Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/2lXaHW05tjMHkF_aJA-8cyjakdY.roa
File: 2lXaHW05tjMHkF_aJA-8cyjakdY.roa (raw, json)
Hash identifier: KSGE1V5/i2gyH3l8Kg1KIMnvSzO3b2p3p7lGLZmzkHM=
Subject key identifier: DA:55:DA:1D:6D:39:B6:33:07:90:5F:DA:24:0F:BC:73:28:DA:91:D6
Certificate issuer: /CN=f388d3a747a92fdbfb738e1d25d01a3639c6b1a1
Certificate serial: 011C6A
Authority key identifier: F3:88:D3:A7:47:A9:2F:DB:FB:73:8E:1D:25:D0:1A:36:39:C6:B1:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84jTp0epL9v7c44dJdAaNjnGsaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/2lXaHW05tjMHkF_aJA-8cyjakdY.roa
Signing time: Wed 26 Jan 2022 18:28:24 +0000
ROA not before: Wed 26 Jan 2022 18:28:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 195.64.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72810 (0x11c6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f388d3a747a92fdbfb738e1d25d01a3639c6b1a1
Validity
Not Before: Jan 26 18:28:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da55da1d6d39b63307905fda240fbc7328da91d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f4:ed:29:f9:f5:3e:c3:38:c2:36:ec:f1:f9:
2d:a7:d7:b8:ef:19:10:02:df:ff:29:04:2b:85:f8:
25:20:04:a8:d8:3c:32:e7:5a:b2:1a:b0:34:65:83:
d6:6a:8f:46:91:0a:0c:72:ab:52:2b:7c:c3:51:5f:
13:ac:3b:62:5d:38:7e:b2:a1:39:66:c2:f1:f6:a2:
7f:c1:f0:f6:0b:d5:ee:16:8d:ee:98:bc:e0:20:c5:
f4:88:9d:19:58:6a:7b:02:f0:a5:9f:38:bd:17:42:
82:f4:ad:6a:4e:fb:7b:b7:4c:73:24:10:78:6d:00:
58:3c:16:ef:71:1f:d0:e2:cf:97:ab:0e:e6:91:c8:
99:e8:09:f3:3a:83:2e:4b:43:7a:0e:61:bc:8e:c6:
9d:23:59:f1:7c:9a:50:00:2c:68:63:83:ab:4f:f0:
2f:33:5b:0d:04:c1:eb:9a:c8:15:86:f7:8c:b1:c8:
41:69:3d:f3:27:a3:32:c6:c9:56:9e:19:da:16:fe:
97:d7:48:91:e5:bd:b1:da:03:a2:5a:c6:4a:16:0d:
f5:ee:17:4f:16:a5:7c:8f:8c:73:0a:16:e4:0a:01:
81:96:39:eb:6a:34:8b:73:10:06:32:5b:80:0d:ff:
10:1f:5b:eb:7f:9c:13:ed:03:3f:19:8c:7f:5d:49:
5b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:55:DA:1D:6D:39:B6:33:07:90:5F:DA:24:0F:BC:73:28:DA:91:D6
X509v3 Authority Key Identifier:
keyid:F3:88:D3:A7:47:A9:2F:DB:FB:73:8E:1D:25:D0:1A:36:39:C6:B1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84jTp0epL9v7c44dJdAaNjnGsaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/2lXaHW05tjMHkF_aJA-8cyjakdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/84jTp0epL9v7c44dJdAaNjnGsaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.111.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:d9:56:52:1f:4a:cd:32:f2:c0:7d:2c:37:37:67:6b:96:b7:
