Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/pZHuvUDgOgi5t-gTiN9qRgFHMV0.roa
File: pZHuvUDgOgi5t-gTiN9qRgFHMV0.roa (raw, json)
Hash identifier: HTqOP+RhQQvHY8RdN/2J7lsb6W4VQwoRNfzbL6B3aXE=
Subject key identifier: A5:91:EE:BD:40:E0:3A:08:B9:B7:E8:13:88:DF:6A:46:01:47:31:5D
Certificate issuer: /CN=0eb510d7c915a4be6df6b16ff582fd2d6ad23605
Certificate serial: 0955248B
Authority key identifier: 0E:B5:10:D7:C9:15:A4:BE:6D:F6:B1:6F:F5:82:FD:2D:6A:D2:36:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/pZHuvUDgOgi5t-gTiN9qRgFHMV0.roa
Signing time: Sat 01 Jan 2022 11:55:56 +0000
ROA not before: Sat 01 Jan 2022 11:55:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50949
IP address blocks: 194.28.88.0/22 maxlen: 24
2001:67c:320::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156574859 (0x955248b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eb510d7c915a4be6df6b16ff582fd2d6ad23605
Validity
Not Before: Jan 1 11:55:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a591eebd40e03a08b9b7e81388df6a460147315d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:90:0e:64:24:76:8d:91:ce:65:56:f2:2e:c6:
df:7e:77:f1:00:9d:d0:15:f3:91:4c:b9:f6:d8:f5:
02:45:f6:03:a3:e5:d8:d8:a9:8b:7a:84:3b:d7:6a:
3b:6a:0d:a0:f5:6d:1c:67:84:55:88:96:fe:28:b0:
5e:62:41:42:54:5d:1e:5f:8a:78:de:01:05:f5:6c:
b8:24:3d:c4:52:e6:c0:5d:f7:af:7d:f2:62:66:5d:
1a:48:44:79:c9:0b:de:88:af:92:61:b5:08:9a:b8:
57:da:37:c4:31:b2:02:e8:22:0b:05:4b:4e:b9:2c:
10:42:06:ab:68:c1:fc:02:96:ce:5e:bb:50:8e:e2:
19:6b:2e:57:36:64:ff:f4:e1:10:b5:9c:91:63:72:
16:e2:6b:50:eb:df:7f:5a:20:43:e1:7a:f6:16:dc:
9c:86:fc:0c:13:1e:99:13:27:37:91:be:9e:0e:c4:
08:74:39:0e:b4:a9:4c:bf:19:06:19:5f:22:0c:6b:
8c:e9:2d:da:cc:1a:c2:6d:64:be:74:5f:ed:42:13:
03:6a:8f:e6:ef:35:65:2a:e4:31:f4:d3:81:3c:3f:
4d:8f:d3:c3:9a:2b:fa:28:8d:2f:de:13:8d:11:ce:
35:45:c0:36:e5:c7:9c:18:4b:d4:67:3a:13:14:ac:
d1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:91:EE:BD:40:E0:3A:08:B9:B7:E8:13:88:DF:6A:46:01:47:31:5D
X509v3 Authority Key Identifier:
keyid:0E:B5:10:D7:C9:15:A4:BE:6D:F6:B1:6F:F5:82:FD:2D:6A:D2:36:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/pZHuvUDgOgi5t-gTiN9qRgFHMV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/DrUQ18kVpL5t9rFv9YL9LWrSNgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.88.0/22
IPv6:
2001:67c:320::/48
Signature Algorithm: sha256WithRSAEncryption
9f:a3:a7:b2:91:4c:e2:06:5d:a2:05:71:20:3a:0a:31:64:17:
b5:43:ae:26:5e:38:aa:ca:79:82:63:c2:c2:d2:24:08:ca:26:
80:b1:e1:c5:b4:32:f7:a2:51:ca:5f:0b:25:dd:ab:b3:f6:87:
5a:ac:6f:c5:95:d6:df:2e:1c:ed:be:e8:09:36:2e:d0:82:5e:
91:fe:82:6e:3e:c3:e5:a5:19:70:7b:1c:49:2b:a4:61:c7:58:
5c:b5:72:ff:9d:fd:07:36:46:e8:f7:0f:50:81:23:10:da:d2:
99:16:28:26:22:1a:e6:71:97:6d:40:35:b3:60:fb:c2:2d:1b:
d6:62:32:32:e8:d0:18:3e:5a:99:4d:74:c3:60:4a:a6:04:7f:
27:50:39:e7:cc:cf:33:21:0e:54:bd:fe:f9:72:80:93:c1:af:
29:16:30:71:dd:11:76:e5:0b:28:94:b9:24:bc:9d:f8:1f:11:
03:6e:c6:7c:b2:4d:9d:de:64:4d:75:e5:13:6d:17:cd:1a:b2:
1c:a3:57:70:f2:1c:c9:14:69:05:87:51:52:97:4b:00:5a:8d:
b5:fa:f5:bb:a7:2b:2e:95:aa:29:98:54:57:35:bd:77:94:76:
35:1a:3b:6a:f1:2e:04:c3:f1:cc:75:de:70:5c:0f:78:e6:b5:
95:7e:49:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECVUkizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWI1MTBkN2M5MTVhNGJlNmRmNmIxNmZmNTgyZmQyZDZhZDIzNjA1MB4XDTIyMDEw
MTExNTU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU5MWVlYmQ0MGUw
M2EwOGI5YjdlODEzODhkZjZhNDYwMTQ3MzE1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmQDmQkdo2RzmVW8i7G33538QCd0BXzkUy59tj1AkX2A6Pl
2Nipi3qEO9dqO2oNoPVtHGeEVYiW/iiwXmJBQlRdHl+KeN4BBfVsuCQ9xFLmwF33
r33yYmZdGkhEeckL3oivkmG1CJq4V9o3xDGyAugiCwVLTrksEEIGq2jB/AKWzl67
UI7iGWsuVzZk//ThELWckWNyFuJrUOvff1ogQ+F69hbcnIb8DBMemRMnN5G+ng7E
CHQ5DrSpTL8ZBhlfIgxrjOkt2swawm1kvnRf7UITA2qP5u81ZSrkMfTTgTw/TY/T
w5or+iiNL94TjRHONUXANuXHnBhL1Gc6ExSs0V8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSlke69QOA6CLm36BOI32pGAUcxXTAfBgNVHSMEGDAWgBQOtRDXyRWkvm32
sW/1gv0tatI2BTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RyVVExOGtWcEw1dDlyRnY5WUw5TFdyU05nVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvOTZiZTNkLWQ3ZDItNDc1My1hNzgzLWQ2MzhhM2JlODhjYS8x
L3BaSHV2VURnT2dpNXQtZ1RpTjlxUmdGSE1WMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
OTZiZTNkLWQ3ZDItNDc1My1hNzgzLWQ2MzhhM2JlODhjYS8xL0RyVVExOGtWcEw1
dDlyRnY5WUw5TFdyU05nVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAsIcWDAPBAIAAjAJAwcAIAEGfAMg
MA0GCSqGSIb3DQEBCwUAA4IBAQCfo6eykUziBl2iBXEgOgoxZBe1Q64mXjiqynmC
Y8LC0iQIyiaAseHFtDL3olHKXwsl3auz9odarG/FldbfLhztvugJNi7Qgl6R/oJu
PsPlpRlwexxJK6Rhx1hctXL/nf0HNkbo9w9QgSMQ2tKZFigmIhrmcZdtQDWzYPvC
LRvWYjIy6NAYPlqZTXTDYEqmBH8nUDnnzM8zIQ5Uvf75coCTwa8pFjBx3RF25Qso
lLkkvJ34HxEDbsZ8sk2d3mRNdeUTbRfNGrIco1dw8hzJFGkFh1FSl0sAWo21+vW7
pysulaopmFRXNb13lHY1Gjtq8S4Ew/HMdd5wXA945rWVfknf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org