Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c09df3-81fe-457b-b527-239987d4f98c/1/axf_P5psmE5OMjb2Eaf-pwOblQs.roa
File: axf_P5psmE5OMjb2Eaf-pwOblQs.roa (raw, json)
Hash identifier: JYTqLqaqgTsN/wC92A41ddtCpryNvNUcu6dy0ubm02M=
Subject key identifier: 6B:17:FF:3F:9A:6C:98:4E:4E:32:36:F6:11:A7:FE:A7:03:9B:95:0B
Certificate issuer: /CN=82305ee267be68e82b3d5d69c4ed065b2e239fe5
Certificate serial: 01217C04
Authority key identifier: 82:30:5E:E2:67:BE:68:E8:2B:3D:5D:69:C4:ED:06:5B:2E:23:9F:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gjBe4me-aOgrPV1pxO0GWy4jn-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c09df3-81fe-457b-b527-239987d4f98c/1/axf_P5psmE5OMjb2Eaf-pwOblQs.roa
Signing time: Sat 01 Jan 2022 12:54:38 +0000
ROA not before: Sat 01 Jan 2022 12:54:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59437
IP address blocks: 195.211.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18971652 (0x1217c04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82305ee267be68e82b3d5d69c4ed065b2e239fe5
Validity
Not Before: Jan 1 12:54:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b17ff3f9a6c984e4e3236f611a7fea7039b950b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a1:42:5a:cc:0c:ed:8a:ad:84:dd:18:53:c3:
a4:6b:81:a2:d6:b3:2f:9d:41:95:39:e0:c9:e2:27:
b7:0e:4e:fc:85:16:6a:6b:02:d0:0f:b3:79:76:ce:
5e:54:7b:a7:f3:08:7c:23:a7:9c:03:e7:9d:9d:fb:
51:bc:68:52:48:e1:3a:d2:c7:fa:9a:96:9c:5f:a9:
a9:2f:03:e0:80:5f:fb:cb:c2:4e:28:1f:c8:b7:44:
e9:5e:2d:28:6a:1a:4d:3a:6e:aa:d5:88:83:ce:8b:
c9:00:7c:2c:42:91:c8:bb:2b:1c:da:dd:5e:a4:d4:
24:f8:3e:04:fb:0d:89:63:9f:3d:2c:ac:f1:43:51:
67:54:4e:7b:96:f3:2f:98:de:a0:17:87:c1:37:9d:
8b:3c:60:ae:52:11:fc:e3:8c:fe:b4:03:d3:40:47:
9e:9d:cf:12:d9:35:07:30:4c:97:bc:45:d3:67:56:
e6:b0:60:d9:a4:69:ac:f1:9f:af:0b:35:90:d1:a0:
c7:bc:ee:37:9e:a5:70:ee:94:5a:68:49:89:5c:5c:
e2:7a:13:7e:45:de:81:8d:c5:ea:39:e0:96:a6:8f:
d1:f1:a3:67:9b:3b:11:19:ae:ef:65:7b:cc:bf:1e:
8d:e6:57:6d:75:65:51:21:b3:8d:7a:6a:68:11:5c:
d5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:17:FF:3F:9A:6C:98:4E:4E:32:36:F6:11:A7:FE:A7:03:9B:95:0B
X509v3 Authority Key Identifier:
keyid:82:30:5E:E2:67:BE:68:E8:2B:3D:5D:69:C4:ED:06:5B:2E:23:9F:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gjBe4me-aOgrPV1pxO0GWy4jn-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c09df3-81fe-457b-b527-239987d4f98c/1/axf_P5psmE5OMjb2Eaf-pwOblQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c09df3-81fe-457b-b527-239987d4f98c/1/gjBe4me-aOgrPV1pxO0GWy4jn-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.49.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ef:dd:52:41:d7:b7:62:dd:39:23:e0:b4:be:f4:f6:0b:48:
