Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/1UN4inCVLFDhcG8aLNJjN7DoCjA.roa
File: 1UN4inCVLFDhcG8aLNJjN7DoCjA.roa (raw, json)
Hash identifier: peJVZ8nXm4GS5LWVbGFEavwY4qUNhENyWkqXQfZ+6M4=
Subject key identifier: D5:43:78:8A:70:95:2C:50:E1:70:6F:1A:2C:D2:63:37:B0:E8:0A:30
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 0185187453ABD6BF613962EF335118832763
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/1UN4inCVLFDhcG8aLNJjN7DoCjA.roa
Signing time: Fri 16 Dec 2022 01:02:34 +0000
ROA not before: Fri 16 Dec 2022 01:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3598
IP address blocks: 194.69.96.0/19 maxlen: 19
194.69.100.0/22 maxlen: 24
2a01:110::/32 maxlen: 32
2a01:110:8020::/48 maxlen: 48
2a01:110:8068::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:18:74:53:ab:d6:bf:61:39:62:ef:33:51:18:83:27:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Dec 16 01:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d543788a70952c50e1706f1a2cd26337b0e80a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d2:9a:3f:55:b4:c6:74:c4:57:9c:26:4a:35:
33:7b:e1:aa:f7:26:c8:dc:32:60:68:5f:8b:a2:90:
cc:8d:c0:e0:99:8d:06:3a:6d:f4:94:dd:76:63:93:
d0:62:5e:ab:fa:32:1e:cd:8d:96:6d:45:c1:7e:f8:
d4:c5:06:0e:91:59:94:8f:bf:92:70:e9:62:56:62:
35:c7:6a:eb:f5:5c:eb:65:6a:09:39:1f:81:d7:6d:
9b:76:fd:41:b9:f7:9c:5f:cc:9f:95:2c:d0:18:a7:
76:80:e3:39:1c:f2:57:b3:68:65:2b:9a:83:e4:ff:
39:4f:0c:33:e8:3f:f4:b3:bf:98:0b:5e:68:2e:01:
72:20:03:c3:88:60:a8:57:b7:28:a3:58:71:c6:35:
42:ee:ef:0c:00:ae:f8:38:04:ff:72:23:58:ba:1f:
06:a7:cd:8b:86:ec:1e:10:b7:74:dd:f7:bd:29:f4:
67:55:6e:fe:1f:20:39:0a:5b:0a:4b:25:6d:7c:ee:
e7:d0:92:2c:40:6b:88:d7:22:bc:d5:04:77:f5:fd:
39:e1:f9:c7:23:ab:ad:df:47:41:6f:53:f1:a1:5a:
25:b7:df:cd:bc:f7:0b:41:12:c4:87:86:2a:de:90:
55:da:9f:14:d4:d5:74:6c:6e:3f:fa:54:d8:6a:e2:
00:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:43:78:8A:70:95:2C:50:E1:70:6F:1A:2C:D2:63:37:B0:E8:0A:30
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/1UN4inCVLFDhcG8aLNJjN7DoCjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.96.0/19
IPv6:
2a01:110::/32
Signature Algorithm: sha256WithRSAEncryption
8d:85:46:5a:ca:09:f7:82:ff:05:72:2e:39:eb:55:0b:36:e7:
d4:b5:08:b1:ad:d1:6a:4d:d8:8f:57:11:21:2a:d6:e0:22:2d:
10:ec:8d:7c:fd:11:4f:f2:a5:5b:c8:12:b8:95:fe:1f:bc:13:
30:66:1d:2f:c8:f5:13:6f:43:cd:b6:0e:7b:64:01:a5:9c:79:
ad:6a:c3:f0:38:44:29:e1:0a:ea:13:89:bf:f5:cb:e8:0e:0d:
6e:48:78:9e:7b:67:ad:c4:79:f1:97:9c:fa:b6:c2:f4:9f:48:
bb:2c:78:f5:7c:43:81:87:40:47:76:a3:2b:1f:b1:d3:db:22:
e8:f7:58:8c:1d:e0:d5:2a:d0:d6:e4:4a:e3:3e:cc:03:f6:58:
90:cf:80:7a:01:c6:10:77:50:e8:17:97:dc:06:19:87:6e:2f:
d7:5c:4f:87:52:73:00:f4:ef:7f:7d:16:9b:68:26:e0:14:9e:
b7:3f:d8:d6:51:42:57:0c:78:f8:99:89:cd:b0:d9:a7:ab:c8:
43:32:91:66:2e:52:44:9c:4a:2b:33:d6:7c:c5:4a:94:48:3a:
0c:44:13:5c:0d:39:ee:ba:e6:cf:e2:70:49:5a:45:6b:e6:ad:
a9:3c:fc:07:a1:70:d6:91:6f:97:96:e7:c2:ca:b5:d8:c0:a5:
8d:97:84:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUYdFOr1r9hOWLvM1EYgydjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjIxMjE2MDEwMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQzNzg4YTcwOTUyYzUwZTE3MDZmMWEyY2QyNjMzN2IwZTgwYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytKaP1W0xnTEV5wmSjUze+Gq9ybI
3DJgaF+LopDMjcDgmY0GOm30lN12Y5PQYl6r+jIezY2WbUXBfvjUxQYOkVmUj7+S
cOliVmI1x2rr9VzrZWoJOR+B122bdv1BufecX8yflSzQGKd2gOM5HPJXs2hlK5qD
5P85Twwz6D/0s7+YC15oLgFyIAPDiGCoV7coo1hxxjVC7u8MAK74OAT/ciNYuh8G
p82LhuweELd03fe9KfRnVW7+HyA5ClsKSyVtfO7n0JIsQGuI1yK81QR39f054fnH
I6ut30dBb1PxoVolt9/NvPcLQRLEh4Yq3pBV2p8U1NV0bG4/+lTYauIAAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNVDeIpwlSxQ4XBvGizSYzew6AowMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvMVVONGluQ1ZMRkRoY0c4YUxOSmpON0RvQ2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwkVgMA0E
AgACMAcDBQAqAQEQMA0GCSqGSIb3DQEBCwUAA4IBAQCNhUZaygn3gv8Fci4561UL
NufUtQixrdFqTdiPVxEhKtbgIi0Q7I18/RFP8qVbyBK4lf4fvBMwZh0vyPUTb0PN
tg57ZAGlnHmtasPwOEQp4QrqE4m/9cvoDg1uSHiee2etxHnxl5z6tsL0n0i7LHj1
fEOBh0BHdqMrH7HT2yLo91iMHeDVKtDW5ErjPswD9liQz4B6AcYQd1DoF5fcBhmH
bi/XXE+HUnMA9O9/fRabaCbgFJ63P9jWUUJXDHj4mYnNsNmnq8hDMpFmLlJEnEor
M9Z8xUqUSDoMRBNcDTnuuubP4nBJWkVr5q2pPPwHoXDWkW+XlufCyrXYwKWNl4R6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org