Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/2bXuQy9NuHFZdKTERaJuO6pjjPc.roa
File: 2bXuQy9NuHFZdKTERaJuO6pjjPc.roa (raw, json)
Hash identifier: UcA5iY5+SQ2ekMqlbewB0L99WaBRkK8EouBtEB2VbjQ=
Subject key identifier: D9:B5:EE:43:2F:4D:B8:71:59:74:A4:C4:45:A2:6E:3B:AA:63:8C:F7
Certificate issuer: /CN=01292e03a731796e1d7b148b1dd235d144352f5d
Certificate serial: 01FB42E3
Authority key identifier: 01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/2bXuQy9NuHFZdKTERaJuO6pjjPc.roa
Signing time: Mon 13 Jun 2022 11:01:14 +0000
ROA not before: Mon 13 Jun 2022 11:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42337
IP address blocks: 195.96.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33243875 (0x1fb42e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01292e03a731796e1d7b148b1dd235d144352f5d
Validity
Not Before: Jun 13 11:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9b5ee432f4db8715974a4c445a26e3baa638cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:96:46:62:4e:d8:21:0c:1e:b8:f5:c5:8f:dd:
25:87:5d:4b:40:84:0d:07:df:09:fe:0f:c8:b8:74:
ac:0f:e0:5e:c1:1f:e1:8a:aa:5f:b5:19:ca:1d:34:
d8:a7:ec:11:37:4e:9e:52:2a:bb:78:7e:98:62:2e:
22:da:c5:2d:10:69:5e:8f:39:eb:d0:c9:3d:b4:2e:
f0:8c:92:b9:3f:4a:b8:4c:0c:5a:b6:9e:c3:75:81:
f2:f3:42:2c:c7:2b:36:49:27:cb:6c:d9:6b:11:08:
35:a0:06:91:83:59:ae:93:e5:60:73:9b:0c:ef:78:
7d:b6:a8:0a:ea:2f:7b:08:eb:d4:20:60:1e:17:85:
ce:34:90:07:3d:7c:50:5f:61:76:b6:08:1b:e4:0d:
9a:c9:bd:17:21:e0:37:b3:e1:0e:ff:d2:aa:7e:aa:
9d:e1:c9:e2:23:1f:4e:10:69:39:73:be:bf:37:b3:
ea:9a:2e:4e:fb:93:04:3a:8d:ce:83:f6:a0:96:81:
18:a6:b0:18:a5:27:7e:17:e5:3f:86:5e:91:19:fc:
ea:11:19:c2:91:0e:37:d5:de:fc:37:64:3e:58:df:
48:a1:65:49:95:d6:c4:17:85:ba:1f:8d:3b:4d:d6:
00:16:db:62:cd:00:93:81:2d:bf:2e:7d:dc:f7:5d:
55:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B5:EE:43:2F:4D:B8:71:59:74:A4:C4:45:A2:6E:3B:AA:63:8C:F7
X509v3 Authority Key Identifier:
keyid:01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/2bXuQy9NuHFZdKTERaJuO6pjjPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.153.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:ac:f7:f5:b1:ee:17:bb:c3:22:c6:10:5b:00:60:a6:94:37:
fd:65:42:a6:c0:e1:9a:22:1a:a5:44:c6:1f:d9:12:66:ac:32:
bf:93:af:b9:b3:5c:d2:69:2c:3a:5a:8c:08:67:20:b5:22:b1:
65:53:83:29:d9:51:94:03:d8:24:7a:a3:9b:bf:f5:78:5a:3f:
79:b4:ae:d9:49:21:26:b1:e1:52:97:e5:c1:da:04:ad:d9:ff:
11:73:b0:32:3a:24:45:3d:db:72:4f:47:f7:e8:db:fe:26:d2:
52:8d:ab:c2:ed:e5:c8:c0:10:bd:33:ce:c3:a7:40:ba:8f:f3:
69:d4:46:9f:9c:14:ea:17:71:9a:35:85:cd:34:33:74:b0:d9:
0d:f7:d0:80:7c:db:21:b4:11:ab:67:17:20:ae:11:b0:6a:dc:
71:d2:f5:71:da:a8:7e:c2:e1:82:4a:96:4b:c7:02:f9:ac:b0:
e6:e3:2a:bf:04:9a:12:eb:80:8a:4f:83:72:7c:26:9b:e0:13:
4f:28:0c:d3:c7:26:2f:20:0e:60:aa:73:21:a6:1f:d8:c8:fc:
65:01:f8:27:7a:22:ab:6a:29:0f:ce:2d:16:a1:1f:49:10:35:
90:a4:ab:39:a1:19:8b:a2:bf:4b:d2:d6:59:e9:1e:7f:dc:15:
c5:41:12:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAftC4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTI5MmUwM2E3MzE3OTZlMWQ3YjE0OGIxZGQyMzVkMTQ0MzUyZjVkMB4XDTIyMDYx
MzExMDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDliNWVlNDMyZjRk
Yjg3MTU5NzRhNGM0NDVhMjZlM2JhYTYzOGNmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+WRmJO2CEMHrj1xY/dJYddS0CEDQffCf4PyLh0rA/gXsEf
4YqqX7UZyh002KfsETdOnlIqu3h+mGIuItrFLRBpXo8569DJPbQu8IySuT9KuEwM
Wraew3WB8vNCLMcrNkkny2zZaxEINaAGkYNZrpPlYHObDO94fbaoCuovewjr1CBg
HheFzjSQBz18UF9hdrYIG+QNmsm9FyHgN7PhDv/Sqn6qneHJ4iMfThBpOXO+vzez
6pouTvuTBDqNzoP2oJaBGKawGKUnfhflP4ZekRn86hEZwpEON9Xe/DdkPljfSKFl
SZXWxBeFuh+NO03WABbbYs0Ak4Etvy593PddVSUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZte5DL024cVl0pMRFom47qmOM9zAfBgNVHSMEGDAWgBQBKS4DpzF5bh17
FIsd0jXRRDUvXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FTa3VBNmN4ZVc0ZGV4U0xIZEkxMFVRMUwxMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvM2FhMGY1LWVhZTUtNDlhMy04ZWU5LTBkZjdkZjRkNWIwMS8x
LzJiWHVReTlOdUhGWmRLVEVSYUp1TzZwampQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
M2FhMGY1LWVhZTUtNDlhMy04ZWU5LTBkZjdkZjRkNWIwMS8xL0FTa3VBNmN4ZVc0
ZGV4U0xIZEkxMFVRMUwxMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNgmTANBgkqhkiG9w0BAQsFAAOC
AQEAsKz39bHuF7vDIsYQWwBgppQ3/WVCpsDhmiIapUTGH9kSZqwyv5OvubNc0mks
OlqMCGcgtSKxZVODKdlRlAPYJHqjm7/1eFo/ebSu2UkhJrHhUpflwdoErdn/EXOw
MjokRT3bck9H9+jb/ibSUo2rwu3lyMAQvTPOw6dAuo/zadRGn5wU6hdxmjWFzTQz
dLDZDffQgHzbIbQRq2cXIK4RsGrccdL1cdqofsLhgkqWS8cC+ayw5uMqvwSaEuuA
ik+Dcnwmm+ATTygM08cmLyAOYKpzIaYf2Mj8ZQH4J3oiq2opD84tFqEfSRA1kKSr
OaEZi6K/S9LWWekef9wVxUESgw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:19 2023 by rpki-client on console-ams.rpki-client.org