Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ondX1znz0BSYLLHe4-VsjWKa2kc.roa
File: ondX1znz0BSYLLHe4-VsjWKa2kc.roa (raw, json)
Hash identifier: DUSP5fiQJLW+spqY2t4sbOJAeQMjXFQgg5Iks9MlxsQ=
Subject key identifier: A2:77:57:D7:39:F3:D0:14:98:2C:B1:DE:E3:E5:6C:8D:62:9A:DA:47
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 17DB4BE2
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ondX1znz0BSYLLHe4-VsjWKa2kc.roa
Signing time: Sat 01 Jan 2022 04:54:36 +0000
ROA not before: Sat 01 Jan 2022 04:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202301
IP address blocks: 194.156.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400247778 (0x17db4be2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 04:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a27757d739f3d014982cb1dee3e56c8d629ada47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0b:4a:09:2c:94:5b:d5:f2:31:e9:d9:41:51:
84:50:c5:e9:3e:17:22:25:36:b2:51:47:00:76:8b:
d6:dd:f2:fc:16:ec:ec:5a:6f:e7:b7:b7:9d:44:f4:
cb:59:71:30:76:e8:ad:e4:2c:22:4e:af:9b:42:e0:
0e:37:66:c6:c7:65:0e:98:dc:1d:20:49:1b:6b:c7:
ca:19:ee:e7:1e:dc:0a:c3:58:ed:77:b5:bb:1d:a6:
bb:47:c5:0a:f1:20:d9:f2:e4:17:b1:d3:33:07:0b:
41:1b:6e:0e:bc:a0:40:ed:e3:f2:25:43:9c:cf:3e:
bb:74:c5:5d:e1:e3:8b:ce:43:04:f8:46:b5:87:25:
ce:e2:52:93:ff:c7:d2:e2:39:d4:51:55:93:8c:70:
dc:e0:91:03:95:8b:ac:8c:9b:07:c1:bb:06:29:e5:
ca:9a:5b:f8:8f:2b:55:4c:32:03:f3:40:b7:34:e9:
60:82:dc:7f:78:8e:48:5e:b2:ee:a2:e7:bb:0a:2d:
2b:64:c8:2a:48:22:36:fb:5d:f9:1e:6e:6f:c9:ea:
1f:88:db:96:e8:b4:96:cc:49:f1:d5:58:06:c2:71:
bf:36:f3:71:fe:54:ed:3d:a2:c4:13:4b:7b:6b:f4:
8b:08:21:15:49:20:f6:10:03:4c:d7:7a:2b:ba:9d:
16:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:77:57:D7:39:F3:D0:14:98:2C:B1:DE:E3:E5:6C:8D:62:9A:DA:47
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ondX1znz0BSYLLHe4-VsjWKa2kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.158.0/24
Signature Algorithm: sha256WithRSAEncryption
80:6a:9a:db:30:28:02:8b:fa:54:b1:b7:83:c0:2b:4f:71:c2:
cd:c4:dc:cd:93:a5:e5:59:88:82:e5:64:63:c9:af:06:f8:26:
11:98:d0:20:20:2f:67:13:93:9a:75:a7:6d:40:10:df:54:93:
b4:29:b8:4a:b7:3d:fb:d4:6f:2c:a5:4e:57:d1:8a:6c:02:ab:
e9:c1:29:db:d7:33:e5:29:ad:54:19:db:d4:79:12:b2:4a:c2:
34:8a:40:be:f9:2f:cc:05:d7:41:a8:fc:2a:e7:01:97:09:5d:
51:ca:4b:54:4b:bb:5b:f9:74:f2:b6:3a:be:50:3b:4c:82:47:
8a:49:d7:7c:47:c5:be:a3:2d:9d:87:07:c5:d9:94:12:d6:a7:
2c:f3:7f:8e:ae:73:a5:c4:0c:2d:99:f0:74:dc:f8:5f:b9:9b:
50:b3:99:41:8b:a6:a6:74:41:eb:77:44:96:fa:48:d4:f4:0f:
2a:d8:5d:3a:ea:78:55:3f:73:2f:6c:67:69:ec:35:a8:f3:1d:
17:22:c8:0b:23:61:ab:88:b4:42:e2:0a:74:39:0f:07:84:90:
46:b5:a5:c4:5b:f5:14:2d:2c:e0:26:50:57:e3:e4:b7:09:f6:
64:c3:f6:00:05:ec:30:24:80:dc:a2:fe:6e:74:9f:8c:79:28:
fa:fe:2c:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF9tL4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI3NzU3ZDczOWYz
ZDAxNDk4MmNiMWRlZTNlNTZjOGQ2MjlhZGE0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJALSgkslFvV8jHp2UFRhFDF6T4XIiU2slFHAHaL1t3y/Bbs
7Fpv57e3nUT0y1lxMHboreQsIk6vm0LgDjdmxsdlDpjcHSBJG2vHyhnu5x7cCsNY
7Xe1ux2mu0fFCvEg2fLkF7HTMwcLQRtuDrygQO3j8iVDnM8+u3TFXeHji85DBPhG
tYclzuJSk//H0uI51FFVk4xw3OCRA5WLrIybB8G7Binlyppb+I8rVUwyA/NAtzTp
YILcf3iOSF6y7qLnuwotK2TIKkgiNvtd+R5ub8nqH4jblui0lsxJ8dVYBsJxvzbz
cf5U7T2ixBNLe2v0iwghFUkg9hADTNd6K7qdFsUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSid1fXOfPQFJgssd7j5WyNYpraRzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L29uZFgxem56MEJTWUxMSGU0LVZzaldLYTJrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKcnjANBgkqhkiG9w0BAQsFAAOC
AQEAgGqa2zAoAov6VLG3g8ArT3HCzcTczZOl5VmIguVkY8mvBvgmEZjQICAvZxOT
mnWnbUAQ31STtCm4Src9+9RvLKVOV9GKbAKr6cEp29cz5SmtVBnb1HkSskrCNIpA
vvkvzAXXQaj8KucBlwldUcpLVEu7W/l08rY6vlA7TIJHiknXfEfFvqMtnYcHxdmU
EtanLPN/jq5zpcQMLZnwdNz4X7mbULOZQYumpnRB63dElvpI1PQPKthdOup4VT9z
L2xnaew1qPMdFyLICyNhq4i0QuIKdDkPB4SQRrWlxFv1FC0s4CZQV+Pktwn2ZMP2
AAXsMCSA3KL+bnSfjHko+v4sIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org