Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/2I4iErOC3bwIqB3hXR8qBrYTU20.roa
File: 2I4iErOC3bwIqB3hXR8qBrYTU20.roa (raw, json)
Hash identifier: lUDeeM8KhelkGxCiVt+P7XlUMEnQ4yv0yPYKgSOS/cQ=
Subject key identifier: D8:8E:22:12:B3:82:DD:BC:08:A8:1D:E1:5D:1F:2A:06:B6:13:53:6D
Certificate issuer: /CN=ac9a51bea1b570ffa72d9c52d1a518c24bc78c02
Certificate serial: 02F8D594
Authority key identifier: AC:9A:51:BE:A1:B5:70:FF:A7:2D:9C:52:D1:A5:18:C2:4B:C7:8C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJpRvqG1cP-nLZxS0aUYwkvHjAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/2I4iErOC3bwIqB3hXR8qBrYTU20.roa
Signing time: Sat 01 Jan 2022 15:05:47 +0000
ROA not before: Sat 01 Jan 2022 15:05:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50772
IP address blocks: 195.78.100.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49862036 (0x2f8d594)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9a51bea1b570ffa72d9c52d1a518c24bc78c02
Validity
Not Before: Jan 1 15:05:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d88e2212b382ddbc08a81de15d1f2a06b613536d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:db:44:cb:50:89:8b:bb:d2:95:3c:7f:f3:0b:
79:bc:92:54:e0:b0:11:09:4d:f1:d1:68:f5:4a:97:
a5:f6:5b:40:72:97:a1:bf:65:61:2e:2e:c8:07:fa:
c0:d7:f6:d1:bc:b2:9f:46:03:6e:1a:17:fa:17:3d:
6d:b7:e4:7e:6a:ca:a1:0a:19:d0:dd:8d:e4:ba:21:
f9:02:36:04:ba:f1:06:cf:09:e5:c0:11:8d:ec:62:
07:1e:91:e6:a0:02:f8:81:99:a3:a3:82:4e:12:47:
73:9c:41:68:6e:8a:14:8a:83:6b:61:4d:e3:88:f8:
92:2f:2c:1b:a9:89:3c:8c:9b:ed:93:09:b8:da:ea:
7c:b8:44:c7:97:4b:53:c1:25:43:c3:8d:ea:89:09:
9a:08:29:14:89:da:0a:c0:50:bf:0d:f9:8d:6d:d8:
06:d9:64:67:c7:f3:0a:d6:29:f0:f1:d8:a1:17:5a:
c5:f4:da:9e:bc:73:df:e2:5c:be:2a:e8:0b:b4:be:
69:15:1e:46:b3:27:78:4f:31:f1:57:c7:b3:04:50:
24:37:64:35:07:cf:02:9e:41:18:d0:68:d4:c9:e9:
16:ea:db:b0:b5:b3:95:45:5a:e1:ac:76:c0:b4:76:
d1:5b:89:b7:98:ac:08:04:8a:ca:8b:4d:02:63:34:
22:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8E:22:12:B3:82:DD:BC:08:A8:1D:E1:5D:1F:2A:06:B6:13:53:6D
X509v3 Authority Key Identifier:
keyid:AC:9A:51:BE:A1:B5:70:FF:A7:2D:9C:52:D1:A5:18:C2:4B:C7:8C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJpRvqG1cP-nLZxS0aUYwkvHjAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/2I4iErOC3bwIqB3hXR8qBrYTU20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.100.0/23
Signature Algorithm: sha256WithRSAEncryption
42:ac:64:65:46:01:c6:e8:cd:28:88:0b:96:6d:73:b6:d3:09:
