Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ffWu0dTj8n7Rye9edyGyP8z-R2g.roa
File: ffWu0dTj8n7Rye9edyGyP8z-R2g.roa (raw, json)
Hash identifier: 5qKfMGfzwql3yWcX5pD2/ZKYtFg1lDjwA3AYe/q8ooE=
Subject key identifier: 7D:F5:AE:D1:D4:E3:F2:7E:D1:C9:EF:5E:77:21:B2:3F:CC:FE:47:68
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184AD6B70D1DAC724DEB11A577AA90752C6
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ffWu0dTj8n7Rye9edyGyP8z-R2g.roa
Signing time: Fri 25 Nov 2022 06:13:30 +0000
ROA not before: Fri 25 Nov 2022 06:13:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 88.151.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:6b:70:d1:da:c7:24:de:b1:1a:57:7a:a9:07:52:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 25 06:13:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7df5aed1d4e3f27ed1c9ef5e7721b23fccfe4768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:c7:be:e7:7c:0e:c3:ba:54:16:84:bf:6e:
eb:ba:9a:7e:8e:7b:03:69:f5:42:26:55:31:b5:37:
e3:dd:7f:50:0a:97:a0:c3:81:ed:96:90:a1:ad:b0:
ab:d7:34:84:18:3a:93:8f:c6:27:f5:c3:33:9d:c5:
cf:bf:d6:45:95:dc:76:ec:8f:00:07:a5:54:b7:49:
c2:52:27:12:05:d0:b6:11:28:15:19:b6:9f:f8:ec:
c1:0a:d4:4f:7f:58:54:de:05:e3:43:9c:cf:91:e4:
d3:74:38:e6:99:ab:1c:ea:2e:33:75:fb:e9:6b:7e:
31:54:74:d1:41:27:2d:4e:61:6e:9a:ab:e7:e2:c8:
9e:96:04:4c:b5:4a:ea:04:b4:81:52:a6:55:19:fd:
ef:c7:da:ef:fb:e8:d1:da:14:4f:74:02:0c:5e:23:
c9:5c:6c:59:ba:2d:c1:61:94:18:38:9f:71:7f:d2:
c5:2a:44:04:ab:1a:5a:5a:13:82:f5:99:d0:5e:39:
26:55:cf:68:c2:8b:8a:5a:7e:d0:f9:3d:63:6a:08:
2d:2d:dd:dd:33:41:f1:97:76:6f:a1:39:0c:89:43:
25:29:4a:78:55:8c:bb:d5:19:57:f4:34:6e:c2:a4:
21:e0:54:42:aa:34:c3:ff:72:a1:7e:17:35:6f:39:
e8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F5:AE:D1:D4:E3:F2:7E:D1:C9:EF:5E:77:21:B2:3F:CC:FE:47:68
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ffWu0dTj8n7Rye9edyGyP8z-R2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.199.0/24
Signature Algorithm: sha256WithRSAEncryption
54:9a:99:6a:c5:f2:92:a6:bd:c8:30:1a:ea:a2:7f:31:be:89:
b7:cf:ae:d9:2d:4c:10:0c:db:ed:d9:16:f1:de:e3:72:1b:f1:
14:7a:ef:ae:bf:5d:c6:5b:59:4e:11:57:c6:4a:cf:b2:0d:f5:
a6:99:31:ae:a1:e7:fd:2a:18:f0:b7:e2:97:1c:52:d3:59:d2:
9c:0b:33:94:8b:c4:33:5c:9a:68:6e:57:8a:1d:08:40:52:05:
c3:5b:44:e4:32:f5:31:34:41:c7:18:74:e3:1f:b3:10:14:88:
d9:5e:a2:43:4b:a0:0e:b5:09:7a:7a:35:50:04:28:0a:52:f5:
b9:8f:f7:c8:6a:b1:3d:92:82:0b:f0:9e:2d:f3:d5:ef:49:8b:
f5:44:75:61:fd:2c:26:85:c1:02:e9:18:a8:87:ca:02:8b:2a:
54:a5:e1:0b:37:73:37:d8:ac:5a:6b:84:9c:35:7f:40:93:ac:
9f:3c:e9:e7:72:0b:fe:11:23:5f:dd:67:4e:10:b5:1f:ed:24:
c5:a0:fe:56:81:d9:be:5a:d6:82:98:29:47:c3:01:0d:76:47:
15:f5:b1:e4:0e:fe:0d:31:9f:33:91:c3:c2:f2:c0:e7:d5:d3:
c4:57:78:59:97:ed:cf:60:a6:28:ee:1a:55:dc:42:41:6f:5c:
24:44:9d:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSta3DR2sck3rEaV3qpB1LGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTI1MDYxMzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGY1YWVkMWQ0ZTNmMjdlZDFjOWVmNWU3NzIxYjIzZmNjZmU0NzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiXHvud8DsO6VBaEv27rupp+jnsD
afVCJlUxtTfj3X9QCpegw4HtlpChrbCr1zSEGDqTj8Yn9cMzncXPv9ZFldx27I8A
B6VUt0nCUicSBdC2ESgVGbaf+OzBCtRPf1hU3gXjQ5zPkeTTdDjmmasc6i4zdfvp
a34xVHTRQSctTmFumqvn4sielgRMtUrqBLSBUqZVGf3vx9rv++jR2hRPdAIMXiPJ
XGxZui3BYZQYOJ9xf9LFKkQEqxpaWhOC9ZnQXjkmVc9owouKWn7Q+T1jaggtLd3d
M0Hxl3ZvoTkMiUMlKUp4VYy71RlX9DRuwqQh4FRCqjTD/3Khfhc1bzno1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH31rtHU4/J+0cnvXnchsj/M/kdoMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvZmZXdTBkVGo4bjdSeWU5ZWR5R3lQOHotUjJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJfHMA0G
CSqGSIb3DQEBCwUAA4IBAQBUmplqxfKSpr3IMBrqon8xvom3z67ZLUwQDNvt2Rbx
3uNyG/EUeu+uv13GW1lOEVfGSs+yDfWmmTGuoef9Khjwt+KXHFLTWdKcCzOUi8Qz
XJpobleKHQhAUgXDW0TkMvUxNEHHGHTjH7MQFIjZXqJDS6AOtQl6ejVQBCgKUvW5
j/fIarE9koIL8J4t89XvSYv1RHVh/SwmhcEC6Rioh8oCiypUpeELN3M32Kxaa4Sc
NX9Ak6yfPOnncgv+ESNf3WdOELUf7STFoP5Wgdm+WtaCmClHwwENdkcV9bHkDv4N
MZ8zkcPC8sDn1dPEV3hZl+3PYKYo7hpV3EJBb1wkRJ03
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org