Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5fbda6-bfce-4d9d-a4db-871540330859/1/kZRicq61UvKdAewPktgIFuByJR0.roa
File: kZRicq61UvKdAewPktgIFuByJR0.roa (raw, json)
Hash identifier: vZDXuN4j6gAgY1Nns04rfwhl0Qnt2ikLFvTcWtAmXuo=
Subject key identifier: 91:94:62:72:AE:B5:52:F2:9D:01:EC:0F:92:D8:08:16:E0:72:25:1D
Certificate issuer: /CN=fe707e776730c2c2ecba6b9ee957212ad58d5cdb
Certificate serial: 021741
Authority key identifier: FE:70:7E:77:67:30:C2:C2:EC:BA:6B:9E:E9:57:21:2A:D5:8D:5C:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_nB-d2cwwsLsumue6VchKtWNXNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5fbda6-bfce-4d9d-a4db-871540330859/1/kZRicq61UvKdAewPktgIFuByJR0.roa
Signing time: Mon 02 May 2022 11:03:47 +0000
ROA not before: Mon 02 May 2022 11:03:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 194.176.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137025 (0x21741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe707e776730c2c2ecba6b9ee957212ad58d5cdb
Validity
Not Before: May 2 11:03:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91946272aeb552f29d01ec0f92d80816e072251d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:62:e5:a0:68:04:41:08:da:6c:02:7e:ba:
e6:97:02:d9:cb:73:c2:73:0b:6d:71:b2:b4:4e:2d:
ce:51:a0:53:67:ba:da:e9:3b:fd:de:cf:08:91:7e:
91:9e:19:76:e1:f9:f9:2e:47:be:87:b7:0f:0f:be:
0f:d4:86:65:f1:37:22:89:45:c9:f3:05:33:70:a7:
45:33:cc:95:02:c2:9a:b4:81:0a:15:c5:e3:26:87:
77:1d:d3:39:80:5c:94:f3:c0:11:7c:56:b9:3f:4a:
f2:7a:de:41:03:b9:66:82:aa:65:44:65:c8:35:5a:
42:50:35:92:7c:21:ca:e2:91:3e:68:f9:09:e1:e6:
78:ef:21:65:11:73:b3:30:c2:fb:30:b1:2f:0d:d1:
31:f3:85:54:34:e9:4b:4b:02:8f:5f:dd:44:2e:96:
6b:ea:f7:91:83:f9:41:1d:dc:a7:64:84:9c:c2:10:
d3:46:4f:1d:86:43:1f:2c:cc:5e:6c:eb:85:7a:ea:
d8:e0:64:03:27:58:aa:9d:3e:fa:c0:c7:47:8a:ff:
2c:65:05:8a:f6:de:27:91:ee:bb:9a:10:1e:a6:58:
c3:7e:5b:43:40:70:2b:66:76:87:d0:3f:98:16:b6:
c8:c3:c1:fb:07:93:8f:ba:b5:12:94:79:e3:da:59:
dd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:94:62:72:AE:B5:52:F2:9D:01:EC:0F:92:D8:08:16:E0:72:25:1D
X509v3 Authority Key Identifier:
keyid:FE:70:7E:77:67:30:C2:C2:EC:BA:6B:9E:E9:57:21:2A:D5:8D:5C:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_nB-d2cwwsLsumue6VchKtWNXNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5fbda6-bfce-4d9d-a4db-871540330859/1/kZRicq61UvKdAewPktgIFuByJR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5fbda6-bfce-4d9d-a4db-871540330859/1/_nB-d2cwwsLsumue6VchKtWNXNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.191.0/24