24:a9:3f:7c:ff:15:ae:59:dd:5c:06:22:83:54:15:ed:ed:a3:
40:8b:58:cd:e7:90:1f:cc:99:5a:05:65:cb:f0:b3:ce:6f:73:
ed:aa:c5:2d:e7:96:24:e5:88:ee:a1:ab:9d:8e:a4:e2:1d:d7:
06:19:20:5f:b9:55:e3:d6:6b:13:9b:74:42:ae:f3:f4:2c:76:
e2:65:1e:b3:75:5c:87:96:08:e7:7b:de:81:33:3a:f2:ee:eb:
e6:4e:ca:9e:f7:5d:81:ca:39:09:a6:65:f6:14:fb:6f:98:f8:
92:6d:d6:74:7b:6e:4a:7a:27:f1:75:9e:d6:20:de:b0:2a:ec:
07:95:f6:13:8d:ef:89:2e:a0:ba:8f:c5:7d:46:ee:44:eb:ea:
69:da:e1:2f:bf:5b:e6:1d:69:64:e4:82:5a:c7:14:a1:0a:59:
4c:99:5a:bc:7a:b7:1b:d9:2d:9a:f2:b5:8b:47:90:6e:a3:ac:
d9:a0:49:07:ea:b4:77:d1:69:6e:4d:f1:78:a2:fd:b7:07:41:
ca:81:66:b4:97:74:f7:38:a6:be:35:5f:3f:d1:f1:08:e2:f0:
b6:9c:9c:a4:83:a5:40:d2:c8:d3:3e:e7:96:bd:08:60:a2:58:
9f:2b:fe:fe
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDARxqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYz
ODhkM2E3NDdhOTJmZGJmYjczOGUxZDI1ZDAxYTM2MzljNmIxYTEwHhcNMjIwMTI2
MTgyODI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYTU1ZGExZDZkMzli
NjMzMDc5MDVmZGEyNDBmYmM3MzI4ZGE5MWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArfTtKfn1PsM4wjbs8fktp9e47xkQAt//KQQrhfglIASo2Dwy
51qyGrA0ZYPWao9GkQoMcqtSK3zDUV8TrDtiXTh+sqE5ZsLx9qJ/wfD2C9XuFo3u
mLzgIMX0iJ0ZWGp7AvClnzi9F0KC9K1qTvt7t0xzJBB4bQBYPBbvcR/Q4s+Xqw7m
kciZ6AnzOoMuS0N6DmG8jsadI1nxfJpQACxoY4OrT/AvM1sNBMHrmsgVhveMschB
aT3zJ6MyxslWnhnaFv6X10iR5b2x2gOiWsZKFg317hdPFqV8j4xzChbkCgGBljnr
ajSLcxAGMluADf8QH1vrf5wT7QM/GYx/XUlbTwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNpV2h1tObYzB5Bf2iQPvHMo2pHWMB8GA1UdIwQYMBaAFPOI06dHqS/b+3OO
HSXQGjY5xrGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ODRqVHAwZXBMOXY3YzQ0ZEpkQWFOam5Hc2FFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMi85NDViMmYtZGFhMS00Yzc5LTk0ZGEtZTZlZWQ5YzlhMjUzLzEv
MmxYYUhXMDV0ak1Ia0ZfYUpBLThjeWpha2RZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85
NDViMmYtZGFhMS00Yzc5LTk0ZGEtZTZlZWQ5YzlhMjUzLzEvODRqVHAwZXBMOXY3
YzQ0ZEpkQWFOam5Hc2FFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BvMA0GCSqGSIb3DQEBCwUAA4IB
AQBN2VZSH0rNMvLAfSw3N2drlrckqT98/xWuWd1cBiKDVBXt7aNAi1jN55AfzJla
BWXL8LPOb3PtqsUt55Yk5YjuoaudjqTiHdcGGSBfuVXj1msTm3RCrvP0LHbiZR6z
dVyHlgjne96BMzry7uvmTsqe912ByjkJpmX2FPtvmPiSbdZ0e25KeifxdZ7WIN6w
KuwHlfYTje+JLqC6j8V9Ru5E6+pp2uEvv1vmHWlk5IJaxxShCllMmVq8ercb2S2a
8rWLR5Buo6zZoEkH6rR30WluTfF4ov23B0HKgWa0l3T3OKa+NV8/0fEI4vC2nJyk
g6VA0sjTPueWvQhgolifK/7+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:19 2023 by rpki-client on console-ams.rpki-client.org