Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf5915-96aa-4dad-af2a-0110272dec17/1/Uo2Vgfa9mo7XswqGizhRsoKfotQ.roa
File: Uo2Vgfa9mo7XswqGizhRsoKfotQ.roa (raw, json)
Hash identifier: NiGV3OyF6nfWYpUk+jZEAlPK31E+7o2q5Y5RS+k+NqQ=
Subject key identifier: 52:8D:95:81:F6:BD:9A:8E:D7:B3:0A:86:8B:38:51:B2:82:9F:A2:D4
Certificate issuer: /CN=004a758a2b0a7e938a9f0dee642cec5e410276b5
Certificate serial: 0182FD5D8165E611765454D6F8AC4BD2CF48
Authority key identifier: 00:4A:75:8A:2B:0A:7E:93:8A:9F:0D:EE:64:2C:EC:5E:41:02:76:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AEp1iisKfpOKnw3uZCzsXkECdrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf5915-96aa-4dad-af2a-0110272dec17/1/Uo2Vgfa9mo7XswqGizhRsoKfotQ.roa
Signing time: Fri 02 Sep 2022 08:42:19 +0000
ROA not before: Fri 02 Sep 2022 08:42:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31103
IP address blocks: 195.160.228.0/24 maxlen: 24
195.160.231.0/24 maxlen: 24
195.160.230.0/24 maxlen: 24
195.160.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:5d:81:65:e6:11:76:54:54:d6:f8:ac:4b:d2:cf:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=004a758a2b0a7e938a9f0dee642cec5e410276b5
Validity
Not Before: Sep 2 08:42:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=528d9581f6bd9a8ed7b30a868b3851b2829fa2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1c:b7:5c:76:96:1f:ec:9c:6a:bb:20:e1:12:
97:79:c8:95:9b:d0:44:79:d0:be:1f:1f:a6:05:91:
a7:2f:c4:2b:8c:d4:bc:8c:5d:5b:cb:5a:6e:c4:ec:
43:5a:6f:f3:9a:46:4c:1c:86:37:08:b1:c7:08:e1:
fd:a8:24:27:50:92:83:dd:e0:b1:b7:fa:71:55:c4:
c4:d0:d3:6c:4c:55:04:7f:a7:28:d9:c3:eb:77:ae:
6c:6a:d7:88:dd:f1:bb:66:45:96:69:6a:e7:0b:af:
1d:95:51:f5:4f:49:fb:74:62:6a:f4:99:0a:25:0b:
83:88:41:56:49:95:62:a6:bc:16:01:af:42:ef:67:
8d:46:20:c6:5d:ba:f5:ce:9a:1a:46:26:c6:03:c9:
18:1c:ae:54:84:c3:a2:b4:64:99:5b:ae:2d:67:77:
ce:24:81:5e:b2:40:cc:5b:91:34:81:06:fc:74:ed:
96:5d:f0:fa:87:b0:30:b4:1a:d9:28:63:19:07:81:
e9:c6:0c:aa:ea:a3:4e:c5:03:2e:6b:3f:9d:ca:47:
db:3f:6c:8b:8c:d4:53:2f:c9:e8:a5:37:55:b4:46:
c9:df:56:57:f9:89:5d:01:09:d4:85:ed:50:cf:7d:
83:56:db:08:5e:f2:2e:f3:5c:99:a9:4d:25:de:53:
b8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:8D:95:81:F6:BD:9A:8E:D7:B3:0A:86:8B:38:51:B2:82:9F:A2:D4
X509v3 Authority Key Identifier:
keyid:00:4A:75:8A:2B:0A:7E:93:8A:9F:0D:EE:64:2C:EC:5E:41:02:76:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEp1iisKfpOKnw3uZCzsXkECdrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf5915-96aa-4dad-af2a-0110272dec17/1/Uo2Vgfa9mo7XswqGizhRsoKfotQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf5915-96aa-4dad-af2a-0110272dec17/1/AEp1iisKfpOKnw3uZCzsXkECdrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.228.0/22
