Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/sqZTIhmRngsYBKcwVak7xCtBXN0.roa
File: sqZTIhmRngsYBKcwVak7xCtBXN0.roa (raw, json)
Hash identifier: 4LtZrmLXqU69TouwbVPkZmj42qThefMY8605+z2hyDw=
Subject key identifier: B2:A6:53:22:19:91:9E:0B:18:04:A7:30:55:A9:3B:C4:2B:41:5C:DD
Certificate issuer: /CN=ffbe256565e1c27c4b26560190e9978286a82b52
Certificate serial: 0BA9D1AD
Authority key identifier: FF:BE:25:65:65:E1:C2:7C:4B:26:56:01:90:E9:97:82:86:A8:2B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_74lZWXhwnxLJlYBkOmXgoaoK1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/sqZTIhmRngsYBKcwVak7xCtBXN0.roa
Signing time: Sat 01 Jan 2022 15:55:40 +0000
ROA not before: Sat 01 Jan 2022 15:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201080
IP address blocks: 194.146.205.0/24 maxlen: 24
194.146.206.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195678637 (0xba9d1ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbe256565e1c27c4b26560190e9978286a82b52
Validity
Not Before: Jan 1 15:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2a6532219919e0b1804a73055a93bc42b415cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ba:c5:a5:d9:b3:dc:3a:74:1a:d0:e0:be:2d:
47:f6:56:2f:97:9d:2e:03:86:98:c3:a3:fe:27:a6:
a7:1f:7b:9d:e7:2f:20:eb:89:05:0c:9c:67:33:48:
f2:89:cf:28:45:6e:27:7a:d6:5a:b0:93:c3:3a:b3:
af:0a:16:d7:59:d6:4c:53:94:df:15:be:21:3f:c3:
d7:e0:90:1d:ee:66:f9:5f:6b:b0:44:70:38:8c:d4:
d1:74:6b:ac:5b:9f:e2:28:ae:fe:1f:7b:61:93:6a:
51:00:82:9a:fa:02:54:49:b0:1a:8f:45:e7:00:0e:
1f:b2:86:46:fb:ad:41:72:d8:85:fd:cc:ce:24:37:
f4:be:e5:a6:bf:07:f5:ff:24:e3:68:7c:05:dc:27:
34:02:d1:45:49:63:fd:94:e7:30:60:bc:41:d1:b3:
0f:ef:b6:da:0a:fd:e9:50:c4:f3:ec:4d:b9:d1:90:
59:e0:4e:a3:7f:16:81:b1:b8:20:50:a7:3f:af:f2:
a6:34:06:e5:4e:a0:df:92:94:aa:d8:6a:69:1f:90:
cb:3e:e4:ce:55:e2:7f:a0:f2:04:2a:06:3a:8d:ff:
6b:4b:59:5f:d4:90:b2:70:bf:a0:c8:56:f9:a4:73:
76:76:b7:83:bf:5d:3d:f4:f6:2c:89:8b:f0:e5:4e:
fc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A6:53:22:19:91:9E:0B:18:04:A7:30:55:A9:3B:C4:2B:41:5C:DD
X509v3 Authority Key Identifier:
keyid:FF:BE:25:65:65:E1:C2:7C:4B:26:56:01:90:E9:97:82:86:A8:2B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_74lZWXhwnxLJlYBkOmXgoaoK1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/sqZTIhmRngsYBKcwVak7xCtBXN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/_74lZWXhwnxLJlYBkOmXgoaoK1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.205.0-194.146.207.255
Signature Algorithm: sha256WithRSAEncryption
