Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/v5UNfcw2OiQA_UjlnbTHOl_AA94.roa
File: v5UNfcw2OiQA_UjlnbTHOl_AA94.roa (raw, json)
Hash identifier: cwAf9n/PyFh6ejeWdTRPe5LXXzPJS21HOWWMlnx0+IA=
Subject key identifier: BF:95:0D:7D:CC:36:3A:24:00:FD:48:E5:9D:B4:C7:3A:5F:C0:03:DE
Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial: 01847FB2065A29D7DCA7663127B555675FDC
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/v5UNfcw2OiQA_UjlnbTHOl_AA94.roa
Signing time: Wed 16 Nov 2022 09:08:04 +0000
ROA not before: Wed 16 Nov 2022 09:08:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208976
IP address blocks: 194.147.211.0/24 maxlen: 24
2a12:66c7::/48 maxlen: 48
2a12:66c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:b2:06:5a:29:d7:dc:a7:66:31:27:b5:55:67:5f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Validity
Not Before: Nov 16 09:08:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf950d7dcc363a2400fd48e59db4c73a5fc003de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0c:81:3c:3b:b1:db:a6:70:1a:55:84:7a:53:
cf:a7:2b:5f:8c:d9:b8:33:08:c6:76:04:f1:f3:ec:
03:7a:7c:f3:3d:2d:17:35:4e:e8:8b:f1:cd:1f:e5:
59:d8:5e:a5:18:f2:0f:1d:60:71:42:96:62:7d:41:
8e:8c:44:1e:2e:7d:cb:87:c1:56:b9:15:19:4c:22:
31:e5:d8:d6:f2:f4:c9:c8:79:a5:8c:1b:18:6b:70:
80:65:e9:8a:dd:c9:97:5d:75:88:4f:38:3c:ce:89:
37:55:08:cd:dc:58:1c:22:10:bb:ad:25:a8:ef:81:
91:dc:f5:fa:40:73:8d:53:32:3a:ba:93:72:07:ce:
ad:11:36:0f:d2:36:ea:e8:42:0c:67:e2:ea:f3:b2:
9c:67:7d:c2:a0:87:59:9c:0b:73:c4:83:85:33:d7:
39:f3:a6:33:ce:91:81:3e:c9:12:1e:c5:4e:16:64:
7e:17:f1:0e:27:b5:f4:43:9f:4e:e7:ea:a3:9d:e4:
9b:48:90:e4:b4:c8:3e:d4:17:27:2e:21:51:52:be:
3a:63:3b:2d:18:3b:e9:b3:c6:53:8f:11:6f:13:7d:
3b:5c:27:b7:b1:88:55:db:60:67:a2:70:87:6b:29:
af:01:0b:e1:1c:25:73:18:00:44:97:58:f9:45:1c:
9e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:95:0D:7D:CC:36:3A:24:00:FD:48:E5:9D:B4:C7:3A:5F:C0:03:DE
X509v3 Authority Key Identifier:
keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/v5UNfcw2OiQA_UjlnbTHOl_AA94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.211.0/24
IPv6:
2a12:66c0::/32
2a12:66c7::/48
Signature Algorithm: sha256WithRSAEncryption
4a:57:c1:66:27:6a:80:39:2a:ce:ce:8a:5d:68:bf:df:14:02:
04:28:62:99:b4:a6:70:01:cd:97:30:47:b7:53:7b:5d:33:5b:
12:4e:aa:55:54:f4:15:03:46:17:ad:62:93:b7:2a:a1:66:66:
12:b6:f3:f1:d9:04:c4:25:26:e8:53:f9:9a:3c:53:87:5a:53:
c8:d0:2d:b8:c7:ca:ca:9d:11:7c:3e:5d:5a:59:0c:0c:aa:f6:
39:d9:98:cc:4e:bb:b2:86:9b:6f:6f:6f:a7:9e:c0:8a:62:43:
d8:a2:3f:1b:4b:b0:f4:53:7b:e9:c9:6e:10:1d:75:e3:c2:4b:
21:d1:91:91:0b:e8:37:8b:01:5f:1b:8c:61:b9:fd:9a:c7:06:
ad:9b:dc:03:f2:ac:ed:b8:00:4e:fa:cf:16:ce:07:9e:f2:5c:
22:00:62:94:93:7c:fd:58:50:7d:e5:f2:7e:3c:48:47:ef:1e:
c8:c6:2d:f6:a3:1a:78:10:f1:ed:87:31:95:02:b7:e0:93:58:
c8:a8:83:d0:db:0b:a9:b5:77:dc:b0:c4:ec:b7:4a:3b:82:74:
59:2f:17:a3:77:a2:b7:a0:1f:de:f9:d8:fc:05:3a:11:d9:77:
9e:fa:7e:ce:59:ad:29:07:55:91:35:fe:ae:9b:01:4b:59:78:
7d:d1:9b:1d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYR/sgZaKdfcp2YxJ7VVZ1/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjIxMTE2MDkwODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk1MGQ3ZGNjMzYzYTI0MDBmZDQ4ZTU5ZGI0YzczYTVmYzAwM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAyBPDux26ZwGlWEelPPpytfjNm4
MwjGdgTx8+wDenzzPS0XNU7oi/HNH+VZ2F6lGPIPHWBxQpZifUGOjEQeLn3Lh8FW
uRUZTCIx5djW8vTJyHmljBsYa3CAZemK3cmXXXWITzg8zok3VQjN3FgcIhC7rSWo
74GR3PX6QHONUzI6upNyB86tETYP0jbq6EIMZ+Lq87KcZ33CoIdZnAtzxIOFM9c5
86YzzpGBPskSHsVOFmR+F/EOJ7X0Q59O5+qjneSbSJDktMg+1BcnLiFRUr46Yzst
GDvps8ZTjxFvE307XCe3sYhV22BnonCHaymvAQvhHCVzGABEl1j5RRyefwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL+VDX3MNjokAP1I5Z20xzpfwAPeMB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvdjVVTmZjdzJPaVFBX1VqbG5iVEhPbF9BQTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAwpPTMBYE
AgACMBADBQAqEmbAAwcAKhJmxwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBKV8FmJ2qA
OSrOzopdaL/fFAIEKGKZtKZwAc2XMEe3U3tdM1sSTqpVVPQVA0YXrWKTtyqhZmYS
tvPx2QTEJSboU/maPFOHWlPI0C24x8rKnRF8Pl1aWQwMqvY52ZjMTruyhptvb2+n
nsCKYkPYoj8bS7D0U3vpyW4QHXXjwksh0ZGRC+g3iwFfG4xhuf2axwatm9wD8qzt
uABO+s8Wzgee8lwiAGKUk3z9WFB95fJ+PEhH7x7Ixi32oxp4EPHthzGVArfgk1jI
qIPQ2wuptXfcsMTst0o7gnRZLxejd6K3oB/e+dj8BToR2Xee+n7OWa0pB1WRNf6u
mwFLWXh90Zsd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:16 2024 by rpki-client on console-fra.rpki-client.org