d6:f6:7d:68:2e:74:b8:d7:64:46:ad:f7:ff:cc:f1:02:71:b7:
21:f8:d6:29:d6:c5:d9:e4:cc:f5:12:40:91:78:44:02:fc:ca:
e1:3e:be:e4:21:e4:75:9d:9b:94:9a:b6:73:30:cb:a1:cb:b9:
7c:9d:b8:11:94:9b:75:84:35:a4:cd:12:98:68:ec:7b:e2:8c:
9e:14:11:db:ed:4d:ad:47:bd:c9:f9:44:8a:74:1b:da:62:ae:
d0:e6:47:15:ec:ed:b2:ec:33:c9:b4:86:18:d4:63:41:c7:ea:
f8:e9:84:ce:24:99:5a:7e:9d:4a:7e:8a:0e:97:28:bc:a1:79:
9b:00:ed:50:6c:ed:8e:8c:86:0f:44:76:25:6f:d0:26:56:b6:
eb:48:bc:48:d1:7f:d8:da:5f:8b:fe:ec:d1:00:76:49:8a:a2:
94:9b:75:e6:94:de:2f:e0:6d:3d:cc:dc:ea:b2:8c:0a:40:8c:
03:e4:1b:00:09:b8:7f:49:6b:78:00:69:11:a4:68:92:50:16:
66:bd:0f:0d:1f:43:2b:e3:69:98:01:c6:33:09:ec:56:6c:2d:
ca:2f:93:4a:ba:db:b1:41:20:67:5b:e4:e8:26:dd:c7:98:db:
29:a5:06:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASF8BDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjMwNWVlMjY3YmU2OGU4MmIzZDVkNjljNGVkMDY1YjJlMjM5ZmU1MB4XDTIyMDEw
MTEyNTQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIxN2ZmM2Y5YTZj
OTg0ZTRlMzIzNmY2MTFhN2ZlYTcwMzliOTUwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO2hQlrMDO2KrYTdGFPDpGuBotazL51BlTngyeIntw5O/IUW
amsC0A+zeXbOXlR7p/MIfCOnnAPnnZ37UbxoUkjhOtLH+pqWnF+pqS8D4IBf+8vC
TigfyLdE6V4tKGoaTTpuqtWIg86LyQB8LEKRyLsrHNrdXqTUJPg+BPsNiWOfPSys
8UNRZ1ROe5bzL5jeoBeHwTedizxgrlIR/OOM/rQD00BHnp3PEtk1BzBMl7xF02dW
5rBg2aRprPGfrws1kNGgx7zuN56lcO6UWmhJiVxc4noTfkXegY3F6jnglqaP0fGj
Z5s7ERmu72V7zL8ejeZXbXVlUSGzjXpqaBFc1TkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrF/8/mmyYTk4yNvYRp/6nA5uVCzAfBgNVHSMEGDAWgBSCMF7iZ75o6Cs9
XWnE7QZbLiOf5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dqQmU0bWUtYU9nclBWMXB4TzBHV3k0am4tVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvYzA5ZGYzLTgxZmUtNDU3Yi1iNTI3LTIzOTk4N2Q0Zjk4Yy8x
L2F4Zl9QNXBzbUU1T01qYjJFYWYtcHdPYmxRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
YzA5ZGYzLTgxZmUtNDU3Yi1iNTI3LTIzOTk4N2Q0Zjk4Yy8xL2dqQmU0bWUtYU9n
clBWMXB4TzBHV3k0am4tVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPTMTANBgkqhkiG9w0BAQsFAAOC
AQEAO+/dUkHXt2LdOSPgtL709gtI1vZ9aC50uNdkRq33/8zxAnG3IfjWKdbF2eTM
9RJAkXhEAvzK4T6+5CHkdZ2blJq2czDLocu5fJ24EZSbdYQ1pM0SmGjse+KMnhQR
2+1NrUe9yflEinQb2mKu0OZHFeztsuwzybSGGNRjQcfq+OmEziSZWn6dSn6KDpco
vKF5mwDtUGztjoyGD0R2JW/QJla260i8SNF/2Npfi/7s0QB2SYqilJt15pTeL+Bt
Pczc6rKMCkCMA+QbAAm4f0lreABpEaRoklAWZr0PDR9DK+NpmAHGMwnsVmwtyi+T
SrrbsUEgZ1vk6Cbdx5jbKaUG3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:13 2024 by rpki-client on console-fra.rpki-client.org