Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/coVsxiUCQ7F0vccOyHGUT57QJLM.roa
File: coVsxiUCQ7F0vccOyHGUT57QJLM.roa (raw, json)
Hash identifier: f+W2ID2j2n43Tf8HjoSn0tLLX90UM9q7j91SOFfjU4M=
Subject key identifier: 72:85:6C:C6:25:02:43:B1:74:BD:C7:0E:C8:71:94:4F:9E:D0:24:B3
Certificate issuer: /CN=c9b232958097b5863eafd047bb315171eaa01fb7
Certificate serial: 390CE893
Authority key identifier: C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/coVsxiUCQ7F0vccOyHGUT57QJLM.roa
Signing time: Fri 29 Apr 2022 05:19:04 +0000
ROA not before: Fri 29 Apr 2022 05:19:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25409
IP address blocks: 195.234.188.0/24 maxlen: 24
95.128.170.0/23 maxlen: 23
93.190.144.0/21 maxlen: 21
2a00:ff0::/48 maxlen: 48
2a00:ff0:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 957147283 (0x390ce893)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b232958097b5863eafd047bb315171eaa01fb7
Validity
Not Before: Apr 29 05:19:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72856cc6250243b174bdc70ec871944f9ed024b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0f:1d:34:d3:67:55:d4:79:7f:e0:29:47:7c:
1a:f1:e1:38:f9:d2:b5:80:fc:dc:f3:29:17:af:80:
8f:e7:b2:bd:27:30:d3:aa:87:58:7c:28:29:0a:44:
f4:21:4d:ab:c0:07:71:dd:d8:3e:d9:e3:9a:55:1a:
d8:cf:31:b6:dc:65:30:81:8e:e3:f2:1d:88:97:d5:
ec:be:d3:d1:0d:3b:31:3a:ec:a9:32:9a:86:f1:87:
c8:95:aa:e5:c8:ee:3d:33:12:11:41:68:16:74:37:
da:59:b5:59:ab:71:b9:c8:dd:85:b3:3a:70:3e:00:
6f:30:4f:4f:49:4f:fd:dd:5c:56:cd:54:c0:f9:e4:
f2:2c:fe:a8:1f:ac:c9:b5:69:a6:18:9a:4e:f8:d1:
a7:9c:dc:27:db:bd:8d:b6:7d:1e:dd:91:b2:43:1c:
e8:c3:f7:15:da:10:eb:96:07:f6:23:46:b3:54:7b:
c3:4c:4c:03:10:40:64:32:c5:c4:89:98:39:f1:46:
7b:4b:a0:c8:28:89:55:8f:1a:7a:c0:21:81:5d:9d:
2b:3b:28:3e:33:d5:c0:ac:a3:0c:6f:55:67:29:52:
54:11:93:e3:96:27:97:17:83:66:02:a2:94:fd:b2:
e9:c2:4c:d4:7a:90:cb:2c:0b:dd:c9:8e:37:63:fd:
f2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:85:6C:C6:25:02:43:B1:74:BD:C7:0E:C8:71:94:4F:9E:D0:24:B3
X509v3 Authority Key Identifier:
keyid:C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/coVsxiUCQ7F0vccOyHGUT57QJLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.144.0/21
95.128.170.0/23
195.234.188.0/24
IPv6:
2a00:ff0::/48
2a00:ff0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
b0:54:65:59:22:f3:ef:5c:fd:d2:8f:7d:e1:02:c1:3c:12:24:
e2:9f:9b:1e:ae:30:be:79:ee:e8:8f:52:d4:de:59:f6:c6:7b:
