Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/CtOICf7_fVYnXD7mzQj_DyCiOg8.roa
File: CtOICf7_fVYnXD7mzQj_DyCiOg8.roa (raw, json)
Hash identifier: mVUsbZ9Ogz9ehKXQKyjgzwi8WduTAXZxm8KNbHGFt7I=
Subject key identifier: 0A:D3:88:09:FE:FF:7D:56:27:5C:3E:E6:CD:08:FF:0F:20:A2:3A:0F
Certificate issuer: /CN=65e0062e54a5fcb6a0c99e598557fed6f37a4629
Certificate serial: 024A42E2
Authority key identifier: 65:E0:06:2E:54:A5:FC:B6:A0:C9:9E:59:85:57:FE:D6:F3:7A:46:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZeAGLlSl_LagyZ5ZhVf-1vN6Rik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/CtOICf7_fVYnXD7mzQj_DyCiOg8.roa
Signing time: Sat 01 Jan 2022 09:56:03 +0000
ROA not before: Sat 01 Jan 2022 09:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211491
IP address blocks: 193.22.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38421218 (0x24a42e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65e0062e54a5fcb6a0c99e598557fed6f37a4629
Validity
Not Before: Jan 1 09:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ad38809feff7d56275c3ee6cd08ff0f20a23a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:30:58:fd:0c:f1:89:96:43:8d:f3:da:6f:db:
fe:6e:1b:5e:23:89:4e:08:5a:a2:e9:8f:c2:ed:29:
be:e6:08:2c:d6:f4:18:dc:fb:9b:75:87:05:0f:25:
68:04:a2:98:e4:11:78:5b:dc:95:d4:3d:6e:2b:39:
e1:91:bb:59:bf:b9:1b:9e:43:6b:15:c7:9f:ef:5d:
df:d2:04:73:a1:86:57:37:8b:8e:df:9a:66:a7:9e:
1b:a3:01:3d:40:84:c8:8c:68:1f:93:4b:97:20:5b:
f2:1b:f0:8a:93:ef:5f:f3:bc:78:2d:a9:cb:f0:13:
2e:38:bc:f1:7e:4f:db:1a:76:1e:f5:27:da:08:d9:
7f:ea:8b:95:66:38:42:44:5d:f4:b7:a1:b8:49:2c:
7c:fb:9b:6e:28:d8:79:29:38:f9:6c:a9:0e:ea:d4:
44:c2:7d:0b:83:25:63:7f:3d:67:89:30:63:a4:ff:
bb:f8:20:1b:ac:6d:3b:5b:5d:7a:02:08:1f:c8:cb:
a2:16:81:6f:c9:29:28:bb:8e:fa:d4:7d:5d:56:a0:
66:66:0e:85:38:d7:5f:03:3c:3d:ed:67:67:ed:2a:
fd:8b:6f:15:db:53:7c:dd:ba:af:91:34:a9:93:2b:
ac:4a:39:0f:6b:4d:01:d9:23:80:d0:c9:fe:b4:95:
09:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D3:88:09:FE:FF:7D:56:27:5C:3E:E6:CD:08:FF:0F:20:A2:3A:0F
X509v3 Authority Key Identifier:
keyid:65:E0:06:2E:54:A5:FC:B6:A0:C9:9E:59:85:57:FE:D6:F3:7A:46:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZeAGLlSl_LagyZ5ZhVf-1vN6Rik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/CtOICf7_fVYnXD7mzQj_DyCiOg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/ZeAGLlSl_LagyZ5ZhVf-1vN6Rik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.20.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:b9:29:62:33:2f:43:b8:9b:6f:d2:da:69:63:62:a4:93:4b:
6c:6f:d0:14:6c:c8:25:67:b1:ae:bb:de:d6:d9:4b:d8:d4:fe:
b4:56:11:ce:d8:6a:2f:41:e4:d5:94:84:73:3b:24:e5:ac:75:
da:1a:74:de:36:68:06:c8:19:bd:61:1c:e7:65:38:bd:f9:ce:
fb:fe:02:54:1d:4f:c8:95:c4:fe:12:e9:03:9e:46:13:c2:4d:
9b:a2:f4:6c:83:1e:78:39:a5:fc:b5:f8:02:5f:5f:f3:ef:59:
5a:d7:0b:fb:d7:03:56:76:16:eb:ba:d9:f4:a1:8a:86:a4:0f:
d1:48:85:5a:60:e8:07:72:b2:17:39:0f:93:13:f2:db:29:9a:
60:7e:37:a9:5b:dd:06:dc:78:57:c5:d7:fb:b8:3d:84:06:4d:
b4:a7:df:78:1b:1a:3c:f6:fe:45:94:f6:58:09:8c:51:86:17:
24:e2:ca:f5:1e:27:de:c4:99:a6:ff:1b:9a:cd:44:9e:48:f4:
b4:b9:4a:43:2b:cc:6f:61:cd:b2:79:da:43:fa:7b:92:85:f7:
c6:e2:b1:c4:8f:72:9c:2a:3f:f9:14:55:e2:e2:f0:e6:58:0b:
fc:95:a0:5e:93:ef:47:3d:d0:20:dd:7c:f9:72:09:f5:33:8f:
69:fc:72:91
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkpC4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWUwMDYyZTU0YTVmY2I2YTBjOTllNTk4NTU3ZmVkNmYzN2E0NjI5MB4XDTIyMDEw
MTA5NTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFkMzg4MDlmZWZm
N2Q1NjI3NWMzZWU2Y2QwOGZmMGYyMGEyM2EwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMswWP0M8YmWQ43z2m/b/m4bXiOJTghaoumPwu0pvuYILNb0
GNz7m3WHBQ8laASimOQReFvcldQ9bis54ZG7Wb+5G55DaxXHn+9d39IEc6GGVzeL
jt+aZqeeG6MBPUCEyIxoH5NLlyBb8hvwipPvX/O8eC2py/ATLji88X5P2xp2HvUn
2gjZf+qLlWY4QkRd9LehuEksfPubbijYeSk4+WypDurURMJ9C4MlY389Z4kwY6T/
u/ggG6xtO1tdegIIH8jLohaBb8kpKLuO+tR9XVagZmYOhTjXXwM8Pe1nZ+0q/Ytv
FdtTfN26r5E0qZMrrEo5D2tNAdkjgNDJ/rSVCWcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQK04gJ/v99VidcPubNCP8PIKI6DzAfBgNVHSMEGDAWgBRl4AYuVKX8tqDJ
nlmFV/7W83pGKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1plQUdMbFNsX0xhZ3laNVpoVmYtMXZONlJpay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOTc1ZTY4LTg2NjItNDNiOS04ZWQyLWFhZTk3ZTY1MDE1Yy8x
L0N0T0lDZjdfZlZZblhEN216UWpfRHlDaU9nOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OTc1ZTY4LTg2NjItNDNiOS04ZWQyLWFhZTk3ZTY1MDE1Yy8xL1plQUdMbFNsX0xh
Z3laNVpoVmYtMXZONlJpay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEWFDANBgkqhkiG9w0BAQsFAAOC
AQEAPLkpYjMvQ7ibb9LaaWNipJNLbG/QFGzIJWexrrve1tlL2NT+tFYRzthqL0Hk
1ZSEczsk5ax12hp03jZoBsgZvWEc52U4vfnO+/4CVB1PyJXE/hLpA55GE8JNm6L0
bIMeeDml/LX4Al9f8+9ZWtcL+9cDVnYW67rZ9KGKhqQP0UiFWmDoB3KyFzkPkxPy
2ymaYH43qVvdBtx4V8XX+7g9hAZNtKffeBsaPPb+RZT2WAmMUYYXJOLK9R4n3sSZ
pv8bms1Enkj0tLlKQyvMb2HNsnnaQ/p7koX3xuKxxI9ynCo/+RRV4uLw5lgL/JWg
XpPvRz3QIN18+XIJ9TOPafxykQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org