Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/afU4VNdG_zMyWqdkZORksubgZog.roa
File: afU4VNdG_zMyWqdkZORksubgZog.roa (raw, json)
Hash identifier: 2TTtohYITl6LeojoUn1/Dw6GdZbfhuxSN7eSn4NEKdo=
Subject key identifier: 69:F5:38:54:D7:46:FF:33:32:5A:A7:64:64:E4:64:B2:E6:E0:66:88
Certificate issuer: /CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Certificate serial: 036BDC4A
Authority key identifier: 9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/afU4VNdG_zMyWqdkZORksubgZog.roa
Signing time: Sat 01 Jan 2022 07:58:56 +0000
ROA not before: Sat 01 Jan 2022 07:58:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1759
IP address blocks: 193.143.104.0/21 maxlen: 21
193.143.102.0/23 maxlen: 23
193.143.101.0/24 maxlen: 24
193.143.112.0/22 maxlen: 22
193.143.118.0/24 maxlen: 24
193.143.116.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57400394 (0x36bdc4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Validity
Not Before: Jan 1 07:58:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69f53854d746ff33325aa76464e464b2e6e06688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:11:a0:50:f1:d0:25:a3:9f:d6:9a:2c:fd:de:
31:c2:7d:07:b7:65:b5:ea:d6:f7:ab:8c:e0:b3:4f:
93:53:03:16:ac:49:ad:2d:68:88:44:f1:67:48:cd:
96:58:ba:2c:01:3f:58:55:29:d0:cf:ea:5e:89:63:
34:37:5e:96:5a:db:a3:a8:91:89:d6:69:c4:0d:5f:
13:c2:ef:3d:53:45:2c:d6:00:d1:bc:9d:84:b5:13:
42:94:ea:4c:bd:19:71:f3:ee:79:f2:12:c0:27:4b:
e0:2d:d5:ee:4d:94:16:d0:08:c9:6a:24:91:ba:71:
0a:33:15:a7:b0:82:7a:18:c7:77:3d:1b:e7:44:96:
fe:42:28:0f:d8:52:9c:23:64:91:e8:79:7d:d2:e2:
61:b6:ed:2a:e5:bf:86:8e:5b:70:c1:fa:68:c2:49:
4c:fb:a5:07:ab:6d:50:3d:03:b5:85:16:29:83:0d:
40:8a:13:07:f4:48:41:72:da:f8:35:0e:a9:55:14:
8d:68:05:20:7e:54:72:14:d3:bd:d4:d2:f0:3e:5b:
c8:d7:4f:fc:25:0f:9b:5a:de:3f:a3:60:36:9c:70:
3c:ca:54:b6:97:11:e2:da:4b:83:d6:14:19:a5:f4:
d3:73:07:21:ac:3f:1b:0e:41:21:88:43:1a:72:10:
1e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F5:38:54:D7:46:FF:33:32:5A:A7:64:64:E4:64:B2:E6:E0:66:88
X509v3 Authority Key Identifier:
keyid:9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/afU4VNdG_zMyWqdkZORksubgZog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.101.0-193.143.118.255
Signature Algorithm: sha256WithRSAEncryption
38:67:d5:16:98:03:9f:8b:a3:e1:86:7b:03:ba:19:2c:6d:9e:
9a:68:b9:49:07:68:a0:18:4b:9d:38:23:d2:e0:b6:18:55:f1:
09:1d:a0:be:2a:28:3a:4e:e7:f0:0e:f8:ad:68:de:1a:88:c0:
fd:87:ad:14:6c:80:bd:db:40:27:8c:ea:1d:99:b0:72:b0:e8:
82:92:08:d6:13:30:dd:a0:2e:c0:ee:fc:08:e0:b0:ad:9a:d2:
64:c9:70:b5:5d:b9:13:97:f6:90:88:3f:e1:81:b2:31:f6:82:
61:e6:ce:e6:f0:dd:f7:3c:51:2a:d8:ca:2b:46:d0:44:1d:43:
53:77:5b:d7:f3:da:4e:0a:27:7d:28:71:cd:16:f6:6b:35:15:
39:91:e1:0a:58:a7:82:63:98:72:49:94:03:a8:a1:ec:28:5c:
2b:1b:8f:cc:99:c5:53:51:8c:ef:1e:48:b9:7b:36:18:cd:6f:
f1:72:14:dc:6c:d3:47:6e:ec:cf:3e:71:29:91:1c:f5:66:d9:
e2:53:06:b1:a7:7f:5a:76:bc:37:73:bc:3d:36:20:60:65:d1:
60:3b:a2:4e:df:a1:b0:6e:48:58:5a:06:a0:8d:cf:19:80:f5:
1c:03:e9:5c:85:2b:37:4d:83:94:49:3f:40:7d:5a:df:69:1f:
9e:f9:2f:e0
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA2vcSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTAyZTA2NGM5OGIzMjMxYzNmMjE0OGExYzNkOWMzODdkNDg5ZWU5MB4XDTIyMDEw
MTA3NTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlmNTM4NTRkNzQ2
ZmYzMzMyNWFhNzY0NjRlNDY0YjJlNmUwNjY4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMARoFDx0CWjn9aaLP3eMcJ9B7dlterW96uM4LNPk1MDFqxJ
rS1oiETxZ0jNlli6LAE/WFUp0M/qXoljNDdellrbo6iRidZpxA1fE8LvPVNFLNYA
0bydhLUTQpTqTL0ZcfPuefISwCdL4C3V7k2UFtAIyWokkbpxCjMVp7CCehjHdz0b
50SW/kIoD9hSnCNkkeh5fdLiYbbtKuW/ho5bcMH6aMJJTPulB6ttUD0DtYUWKYMN
QIoTB/RIQXLa+DUOqVUUjWgFIH5UchTTvdTS8D5byNdP/CUPm1reP6NgNpxwPMpU
tpcR4tpLg9YUGaX003MHIaw/Gw5BIYhDGnIQHoECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRp9ThU10b/MzJap2Rk5GSy5uBmiDAfBgNVHSMEGDAWgBSeAuBkyYsyMcPy
FIocPZw4fUie6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25nTGdaTW1MTWpIRDhoU0tIRDJjT0gxSW51ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvNWQ3YmM0LWUwYzUtNGE0OC05MGU2LTc1MjUxNjg5MGQzZC8x
L2FmVTRWTmRHX3pNeVdxZGtaT1Jrc3ViZ1pvZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
NWQ3YmM0LWUwYzUtNGE0OC05MGU2LTc1MjUxNjg5MGQzZC8xL25nTGdaTW1MTWpI
RDhoU0tIRDJjT0gxSW51ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwY9lAwQAwY92MA0GCSqGSIb3
DQEBCwUAA4IBAQA4Z9UWmAOfi6PhhnsDuhksbZ6aaLlJB2igGEudOCPS4LYYVfEJ
HaC+Kig6TufwDvitaN4aiMD9h60UbIC920AnjOodmbBysOiCkgjWEzDdoC7A7vwI
4LCtmtJkyXC1XbkTl/aQiD/hgbIx9oJh5s7m8N33PFEq2MorRtBEHUNTd1vX89pO
Cid9KHHNFvZrNRU5keEKWKeCY5hySZQDqKHsKFwrG4/MmcVTUYzvHki5ezYYzW/x
chTcbNNHbuzPPnEpkRz1ZtniUwaxp39adrw3c7w9NiBgZdFgO6JO36GwbkhYWgag
jc8ZgPUcA+lchSs3TYOUST9AfVrfaR+e+S/g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:01 2024 by rpki-client on console-fra.rpki-client.org