Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/7AA8thTt7LNJKcLnUlbP4MhPnI4.roa
File: 7AA8thTt7LNJKcLnUlbP4MhPnI4.roa (raw, json)
Hash identifier: qkg5xdoRUkqon5JHdLtgGFXitGbwXGBpLnF1zDIu+LY=
Subject key identifier: EC:00:3C:B6:14:ED:EC:B3:49:29:C2:E7:52:56:CF:E0:C8:4F:9C:8E
Certificate issuer: /CN=047ef5d6bd3e3594269cba442b3a8d3a14c5df70
Certificate serial: 06F1A97B
Authority key identifier: 04:7E:F5:D6:BD:3E:35:94:26:9C:BA:44:2B:3A:8D:3A:14:C5:DF:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BH711r0-NZQmnLpEKzqNOhTF33A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/7AA8thTt7LNJKcLnUlbP4MhPnI4.roa
Signing time: Thu 30 Jun 2022 11:52:02 +0000
ROA not before: Thu 30 Jun 2022 11:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198537
IP address blocks: 195.14.26.0/24 maxlen: 24
195.14.26.0/23 maxlen: 23
195.14.27.0/24 maxlen: 24
195.14.112.0/24 maxlen: 24
195.14.112.0/23 maxlen: 23
195.14.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116500859 (0x6f1a97b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=047ef5d6bd3e3594269cba442b3a8d3a14c5df70
Validity
Not Before: Jun 30 11:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec003cb614edecb34929c2e75256cfe0c84f9c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:14:11:7a:ff:01:32:53:ed:91:04:05:35:ff:
bb:b2:ca:14:38:bc:20:4e:01:28:2a:c4:32:e5:ad:
ec:e2:39:09:9d:ba:b7:07:8c:03:a8:2f:50:33:eb:
0a:ed:7c:63:30:f1:a3:f4:eb:47:2f:8e:14:65:d8:
97:24:49:81:25:19:0d:7a:53:a7:3d:c0:d8:8e:9c:
ee:c5:41:19:24:56:62:fe:de:25:4a:61:63:7f:df:
c7:55:4d:46:be:1a:91:67:36:13:6c:98:69:f6:c3:
e4:d4:cc:27:22:2a:10:88:ed:e0:17:68:13:08:42:
91:5e:89:82:e5:32:bc:ca:de:43:6c:21:52:f4:07:
09:75:ef:d3:f2:4c:09:92:e0:b9:bc:1b:de:cc:14:
29:b7:c8:96:e0:31:e5:73:4f:12:88:6c:7c:6c:5e:
c4:dc:d5:00:9c:91:77:56:82:c5:24:2d:eb:5d:27:
f8:fc:6d:42:00:ad:40:0b:03:ab:59:4f:78:61:18:
db:9d:57:dd:d4:06:bb:68:82:2a:10:df:26:b1:4a:
35:50:af:b4:1a:34:a3:ed:90:7c:22:ba:fd:de:dc:
e7:72:f0:28:a0:5c:b4:6d:91:09:a2:65:47:a4:56:
ce:4b:28:9b:10:56:e2:d3:1e:12:85:fb:f9:be:c5:
70:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:00:3C:B6:14:ED:EC:B3:49:29:C2:E7:52:56:CF:E0:C8:4F:9C:8E
X509v3 Authority Key Identifier:
keyid:04:7E:F5:D6:BD:3E:35:94:26:9C:BA:44:2B:3A:8D:3A:14:C5:DF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BH711r0-NZQmnLpEKzqNOhTF33A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/7AA8thTt7LNJKcLnUlbP4MhPnI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/BH711r0-NZQmnLpEKzqNOhTF33A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.14.26.0/23