56:68:29:c1:90:80:f9:3b:36:40:77:9a:fd:9f:45:a4:e7:c2:
f3:8a:64:6f:e5:69:09:7a:dc:5f:e3:d5:05:bb:bc:8b:4b:53:
0d:df:95:07:8a:23:81:3f:72:7d:05:8b:ee:0d:43:b1:b8:e2:
1a:be:ac:76:29:83:28:a2:0b:2d:38:0f:fb:9c:4c:59:40:8b:
33:a3:88:79:e8:70:8f:29:70:cd:89:46:94:76:00:32:e0:c1:
f1:c9:16:1d:2b:23:54:c9:dd:9c:cb:0d:c3:77:c5:dc:be:0d:
6c:dd:21:a3:f0:66:cb:75:7d:00:94:35:06:95:1e:22:72:3b:
78:67:09:0b:91:38:fd:d4:15:d7:c2:76:4c:61:45:26:55:c9:
57:c7:43:af:05:12:f5:17:d7:a0:cb:33:28:e3:e6:0d:47:ac:
39:6c:e5:b7:6f:58:d5:b0:a8:14:36:ea:19:b4:a2:29:f4:54:
6c:67:79:d3:79:c0:93:da:13:9e:9d:b6:98:ee:de:6a:47:66:
44:8c:56:fa:68:d4:5d:2b:75:18:0e:b9:09:fc:42:48:bc:78:
5e:d5:72:94:52:40:69:e1:07:ec:37:9b:17:54:d7:55:22:26:
39:f6:cf:6a:df:66:83:df:9a:29:cc:3a:54:33:e5:47:44:b3:
e5:5d:69:e9
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEC6nRrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmJlMjU2NTY1ZTFjMjdjNGIyNjU2MDE5MGU5OTc4Mjg2YTgyYjUyMB4XDTIyMDEw
MTE1NTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJhNjUzMjIxOTkx
OWUwYjE4MDRhNzMwNTVhOTNiYzQyYjQxNWNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALq6xaXZs9w6dBrQ4L4tR/ZWL5edLgOGmMOj/iempx97necv
IOuJBQycZzNI8onPKEVuJ3rWWrCTwzqzrwoW11nWTFOU3xW+IT/D1+CQHe5m+V9r
sERwOIzU0XRrrFuf4iiu/h97YZNqUQCCmvoCVEmwGo9F5wAOH7KGRvutQXLYhf3M
ziQ39L7lpr8H9f8k42h8BdwnNALRRUlj/ZTnMGC8QdGzD++22gr96VDE8+xNudGQ
WeBOo38WgbG4IFCnP6/ypjQG5U6g35KUqthqaR+Qyz7kzlXif6DyBCoGOo3/a0tZ
X9SQsnC/oMhW+aRzdna3g79dPfT2LImL8OVO/EMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSyplMiGZGeCxgEpzBVqTvEK0Fc3TAfBgNVHSMEGDAWgBT/viVlZeHCfEsm
VgGQ6ZeChqgrUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L183NGxaV1hod254TEpsWUJrT21YZ29hb0sxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvMjdjOTI4LTAyZmUtNDA1Mi05ZDY1LWIxZmMyMDgzYzkwNi8x
L3NxWlRJaG1SbmdzWUJLY3dWYWs3eEN0QlhOMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
MjdjOTI4LTAyZmUtNDA1Mi05ZDY1LWIxZmMyMDgzYzkwNi8xL183NGxaV1hod254
TEpsWUJrT21YZ29hb0sxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwpLNAwQEwpLAMA0GCSqGSIb3
DQEBCwUAA4IBAQBWaCnBkID5OzZAd5r9n0Wk58LzimRv5WkJetxf49UFu7yLS1MN
35UHiiOBP3J9BYvuDUOxuOIavqx2KYMoogstOA/7nExZQIszo4h56HCPKXDNiUaU
dgAy4MHxyRYdKyNUyd2cyw3Dd8Xcvg1s3SGj8GbLdX0AlDUGlR4icjt4ZwkLkTj9
1BXXwnZMYUUmVclXx0OvBRL1F9egyzMo4+YNR6w5bOW3b1jVsKgUNuoZtKIp9FRs
Z3nTecCT2hOenbaY7t5qR2ZEjFb6aNRdK3UYDrkJ/EJIvHhe1XKUUkBp4QfsN5sX
VNdVIiY59s9q32aD35opzDpUM+VHRLPlXWnp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:59 2023 by rpki-client on console-fra.rpki-client.org