30:02:0c:c4:04:72:10:6b:1d:8d:24:2e:f1:c9:ef:e4:ac:ea:
e1:e2:24:c2:8b:c1:46:b2:3d:24:c0:76:d9:33:2b:67:5c:ac:
04:62:3e:ef:48:b7:48:66:5a:b6:ab:f5:0e:ab:8b:c8:35:4b:
de:e7:ed:84:62:d7:8e:eb:53:67:ec:a8:fe:8d:2a:c4:8c:66:
4c:c2:f4:bf:e6:10:2a:cb:50:a4:b2:cd:88:8a:94:87:4d:b4:
5e:12:e1:16:3c:f4:fc:37:1f:ba:45:ac:17:4f:d4:62:fd:af:
9b:f8:8c:36:1f:11:f4:c2:2f:49:1d:bf:ac:bb:6f:09:00:37:
62:61:04:dc:09:cd:d0:68:19:ff:e9:31:ab:98:3c:bb:fe:dd:
61:9b:42:a2:a9:f7:c5:50:96:be:f6:8f:5f:67:be:81:37:c5:
25:7b:53:c2:fe:62:a5:45:6d:97:66:e7:fc:38:ef:66:d5:43:
b6:30:05:7b:0e:8f:5c:00:3f:cd:64:43:dc:a9:3e:4f:3e:66:
8e:30:56:62:24:c0:1e:80:fb:41:2f:38:a2:90:f8:fb:c1:d8:
e8:7f:16:78
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEOQzokzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWIyMzI5NTgwOTdiNTg2M2VhZmQwNDdiYjMxNTE3MWVhYTAxZmI3MB4XDTIyMDQy
OTA1MTkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI4NTZjYzYyNTAy
NDNiMTc0YmRjNzBlYzg3MTk0NGY5ZWQwMjRiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4PHTTTZ1XUeX/gKUd8GvHhOPnStYD83PMpF6+Aj+eyvScw
06qHWHwoKQpE9CFNq8AHcd3YPtnjmlUa2M8xttxlMIGO4/IdiJfV7L7T0Q07MTrs
qTKahvGHyJWq5cjuPTMSEUFoFnQ32lm1WatxucjdhbM6cD4AbzBPT0lP/d1cVs1U
wPnk8iz+qB+sybVpphiaTvjRp5zcJ9u9jbZ9Ht2RskMc6MP3FdoQ65YH9iNGs1R7
w0xMAxBAZDLFxImYOfFGe0ugyCiJVY8aesAhgV2dKzsoPjPVwKyjDG9VZylSVBGT
45YnlxeDZgKilP2y6cJM1HqQyywL3cmON2P98usCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRyhWzGJQJDsXS9xw7IcZRPntAkszAfBgNVHSMEGDAWgBTJsjKVgJe1hj6v
0Ee7MVFx6qAftzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3liSXlsWUNYdFlZLXI5Qkh1ekZSY2VxZ0g3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvZjM1NDMyLWNmOTktNGYxOS1hNzZlLTA3YjdmZWYwODU4Zi8x
L2NvVnN4aVVDUTdGMHZjY095SEdVVDU3UUpMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
ZjM1NDMyLWNmOTktNGYxOS1hNzZlLTA3YjdmZWYwODU4Zi8xL3liSXlsWUNYdFlZ
LXI5Qkh1ekZSY2VxZ0g3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEA12+kAMEAV+AqgMEAMPqvDAYBAIA
AjASAwcAKgAP8AAAAwcAKgAP8P/+MA0GCSqGSIb3DQEBCwUAA4IBAQCwVGVZIvPv
XP3Sj33hAsE8EiTin5serjC+ee7oj1LU3ln2xnswAgzEBHIQax2NJC7xye/krOrh
4iTCi8FGsj0kwHbZMytnXKwEYj7vSLdIZlq2q/UOq4vINUve5+2EYteO61Nn7Kj+
jSrEjGZMwvS/5hAqy1Ckss2IipSHTbReEuEWPPT8Nx+6RawXT9Ri/a+b+Iw2HxH0
wi9JHb+su28JADdiYQTcCc3QaBn/6TGrmDy7/t1hm0KiqffFUJa+9o9fZ76BN8Ul
e1PC/mKlRW2XZuf8OO9m1UO2MAV7Do9cAD/NZEPcqT5PPmaOMFZiJMAegPtBLzii
kPj7wdjofxZ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:10 2024 by rpki-client on console-ams.rpki-client.org