195.14.112.0/23
Signature Algorithm: sha256WithRSAEncryption
80:59:3f:e9:1a:a4:d3:e8:bd:06:0a:fc:77:2e:ff:43:7d:38:
58:5d:85:1f:6e:5d:8b:9f:9d:bf:50:5c:7d:16:2a:83:6e:90:
db:e2:7f:18:dc:fa:7b:29:b7:64:06:66:5d:60:86:14:50:95:
96:22:43:6f:8b:28:da:93:57:1c:cf:f6:da:d9:b1:20:59:85:
60:41:fe:0d:4e:be:9f:38:86:a9:f2:67:3a:58:76:33:1d:aa:
e7:0c:53:49:79:29:fa:cd:27:fc:fe:d7:f2:e2:e7:82:21:44:
e3:f7:1a:b7:b2:20:4f:5f:77:d5:3b:11:91:e6:95:c8:1e:a6:
84:cc:63:21:02:f7:6a:22:dd:d9:ce:e2:59:97:31:f2:b5:48:
1e:e0:22:9c:2d:3a:20:26:e2:63:19:c0:00:f2:fc:c6:6d:34:
ac:f1:de:e9:bc:4f:c3:b8:82:02:3a:e0:ee:5a:c1:79:f9:ee:
98:a5:58:4a:d8:cc:a0:6a:e8:56:2d:f1:6e:5f:ab:db:8c:99:
70:4a:73:77:d7:1f:d2:0c:ad:14:6d:86:04:c9:3e:7e:19:35:
32:ea:64:05:55:43:28:19:35:83:dc:93:21:c5:86:a5:21:4e:
fb:41:b0:24:38:98:f5:8a:e0:a4:df:23:d8:1c:52:a8:0c:00:
da:f8:71:cc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBvGpezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDdlZjVkNmJkM2UzNTk0MjY5Y2JhNDQyYjNhOGQzYTE0YzVkZjcwMB4XDTIyMDYz
MDExNTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMwMDNjYjYxNGVk
ZWNiMzQ5MjljMmU3NTI1NmNmZTBjODRmOWM4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAUEXr/ATJT7ZEEBTX/u7LKFDi8IE4BKCrEMuWt7OI5CZ26
tweMA6gvUDPrCu18YzDxo/TrRy+OFGXYlyRJgSUZDXpTpz3A2I6c7sVBGSRWYv7e
JUphY3/fx1VNRr4akWc2E2yYafbD5NTMJyIqEIjt4BdoEwhCkV6JguUyvMreQ2wh
UvQHCXXv0/JMCZLgubwb3swUKbfIluAx5XNPEohsfGxexNzVAJyRd1aCxSQt610n
+PxtQgCtQAsDq1lPeGEY251X3dQGu2iCKhDfJrFKNVCvtBo0o+2QfCK6/d7c53Lw
KKBctG2RCaJlR6RWzksomxBW4tMeEoX7+b7FcF8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTsADy2FO3ss0kpwudSVs/gyE+cjjAfBgNVHSMEGDAWgBQEfvXWvT41lCac
ukQrOo06FMXfcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JINzExcjAtTlpRbW5McEVLenFOT2hURjMzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNDkyMGZmLTMxM2EtNGJkZi05NmZiLWIzYjNmYjk1MzM3Yi8x
LzdBQTh0aFR0N0xOSktjTG5VbGJQNE1oUG5JNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NDkyMGZmLTMxM2EtNGJkZi05NmZiLWIzYjNmYjk1MzM3Yi8xL0JINzExcjAtTlpR
bW5McEVLenFOT2hURjMzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcMOGgMEAcMOcDANBgkqhkiG9w0B
AQsFAAOCAQEAgFk/6Rqk0+i9Bgr8dy7/Q304WF2FH25di5+dv1BcfRYqg26Q2+J/
GNz6eym3ZAZmXWCGFFCVliJDb4so2pNXHM/22tmxIFmFYEH+DU6+nziGqfJnOlh2
Mx2q5wxTSXkp+s0n/P7X8uLngiFE4/cat7IgT1931TsRkeaVyB6mhMxjIQL3aiLd
2c7iWZcx8rVIHuAinC06ICbiYxnAAPL8xm00rPHe6bxPw7iCAjrg7lrBefnumKVY
StjMoGroVi3xbl+r24yZcEpzd9cf0gytFG2GBMk+fhk1MupkBVVDKBk1g9yTIcWG
pSFO+0GwJDiY9YrgpN8j2BxSqAwA2vhxzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:40 2024 by rpki-client on console-fra.rpki-client.org