86:3d:c5:96:25:6b:ea:df:ba:e1:ce:12:85:f6:43:af:49:2b:
81:be:4b:7a:8a:36:76:94:21:7c:d0:b2:0f:b4:67:69:68:0a:
e6:ba:39:67:a2:d0:65:6a:c5:e3:32:2f:c9:fb:e0:82:3d:da:
45:a6:a8:15:41:9b:89:44:79:30:02:5a:71:f8:ec:fe:15:82:
44:fa:16:6d:10:fd:3b:32:39:5c:75:7e:b9:6b:8a:fa:60:24:
d1:05:b5:4e:b0:c4:d4:48:fd:d0:da:d7:d3:d9:a8:0b:fd:f4:
5f:42:0f:f1:4b:7a:c7:e2:57:12:71:06:a0:34:07:37:87:4b:
0a:c4:36:fa:dd:b5:ba:95:7b:ce:c2:9b:0f:c8:80:50:2e:21:
9b:4e:3c:5b:5e:91:88:67:43:4c:dd:a2:0d:a5:6e:ef:46:48:
10:9a:7f:c9:24:2a:ed:cc:92:1b:8c:98:29:4e:fb:96:5a:8a:
46:6c:a3:36:7c:f5:a3:bf:c5:dd:b6:8e:9a:a9:b9:e1:76:f1:
8c:4b:2a:2c:a7:81:08:09:40:0d:b1:a2:a1:a1:9d:2b:1b:23:
dc:5f:28:9e:e6:bc:75:7a:30:7d:6a:01:dc:88:57:69:14:f4:
ca:f8:22:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvjVlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzlhNTFiZWExYjU3MGZmYTcyZDljNTJkMWE1MThjMjRiYzc4YzAyMB4XDTIyMDEw
MTE1MDU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg4ZTIyMTJiMzgy
ZGRiYzA4YTgxZGUxNWQxZjJhMDZiNjEzNTM2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLbRMtQiYu70pU8f/MLebySVOCwEQlN8dFo9UqXpfZbQHKX
ob9lYS4uyAf6wNf20byyn0YDbhoX+hc9bbfkfmrKoQoZ0N2N5Loh+QI2BLrxBs8J
5cARjexiBx6R5qAC+IGZo6OCThJHc5xBaG6KFIqDa2FN44j4ki8sG6mJPIyb7ZMJ
uNrqfLhEx5dLU8ElQ8ON6okJmggpFInaCsBQvw35jW3YBtlkZ8fzCtYp8PHYoRda
xfTanrxz3+JcviroC7S+aRUeRrMneE8x8VfHswRQJDdkNQfPAp5BGNBo1MnpFurb
sLWzlUVa4ax2wLR20VuJt5isCASKyotNAmM0IuECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTYjiISs4LdvAioHeFdHyoGthNTbTAfBgNVHSMEGDAWgBSsmlG+obVw/6ct
nFLRpRjCS8eMAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JKcFJ2cUcxY1AtbkxaeFMwYVVZd2t2SGpBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMmRlODdhLTAxNzYtNGYxOS1iMGU4LWFiNTYzMDIxMWY3YS8x
LzJJNGlFck9DM2J3SXFCM2hYUjhxQnJZVFUyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MmRlODdhLTAxNzYtNGYxOS1iMGU4LWFiNTYzMDIxMWY3YS8xL3JKcFJ2cUcxY1At
bkxaeFMwYVVZd2t2SGpBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcNOZDANBgkqhkiG9w0BAQsFAAOC
AQEAQqxkZUYBxujNKIgLlm1zttMJhj3FliVr6t+64c4ShfZDr0krgb5Leoo2dpQh
fNCyD7RnaWgK5ro5Z6LQZWrF4zIvyfvggj3aRaaoFUGbiUR5MAJacfjs/hWCRPoW
bRD9OzI5XHV+uWuK+mAk0QW1TrDE1Ej90NrX09moC/30X0IP8Ut6x+JXEnEGoDQH
N4dLCsQ2+t21upV7zsKbD8iAUC4hm048W16RiGdDTN2iDaVu70ZIEJp/ySQq7cyS
G4yYKU77llqKRmyjNnz1o7/F3baOmqm54XbxjEsqLKeBCAlADbGioaGdKxsj3F8o
nua8dXowfWoB3IhXaRT0yvgisg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:07 2024 by rpki-client on console-fra.rpki-client.org