Signature Algorithm: sha256WithRSAEncryption
23:34:28:da:2f:64:57:3b:be:4a:e8:b5:21:5e:dd:bb:de:96:
16:7e:b6:dc:7f:8d:3b:4c:40:bb:92:6a:8a:e1:7b:3c:7c:0d:
8f:7e:fe:b8:95:19:39:36:aa:d8:c3:72:c0:98:59:e2:dc:65:
a2:a0:89:5a:45:75:65:95:d1:ac:6e:02:4c:a3:0c:98:fa:31:
69:e5:ba:a7:78:b1:56:af:6e:52:f4:ff:cf:13:18:04:62:c3:
74:f5:5d:42:de:6b:ef:63:1d:15:da:7f:59:ca:06:0d:91:83:
03:48:b0:ef:57:60:57:54:17:7a:3f:89:3a:7c:4f:40:1c:3b:
49:89:2c:93:96:e5:c6:bb:82:a0:68:7d:0a:7a:50:e6:b6:b6:
bd:b5:7a:53:93:87:50:4b:32:cc:98:b4:c1:e9:ab:33:cf:22:
38:0e:53:aa:6b:e7:34:4e:02:73:15:3b:28:76:74:d4:6f:cd:
f6:69:90:09:ab:1a:4f:80:36:44:ac:9c:25:9c:da:56:66:a2:
fe:73:e3:d0:fe:35:34:8f:44:e4:a6:d5:d3:c8:ec:82:19:a3:
38:78:01:09:39:70:d3:2b:6c:2d:32:5d:65:6f:36:d0:d1:19:
af:f5:34:31:21:94:51:6b:1e:75:83:c6:c4:db:4a:cb:66:7e:
16:a7:23:62
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAhdBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZl
NzA3ZTc3NjczMGMyYzJlY2JhNmI5ZWU5NTcyMTJhZDU4ZDVjZGIwHhcNMjIwNTAy
MTEwMzQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5MTk0NjI3MmFlYjU1
MmYyOWQwMWVjMGY5MmQ4MDgxNmUwNzIyNTFkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtFZi5aBoBEEI2mwCfrrmlwLZy3PCcwttcbK0Ti3OUaBTZ7ra
6Tv93s8IkX6Rnhl24fn5Lke+h7cPD74P1IZl8TciiUXJ8wUzcKdFM8yVAsKatIEK
FcXjJod3HdM5gFyU88ARfFa5P0ryet5BA7lmgqplRGXINVpCUDWSfCHK4pE+aPkJ
4eZ47yFlEXOzMML7MLEvDdEx84VUNOlLSwKPX91ELpZr6veRg/lBHdynZIScwhDT
Rk8dhkMfLMxebOuFeurY4GQDJ1iqnT76wMdHiv8sZQWK9t4nke67mhAepljDfltD
QHArZnaH0D+YFrbIw8H7B5OPurUSlHnj2lnd8QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJGUYnKutVLynQHsD5LYCBbgciUdMB8GA1UdIwQYMBaAFP5wfndnMMLC7Lpr
nulXISrVjVzbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
X25CLWQyY3d3c0xzdW11ZTZWY2hLdFdOWE5zLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lOC81ZmJkYTYtYmZjZS00ZDlkLWE0ZGItODcxNTQwMzMwODU5LzEv
a1pSaWNxNjFVdktkQWV3UGt0Z0lGdUJ5SlIwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81
ZmJkYTYtYmZjZS00ZDlkLWE0ZGItODcxNTQwMzMwODU5LzEvX25CLWQyY3d3c0xz
dW11ZTZWY2hLdFdOWE5zLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrC/MA0GCSqGSIb3DQEBCwUAA4IB
AQAjNCjaL2RXO75K6LUhXt273pYWfrbcf407TEC7kmqK4Xs8fA2Pfv64lRk5NqrY
w3LAmFni3GWioIlaRXVlldGsbgJMowyY+jFp5bqneLFWr25S9P/PExgEYsN09V1C
3mvvYx0V2n9ZygYNkYMDSLDvV2BXVBd6P4k6fE9AHDtJiSyTluXGu4KgaH0KelDm
tra9tXpTk4dQSzLMmLTB6aszzyI4DlOqa+c0TgJzFTsodnTUb832aZAJqxpPgDZE
rJwlnNpWZqL+c+PQ/jU0j0TkptXTyOyCGaM4eAEJOXDTK2wtMl1lbzbQ0Rmv9TQx
IZRRax51g8bE20rLZn4WpyNi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:14 2024 by rpki-client on console-ams.rpki-client.org