Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa
File: Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa (raw, json)
Hash identifier: feRgYePnP4FRET4Okpr+wry21e8+XKvEDAi0y6kKJyY=
Subject key identifier: 0A:BE:C6:56:5E:D9:5B:E3:DE:15:6C:CB:D1:FF:D3:C7:B0:24:57:B3
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 0184C772145274D16EB6D131CA783DAFEA2C
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa
Signing time: Wed 30 Nov 2022 07:30:53 +0000
ROA not before: Wed 30 Nov 2022 07:30:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213354
IP address blocks: 194.15.112.0/24 maxlen: 24
194.15.113.0/24 maxlen: 24
91.228.68.0/22 maxlen: 22
2a11:9c00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:72:14:52:74:d1:6e:b6:d1:31:ca:78:3d:af:ea:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Nov 30 07:30:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0abec6565ed95be3de156ccbd1ffd3c7b02457b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c6:99:8a:3d:8d:e9:c4:31:68:6f:1f:4c:cc:
cb:92:4c:27:bc:21:06:e5:20:97:fe:78:a3:96:a3:
ae:1d:36:b7:f1:de:a0:8b:81:f1:28:ca:79:76:22:
b9:2b:0a:99:90:f9:94:75:2d:11:23:da:88:20:16:
ba:85:0a:ee:e6:3c:53:73:0d:91:f7:2e:46:46:dc:
d9:32:55:21:49:60:62:da:92:e6:23:79:93:4a:ff:
45:e8:1e:ba:33:78:23:a5:98:9c:b4:78:4e:f8:27:
7f:1a:cd:ea:1b:49:dc:e2:06:0b:cf:b7:88:d7:96:
0f:03:13:4a:83:d7:65:e1:7b:86:86:be:f3:e9:e0:
4a:bf:50:d0:8c:3e:01:a3:66:06:d2:73:a4:71:eb:
e6:29:4f:9b:cd:37:17:a2:eb:94:48:ee:a3:d2:e2:
62:4c:ab:2e:32:a4:f4:56:f1:f6:74:ca:f1:6f:a4:
06:9f:de:81:fa:f1:b9:51:53:ee:05:c8:fd:2e:e0:
38:ff:49:8a:50:39:fc:4e:4c:40:5a:c7:4f:3f:ee:
ca:b0:19:a3:ca:ba:03:51:5b:49:36:1d:73:c1:7c:
b6:27:26:3f:a9:d2:91:5d:ac:66:a5:4e:cb:01:c1:
24:69:7b:a3:59:0a:da:ea:4b:d9:32:76:2a:97:39:
fa:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BE:C6:56:5E:D9:5B:E3:DE:15:6C:CB:D1:FF:D3:C7:B0:24:57:B3
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.68.0/22
194.15.112.0/23
IPv6:
2a11:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
4d:55:89:ac:ec:33:95:bd:f4:ac:ba:c5:dd:55:6a:72:04:d7:
1b:da:dc:a6:94:bf:52:f8:e7:64:28:40:fb:06:04:a6:5c:b8:
a4:94:bf:68:e1:61:cd:dc:46:e2:fb:3a:9e:3b:66:83:9f:b2:
51:58:7f:52:11:44:36:ac:74:8f:21:69:f7:4f:ec:87:06:35:
7e:87:13:5f:6f:2d:6f:5b:47:6f:1b:93:62:69:a3:3e:ac:bf:
b2:6f:73:89:d2:86:ea:80:42:9f:78:68:8c:6d:8f:84:e7:17:
1a:22:a0:2f:91:69:4d:61:7e:80:db:4a:d2:73:be:b1:71:11:
30:90:ce:8b:a4:b2:b4:10:24:74:b1:17:ba:1f:1b:1e:0a:cc:
63:c1:f0:5c:7e:13:ff:91:21:6d:35:73:f3:cf:0a:0f:47:93:
3c:e2:fc:49:c8:5c:c9:39:59:c6:b6:f3:e4:37:ae:cf:39:5d:
fc:81:3c:ce:63:bb:e2:aa:bc:b0:d8:c9:b2:6a:60:46:60:d7:
86:a6:2c:1f:23:57:11:29:17:02:e1:8c:6a:bc:a9:52:f3:3e:
0f:e3:6f:6a:cb:24:7e:79:72:da:68:24:3f:81:c8:7f:22:ed:
dc:a1:21:d4:4a:c5:ff:9a:32:c5:22:0f:8f:69:1b:b0:ff:1a:
f5:f2:e5:66
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYTHchRSdNFuttExyng9r+osMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjIxMTMwMDczMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJlYzY1NjVlZDk1YmUzZGUxNTZjY2JkMWZmZDNjN2IwMjQ1N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMaZij2N6cQxaG8fTMzLkkwnvCEG
5SCX/nijlqOuHTa38d6gi4HxKMp5diK5KwqZkPmUdS0RI9qIIBa6hQru5jxTcw2R
9y5GRtzZMlUhSWBi2pLmI3mTSv9F6B66M3gjpZictHhO+Cd/Gs3qG0nc4gYLz7eI
15YPAxNKg9dl4XuGhr7z6eBKv1DQjD4Bo2YG0nOkcevmKU+bzTcXouuUSO6j0uJi
TKsuMqT0VvH2dMrxb6QGn96B+vG5UVPuBcj9LuA4/0mKUDn8TkxAWsdPP+7KsBmj
yroDUVtJNh1zwXy2JyY/qdKRXaxmpU7LAcEkaXujWQra6kvZMnYqlzn66wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAq+xlZe2Vvj3hVsy9H/08ewJFezMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvQ3I3R1ZsN1pXLVBlRld6TDBmX1R4N0FrVjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCW+REAwQB
wg9wMA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0BAQsFAAOCAQEATVWJrOwzlb30
rLrF3VVqcgTXG9rcppS/UvjnZChA+wYEply4pJS/aOFhzdxG4vs6njtmg5+yUVh/
UhFENqx0jyFp90/shwY1focTX28tb1tHbxuTYmmjPqy/sm9zidKG6oBCn3hojG2P
hOcXGiKgL5FpTWF+gNtK0nO+sXERMJDOi6SytBAkdLEXuh8bHgrMY8HwXH4T/5Eh
bTVz888KD0eTPOL8SchcyTlZxrbz5Deuzzld/IE8zmO74qq8sNjJsmpgRmDXhqYs
HyNXESkXAuGMarypUvM+D+Nvasskfnly2mgkP4HIfyLt3KEh1ErF/5oyxSIPj2kb
sP8a9fLlZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:45 2024 by rpki-client on console-fra.rpki-client.org