Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/K_NgPQm_zOXW4Cb6BmSib35OhaI.roa
File: K_NgPQm_zOXW4Cb6BmSib35OhaI.roa (raw, json)
Hash identifier: koAx7CorxvODd1/FMRi0naM1CSyXXE9VLqcXItFmsO4=
Subject key identifier: 2B:F3:60:3D:09:BF:CC:E5:D6:E0:26:FA:06:64:A2:6F:7E:4E:85:A2
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 0187A367
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/K_NgPQm_zOXW4Cb6BmSib35OhaI.roa
Signing time: Sat 01 Jan 2022 11:54:22 +0000
ROA not before: Sat 01 Jan 2022 11:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50935
IP address blocks: 194.15.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25666407 (0x187a367)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Jan 1 11:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bf3603d09bfcce5d6e026fa0664a26f7e4e85a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b3:c3:5a:f4:4c:3e:83:11:a6:78:9d:10:f1:
9f:f4:cc:7d:21:7c:66:f0:03:95:de:4b:40:cc:92:
cc:34:c4:1d:cd:eb:1e:01:c4:89:65:39:35:3c:a4:
08:8c:d5:e6:c1:99:0d:40:98:f9:9c:be:d9:f5:74:
a7:b5:88:cf:7c:3e:32:c2:e9:a1:d7:fc:3a:3d:ba:
c5:6e:e2:0f:d4:f1:ec:e7:e4:b0:75:dd:f0:b1:96:
37:8b:05:02:e7:88:b4:43:47:2d:38:9b:b2:a6:ee:
25:3d:90:9b:f0:85:5f:cc:0b:78:46:64:f5:04:3b:
e4:53:17:59:b3:bb:25:84:a3:65:47:6e:22:20:02:
40:6c:57:bb:ea:78:cb:54:e7:46:75:5a:69:4d:a8:
6b:34:82:d3:18:dd:69:52:ad:1f:bd:79:f3:7c:78:
03:76:52:bf:db:6e:4b:c8:99:30:36:51:2d:49:15:
b7:87:ad:ae:67:31:ad:ce:90:b5:32:2c:84:ed:12:
54:ca:1a:77:9e:f1:55:84:2b:1e:7a:aa:58:e6:f6:
66:4e:b8:09:63:66:cc:97:5e:ad:82:2b:13:13:ec:
cf:59:a7:02:0f:05:22:2c:59:f7:e8:33:97:d5:15:
30:8a:4d:e0:7a:59:1e:63:81:af:5d:5b:be:b1:31:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F3:60:3D:09:BF:CC:E5:D6:E0:26:FA:06:64:A2:6F:7E:4E:85:A2
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/K_NgPQm_zOXW4Cb6BmSib35OhaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.115.0/24
Signature Algorithm: sha256WithRSAEncryption
92:3d:3a:06:25:00:9f:0f:3e:a1:d1:04:0a:55:ff:05:0f:5a:
36:2c:cd:4d:86:f9:64:34:fa:36:ac:7e:9b:c6:ea:dd:7f:8d:
94:b7:8b:fa:e7:e1:d9:ac:bc:8f:20:7e:b1:62:d0:98:6d:42:
c0:8e:32:c9:92:30:fd:4e:bd:18:ac:f2:f4:eb:f8:f9:58:ef:
70:54:a3:ce:ba:7e:52:b3:65:2a:f2:29:6b:df:49:c6:da:32:
2a:f5:64:9e:3a:c8:a0:d5:cf:c2:5b:13:d6:cc:e3:67:b9:a6:
f9:3d:b0:01:a7:80:fb:92:1f:9b:d9:71:d1:2e:7a:c3:bb:2f:
90:69:e1:b5:70:a8:07:46:da:0d:db:92:2f:a0:a3:ff:72:37:
7e:ed:f3:64:e3:ba:9f:fe:b5:06:97:97:99:04:c9:71:55:36:
f4:10:d3:3b:25:8c:47:47:db:b6:48:2f:80:af:43:74:11:02:
70:9a:bb:bf:4a:4f:ff:11:a4:6d:24:5d:ed:ee:4e:e9:9e:22:
5a:02:48:14:8d:b8:93:b8:83:2d:1f:7f:71:05:62:4b:0c:3a:
58:b2:f1:18:60:dd:49:ba:fb:a6:f5:78:8e:cf:ca:71:ac:00:
5d:73:00:62:f6:b8:8c:81:3e:52:2b:93:2f:25:10:f5:e2:ad:
9e:0d:cb:c1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYejZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWRjOWM1NWUxNTk3ZTg4NTY0ZGFmNTY3ZTVhNDY2NTk3OGM3Yjg1MB4XDTIyMDEw
MTExNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJmMzYwM2QwOWJm
Y2NlNWQ2ZTAyNmZhMDY2NGEyNmY3ZTRlODVhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCzw1r0TD6DEaZ4nRDxn/TMfSF8ZvADld5LQMySzDTEHc3r
HgHEiWU5NTykCIzV5sGZDUCY+Zy+2fV0p7WIz3w+MsLpodf8Oj26xW7iD9Tx7Ofk
sHXd8LGWN4sFAueItENHLTibsqbuJT2Qm/CFX8wLeEZk9QQ75FMXWbO7JYSjZUdu
IiACQGxXu+p4y1TnRnVaaU2oazSC0xjdaVKtH71583x4A3ZSv9tuS8iZMDZRLUkV
t4etrmcxrc6QtTIshO0SVMoad57xVYQrHnqqWOb2Zk64CWNmzJderYIrExPsz1mn
Ag8FIixZ9+gzl9UVMIpN4HpZHmOBr11bvrExxpcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQr82A9Cb/M5dbgJvoGZKJvfk6FojAfBgNVHSMEGDAWgBSF3JxV4Vl+iFZN
r1Z+WkZll4x7hTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hkeWNWZUZaZm9oV1RhOVdmbHBHWlplTWU0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvZjA3ZmJjLTRjMzItNGQ4Ny1hNDI5LTg2ZWExOWQyOTE2My8x
L0tfTmdQUW1fek9YVzRDYjZCbVNpYjM1T2hhSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
ZjA3ZmJjLTRjMzItNGQ4Ny1hNDI5LTg2ZWExOWQyOTE2My8xL2hkeWNWZUZaZm9o
V1RhOVdmbHBHWlplTWU0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIPczANBgkqhkiG9w0BAQsFAAOC
AQEAkj06BiUAnw8+odEEClX/BQ9aNizNTYb5ZDT6Nqx+m8bq3X+NlLeL+ufh2ay8
jyB+sWLQmG1CwI4yyZIw/U69GKzy9Ov4+VjvcFSjzrp+UrNlKvIpa99JxtoyKvVk
njrIoNXPwlsT1szjZ7mm+T2wAaeA+5Ifm9lx0S56w7svkGnhtXCoB0baDduSL6Cj
/3I3fu3zZOO6n/61BpeXmQTJcVU29BDTOyWMR0fbtkgvgK9DdBECcJq7v0pP/xGk
bSRd7e5O6Z4iWgJIFI24k7iDLR9/cQViSww6WLLxGGDdSbr7pvV4js/KcawAXXMA
Yva4jIE+UiuTLyUQ9eKtng3LwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:45 2024 by rpki-client on console-fra.rpki-client.org