Signature Algorithm: sha256WithRSAEncryption
77:72:d1:14:94:0d:26:4b:f9:95:f3:44:c0:5d:bd:32:4c:c6:
ae:e5:93:ea:55:23:55:73:10:b2:ee:7d:72:3c:a8:21:5c:97:
85:69:dc:05:9c:b9:c7:5b:7c:b0:93:f5:60:0c:fc:00:66:51:
23:46:52:25:4a:85:25:0b:9e:b5:be:fa:45:f3:12:e0:d4:bf:
f9:34:cf:2b:43:64:2d:29:40:60:ee:cd:f3:d8:6f:55:5d:22:
63:ae:dd:d5:9c:77:c3:3b:27:05:6f:bb:d9:fe:ce:00:43:72:
11:3f:25:a8:9c:48:bf:f5:fb:d0:00:6a:c6:1c:f3:08:22:e2:
c9:00:bc:e2:ff:d3:d7:e1:c5:68:b4:8d:26:c9:5f:40:9c:6f:
bc:e5:cf:55:90:cf:b0:73:2f:5b:bd:b9:83:8b:64:77:5c:08:
f3:c3:fb:86:1d:a7:78:4f:b3:f9:30:fa:60:98:0d:7c:d5:6f:
9a:34:ce:5b:e4:e8:70:61:bf:66:8f:eb:12:32:28:ab:c9:bb:
b0:51:52:43:26:d4:db:05:5d:1b:72:8f:d7:f4:a6:a4:e9:77:
69:60:7c:ba:c8:86:16:c1:41:91:89:20:f0:06:b7:5a:0e:50:
3e:e7:1b:3c:64:d5:34:f5:f0:ea:e8:a8:97:2c:e0:75:25:ae:
82:65:36:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL9XYFl5hF2VFTW+KxL0s9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNGE3NThhMmIwYTdlOTM4YTlmMGRlZTY0MmNlYzVlNDEw
Mjc2YjUwHhcNMjIwOTAyMDg0MjE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjhkOTU4MWY2YmQ5YThlZDdiMzBhODY4YjM4NTFiMjgyOWZhMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxy3XHaWH+ycarsg4RKXeciVm9BE
edC+Hx+mBZGnL8QrjNS8jF1by1puxOxDWm/zmkZMHIY3CLHHCOH9qCQnUJKD3eCx
t/pxVcTE0NNsTFUEf6co2cPrd65sateI3fG7ZkWWaWrnC68dlVH1T0n7dGJq9JkK
JQuDiEFWSZViprwWAa9C72eNRiDGXbr1zpoaRibGA8kYHK5UhMOitGSZW64tZ3fO
JIFeskDMW5E0gQb8dO2WXfD6h7AwtBrZKGMZB4Hpxgyq6qNOxQMuaz+dykfbP2yL
jNRTL8nopTdVtEbJ31ZX+YldAQnUhe1Qz32DVtsIXvIu81yZqU0l3lO4NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKNlYH2vZqO17MKhos4UbKCn6LUMB8GA1UdIwQY
MBaAFABKdYorCn6Tip8N7mQs7F5BAna1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUVwMWlpc0tmcE9LbnczdVpDenNYa0VDZHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjU5MTUtOTZhYS00ZGFkLWFmMmEt
MDExMDI3MmRlYzE3LzEvVW8yVmdmYTltbzdYc3dxR2l6aFJzb0tmb3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjU5MTUtOTZhYS00ZGFkLWFmMmEtMDExMDI3MmRlYzE3
LzEvQUVwMWlpc0tmcE9LbnczdVpDenNYa0VDZHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw6DkMA0G
CSqGSIb3DQEBCwUAA4IBAQB3ctEUlA0mS/mV80TAXb0yTMau5ZPqVSNVcxCy7n1y
PKghXJeFadwFnLnHW3ywk/VgDPwAZlEjRlIlSoUlC561vvpF8xLg1L/5NM8rQ2Qt
KUBg7s3z2G9VXSJjrt3VnHfDOycFb7vZ/s4AQ3IRPyWonEi/9fvQAGrGHPMIIuLJ
ALzi/9PX4cVotI0myV9AnG+85c9VkM+wcy9bvbmDi2R3XAjzw/uGHad4T7P5MPpg
mA181W+aNM5b5OhwYb9mj+sSMiirybuwUVJDJtTbBV0bco/X9Kak6XdpYHy6yIYW
wUGRiSDwBrdaDlA+5xs8ZNU09fDq6KiXLOB1Ja6CZTas
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:20 2024 by rpki-client on console-fra.rpki-client.org