Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/on_jfcuGKPEnyXPvdnNLnke3rD0.roa
File: on_jfcuGKPEnyXPvdnNLnke3rD0.roa (raw, json)
Hash identifier: swjs5/mZ/TbaOunHx4xmX3F3OFbwj0Vovd7dydgv3R0=
Subject key identifier: A2:7F:E3:7D:CB:86:28:F1:27:C9:73:EF:76:73:4B:9E:47:B7:AC:3D
Certificate issuer: /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial: 0182AA8676A152191F2F1598A8661434B1DF
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/on_jfcuGKPEnyXPvdnNLnke3rD0.roa
Signing time: Wed 17 Aug 2022 06:38:35 +0000
ROA not before: Wed 17 Aug 2022 06:38:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206471
IP address blocks: 194.127.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:aa:86:76:a1:52:19:1f:2f:15:98:a8:66:14:34:b1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
Validity
Not Before: Aug 17 06:38:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a27fe37dcb8628f127c973ef76734b9e47b7ac3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:09:46:6b:ed:dc:c8:ae:ad:38:68:d6:d8:cf:
25:87:8e:e9:55:09:1b:2f:61:c2:c4:94:87:13:da:
64:b5:8e:b2:29:4a:7d:9a:af:81:3b:cd:32:ea:e9:
e9:20:47:da:bc:97:db:b1:bb:e5:41:85:07:e7:fe:
f6:7e:3e:ef:89:4a:31:3b:85:88:c5:be:18:0d:e2:
47:a5:25:21:38:6c:87:69:17:fc:e1:a4:c3:b6:1b:
30:4f:41:cf:8a:4d:ea:6a:5a:a0:da:5e:94:52:7a:
a6:5e:2e:4d:f8:91:96:77:e4:ec:f4:a6:1c:34:11:
9a:54:02:45:6f:2f:aa:41:ce:e6:5e:75:74:d0:23:
93:2d:bc:48:38:0e:29:17:f2:10:4f:a3:f8:28:17:
e5:7d:69:b4:c9:4e:27:43:cc:61:77:78:29:33:17:
fd:bb:4f:67:c5:b2:99:46:d9:8d:5d:57:f1:79:e3:
8a:98:e7:a8:d8:4b:15:44:34:82:58:0c:fd:52:3a:
de:3f:7f:ba:18:b5:33:7a:d9:f0:75:ee:6b:fc:bf:
21:1c:60:df:90:e9:08:38:29:ba:37:74:1d:5f:7e:
72:67:b4:40:43:cb:53:7f:b8:aa:88:c4:5e:e6:1a:
33:f8:50:b7:b0:16:09:5c:18:96:f6:39:8e:91:8a:
d3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7F:E3:7D:CB:86:28:F1:27:C9:73:EF:76:73:4B:9E:47:B7:AC:3D
X509v3 Authority Key Identifier:
keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/on_jfcuGKPEnyXPvdnNLnke3rD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.109.0/24
Signature Algorithm: sha256WithRSAEncryption
09:d3:04:2f:71:29:b3:ab:2b:43:6f:68:82:0f:1f:81:26:89:
4f:75:eb:6f:37:35:84:a5:35:37:1d:25:7a:20:3d:66:c9:c6:
2b:58:02:dd:66:90:f8:4a:55:fb:c0:db:c8:11:97:ed:72:b6:
5a:ef:37:cc:c7:15:44:df:73:4e:5d:09:21:b2:b2:b3:b2:e2:
3a:67:2c:90:08:7e:46:7c:f9:cf:b9:fd:84:ce:89:43:ff:14:
34:6b:d9:48:24:5b:6d:37:df:df:b2:50:98:71:15:fd:09:cc:
77:61:ce:fe:9b:4a:97:43:5b:62:fc:04:d5:d5:71:1e:bf:11:
08:bf:f5:14:52:8e:55:98:93:59:c9:ff:d7:5f:06:53:73:08:
76:e2:a5:4e:8e:90:13:63:3d:16:37:85:60:33:ba:b8:fb:06:
08:7b:cc:a6:59:be:73:90:f9:13:af:a9:ae:f3:c1:5e:92:dc:
ca:23:52:96:62:ca:e3:40:ad:c7:72:ba:41:40:08:17:42:6f:
dc:71:4a:6c:f6:b3:49:64:8a:58:e4:55:bc:6d:9c:7e:59:7f:
57:bc:33:b0:c7:a9:9e:e0:b8:f8:25:cf:bc:36:84:93:e4:7b:
56:98:de:cf:61:6a:9c:60:0a:5a:d2:41:1a:7f:d5:cb:49:35:
93:a1:5f:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKqhnahUhkfLxWYqGYUNLHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjIwODE3MDYzODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdmZTM3ZGNiODYyOGYxMjdjOTczZWY3NjczNGI5ZTQ3YjdhYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQlGa+3cyK6tOGjW2M8lh47pVQkb
L2HCxJSHE9pktY6yKUp9mq+BO80y6unpIEfavJfbsbvlQYUH5/72fj7viUoxO4WI
xb4YDeJHpSUhOGyHaRf84aTDthswT0HPik3qalqg2l6UUnqmXi5N+JGWd+Ts9KYc
NBGaVAJFby+qQc7mXnV00COTLbxIOA4pF/IQT6P4KBflfWm0yU4nQ8xhd3gpMxf9
u09nxbKZRtmNXVfxeeOKmOeo2EsVRDSCWAz9UjreP3+6GLUzetnwde5r/L8hHGDf
kOkIOCm6N3QdX35yZ7RAQ8tTf7iqiMRe5hoz+FC3sBYJXBiW9jmOkYrTnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJ/433LhijxJ8lz73ZzS55Ht6w9MB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvb25famZjdUdLUEVueVhQdmRuTkxua2UzckQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn9tMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ0wQvcSmzqytDb2iCDx+BJolPdetvNzWEpTU3HSV6
ID1mycYrWALdZpD4SlX7wNvIEZftcrZa7zfMxxVE33NOXQkhsrKzsuI6ZyyQCH5G
fPnPuf2EzolD/xQ0a9lIJFttN9/fslCYcRX9Ccx3Yc7+m0qXQ1ti/ATV1XEevxEI
v/UUUo5VmJNZyf/XXwZTcwh24qVOjpATYz0WN4VgM7q4+wYIe8ymWb5zkPkTr6mu
88FektzKI1KWYsrjQK3HcrpBQAgXQm/ccUps9rNJZIpY5FW8bZx+WX9XvDOwx6me
4Lj4Jc+8NoST5HtWmN7PYWqcYApa0kEaf9XLSTWToV/e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org