Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/zmbgdgm10Op5m0tPCcvK5zMNd80.roa
File: zmbgdgm10Op5m0tPCcvK5zMNd80.roa (raw, json)
Hash identifier: sFNbAAkMSC0agIH7hpJfuUaqblhuFsjpFvINuZ0eA+g=
Subject key identifier: CE:66:E0:76:09:B5:D0:EA:79:9B:4B:4F:09:CB:CA:E7:33:0D:77:CD
Certificate issuer: /CN=6044f6ea79e4e2a3e02a8b38ed0cd3a4059138ac
Certificate serial: 11D1B1CB
Authority key identifier: 60:44:F6:EA:79:E4:E2:A3:E0:2A:8B:38:ED:0C:D3:A4:05:91:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YET26nnk4qPgKos47QzTpAWROKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/zmbgdgm10Op5m0tPCcvK5zMNd80.roa
Signing time: Sat 01 Jan 2022 09:58:03 +0000
ROA not before: Sat 01 Jan 2022 09:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 194.50.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298955211 (0x11d1b1cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6044f6ea79e4e2a3e02a8b38ed0cd3a4059138ac
Validity
Not Before: Jan 1 09:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce66e07609b5d0ea799b4b4f09cbcae7330d77cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d0:a3:03:cf:cb:b2:e5:f9:2d:15:ee:0f:6b:
47:f0:de:36:08:df:a7:43:cb:f0:c5:e1:2d:3e:1c:
91:95:6c:e8:8b:84:57:97:f8:54:d8:8f:d7:cb:a8:
3b:f3:1a:c0:4c:68:cb:a2:b7:4c:a0:a0:09:cb:04:
bd:34:96:14:74:40:3f:68:5b:1c:dd:b0:86:92:c2:
d8:9f:f9:9d:20:10:52:ba:31:93:18:d4:eb:b4:3c:
8c:ef:e6:7d:9a:68:38:14:e8:ab:73:dc:23:c5:66:
7c:39:81:76:59:5f:6e:94:25:3f:d5:1a:e7:2c:cf:
f4:c9:b7:17:a8:da:b3:b9:5f:dc:b4:ee:93:27:ab:
a9:67:82:e7:66:4f:0f:70:9b:4f:04:02:eb:2b:e2:
a4:ed:2d:ac:b2:bf:26:d6:03:59:3c:e4:55:c8:e8:
8c:4f:fb:e8:7c:fd:c9:ad:df:ca:98:05:da:5c:2e:
55:4b:59:db:1f:1c:44:94:74:a2:22:51:47:03:3d:
85:09:55:ae:79:6b:93:fb:25:05:55:d2:51:de:76:
0c:47:45:45:c6:7d:50:f9:6e:aa:6b:e9:dc:3b:2c:
f0:50:b7:b3:90:9d:a5:83:50:11:a4:b3:68:bd:d2:
19:26:f4:77:91:9a:f2:8f:17:b5:6d:10:f1:58:ee:
79:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:66:E0:76:09:B5:D0:EA:79:9B:4B:4F:09:CB:CA:E7:33:0D:77:CD
X509v3 Authority Key Identifier:
keyid:60:44:F6:EA:79:E4:E2:A3:E0:2A:8B:38:ED:0C:D3:A4:05:91:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YET26nnk4qPgKos47QzTpAWROKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/zmbgdgm10Op5m0tPCcvK5zMNd80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/YET26nnk4qPgKos47QzTpAWROKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.38.0/24
Signature Algorithm: sha256WithRSAEncryption
32:7b:9c:aa:3d:89:44:7f:fc:c7:f2:5d:3c:8d:65:d6:ac:94:
f8:57:c1:4b:cb:f7:d3:c4:47:ff:8d:00:a8:7b:32:81:85:8c:
31:d5:0e:a8:eb:70:f5:fa:81:14:ae:a2:2c:63:5b:26:46:09:
69:c7:f9:f9:b0:67:17:a7:d5:7d:1a:4a:95:0f:7d:eb:d1:b3:
09:c3:f3:14:84:cc:c0:10:74:72:46:3e:1d:94:70:b9:15:c0:
24:c7:b2:3d:9c:60:a3:ae:23:f3:72:b2:f2:71:2a:20:78:9a:
e1:ab:cd:34:d1:bf:b5:c9:29:41:cb:92:25:a8:21:71:98:1a:
c0:28:ae:b6:be:75:d7:84:2e:50:cf:04:fb:53:d8:1d:24:4b:
70:37:ae:ba:68:1f:d7:0c:a9:a0:d8:ad:0c:9f:2c:0f:61:a6:
a6:44:1d:92:eb:1d:d0:db:e9:39:03:04:66:25:38:df:50:15:
90:90:32:c1:e5:22:ce:3e:c7:a6:14:ea:ff:35:88:a8:5c:2e:
13:52:ac:a8:7a:09:33:47:4c:d6:46:6b:1b:5e:ef:60:65:6f:
c0:48:74:6b:7a:23:ad:e3:36:27:3c:fd:08:01:1e:2b:a6:3d:
92:85:7b:86:54:17:07:e3:8e:cf:b4:d4:72:57:75:9e:3d:b3:
5d:4e:ec:3b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEdGxyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDQ0ZjZlYTc5ZTRlMmEzZTAyYThiMzhlZDBjZDNhNDA1OTEzOGFjMB4XDTIyMDEw
MTA5NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U2NmUwNzYwOWI1
ZDBlYTc5OWI0YjRmMDljYmNhZTczMzBkNzdjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjQowPPy7Ll+S0V7g9rR/DeNgjfp0PL8MXhLT4ckZVs6IuE
V5f4VNiP18uoO/MawExoy6K3TKCgCcsEvTSWFHRAP2hbHN2whpLC2J/5nSAQUrox
kxjU67Q8jO/mfZpoOBToq3PcI8VmfDmBdllfbpQlP9Ua5yzP9Mm3F6jas7lf3LTu
kyerqWeC52ZPD3CbTwQC6yvipO0trLK/JtYDWTzkVcjojE/76Hz9ya3fypgF2lwu
VUtZ2x8cRJR0oiJRRwM9hQlVrnlrk/slBVXSUd52DEdFRcZ9UPluqmvp3Dss8FC3
s5CdpYNQEaSzaL3SGSb0d5Ga8o8XtW0Q8VjuebMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTOZuB2CbXQ6nmbS08Jy8rnMw13zTAfBgNVHSMEGDAWgBRgRPbqeeTio+Aq
izjtDNOkBZE4rDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lFVDI2bm5rNHFQZ0tvczQ3UXpUcEFXUk9Ldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvNjExYTQwLWI0NDQtNDkwYy05ZGVlLTI3ZDYwOGQyMDg3My8x
L3ptYmdkZ20xME9wNW0wdFBDY3ZLNXpNTmQ4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
NjExYTQwLWI0NDQtNDkwYy05ZGVlLTI3ZDYwOGQyMDg3My8xL1lFVDI2bm5rNHFQ
Z0tvczQ3UXpUcEFXUk9Ldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIyJjANBgkqhkiG9w0BAQsFAAOC
AQEAMnucqj2JRH/8x/JdPI1l1qyU+FfBS8v308RH/40AqHsygYWMMdUOqOtw9fqB
FK6iLGNbJkYJacf5+bBnF6fVfRpKlQ9969GzCcPzFITMwBB0ckY+HZRwuRXAJMey
PZxgo64j83Ky8nEqIHia4avNNNG/tckpQcuSJaghcZgawCiutr5114QuUM8E+1PY
HSRLcDeuumgf1wypoNitDJ8sD2GmpkQdkusd0NvpOQMEZiU431AVkJAyweUizj7H
phTq/zWIqFwuE1KsqHoJM0dM1kZrG17vYGVvwEh0a3ojreM2Jzz9CAEeK6Y9koV7
hlQXB+OOz7TUcld1nj2zXU7sOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:54 2024 by rpki-client on console-fra.rpki-client.org