78:6b:cc:a3:f4:0c:be:61:1f:a0:3f:8b:
f1:fb:f1:a9:e1:4f:5c:54:6d:c6:6a:51:80:99:3c:
d2:9f:80:6f:95:ff:70:d4:a1:8d:1f:57:6b:da:ef:
03:fd:1c:c3:61:9c:dd:ae:8b:d7:a6:d8:23:a8:86:
c0:9b:75:5b:3a:0e:58:89:f5:7c:a4:13:05:53:21:
b0:11:ef:bc:a9:ac:42:f8:c6:8c:73:95:5e:9b:23:
ed:51:be:f2:68:97:99:e5:25:24:d6:f5:42:d9:59:
db:da:c6:1a:9a:a2:14:4e:60:30:f5:c8:fa:9b:c6:
24:9f:03:b2:21:1a:4d:05:c7:3a:00:14:e7:61:33:
5d:7f:40:5b:57:40:b0:ef:f1:e5:a2:c2:64:fd:51:
f8:dc:17:09:71:07:ed:e1:6e:d2:fd:06:fb:ae:1d:
61:f6:7d:20:bf:0f:a5:35:b8:83:f8:71:6a:85:e1:
a1:5b:bb:6b:b9:d8:fc:5a:d2:bd:95:d0:3a:94:82:
03:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:32:85:8C:7C:2D:0C:7D:4A:25:0D:24:1C:E7:87:61:C2:0C:67:87
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/GDKFjHwtDH1KJQ0kHOeHYcIMZ4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.94.0/24
Signature Algorithm: sha256WithRSAEncryption
77:4f:98:4d:79:af:eb:27:20:68:08:63:d2:05:ce:39:04:ba:
22:bb:7c:87:8c:40:81:ce:df:5c:e6:19:c0:60:8f:dd:ba:c8:
56:20:32:ce:45:42:77:6a:11:2b:84:0d:60:e3:03:0b:82:c5:
24:ea:2d:1e:dc:da:11:e3:5c:63:60:36:20:89:c9:59:06:e2:
6c:b5:42:95:f2:24:fa:0c:81:9d:c1:c1:65:50:7e:22:a1:a5:
ac:61:0b:36:37:2d:81:db:8a:6f:d3:aa:1f:1c:59:b1:fb:47:
29:e2:58:3d:19:9a:cb:a4:38:a5:31:06:0b:7a:41:ec:a9:1a:
7e:15:69:36:84:9b:98:96:ed:57:fd:dc:09:51:5f:33:be:d9:
50:d3:42:f9:0b:ce:89:ba:22:30:d6:11:b2:99:a8:a9:a1:c8:
7a:68:08:3e:61:80:70:8d:77:d8:9b:c6:87:8d:e2:d4:36:49:
a1:27:ff:9b:86:05:84:97:15:39:5a:d6:53:0e:5b:0a:5d:2c:
04:72:bc:e4:94:d4:23:21:ea:94:9f:93:8e:ea:ea:85:a5:8b:
5b:c8:b0:6b:11:ad:35:27:c3:fa:c9:e8:3b:70:5b:32:f7:37:
2d:1c:6e:e5:91:dc:20:88:49:a7:92:3d:8d:18:48:f6:75:00:
84:f5:f5:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF6M0VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTgzMjg1OGM3YzJk
MGM3ZDRhMjUwZDI0MWNlNzg3NjFjMjBjNjc4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJb8Vhf8j1XhGQt8bgadbw+IhxjtpEz2DY4TGLT1rAOqu2xw
ygoIKv5PMw+Rk2p2di/axE6j8G8sRvBIJR7qeGvMo/QMvmEfoD+L8fvxqeFPXFRt
xmpRgJk80p+Ab5X/cNShjR9Xa9rvA/0cw2Gc3a6L16bYI6iGwJt1WzoOWIn1fKQT
BVMhsBHvvKmsQvjGjHOVXpsj7VG+8miXmeUlJNb1QtlZ29rGGpqiFE5gMPXI+pvG
JJ8DsiEaTQXHOgAU52EzXX9AW1dAsO/x5aLCZP1R+NwXCXEH7eFu0v0G+64dYfZ9
IL8PpTW4g/hxaoXhoVu7a7nY/FrSvZXQOpSCA5MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQYMoWMfC0MfUolDSQc54dhwgxnhzAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L0dES0ZqSHd0REgxS0pRMGtIT2VIWWNJTVo0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAUBXjANBgkqhkiG9w0BAQsFAAOC
AQEAd0+YTXmv6ycgaAhj0gXOOQS6Irt8h4xAgc7fXOYZwGCP3brIViAyzkVCd2oR
K4QNYOMDC4LFJOotHtzaEeNcY2A2IInJWQbibLVClfIk+gyBncHBZVB+IqGlrGEL
NjctgduKb9OqHxxZsftHKeJYPRmay6Q4pTEGC3pB7KkafhVpNoSbmJbtV/3cCVFf
M77ZUNNC+QvOiboiMNYRspmoqaHIemgIPmGAcI132JvGh43i1DZJoSf/m4YFhJcV
OVrWUw5bCl0sBHK85JTUIyHqlJ+TjurqhaWLW8iwaxGtNSfD+snoO3BbMvc3LRxu
5ZHcIIhJp5I9jRhI9nUAhPX1XQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org