Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/4LZk6qpydwkjPSTHoMrU_of3l4E.roa
File: 4LZk6qpydwkjPSTHoMrU_of3l4E.roa (raw, json)
Hash identifier: sYSTw3hx4NBL1C07cma+KtLIHkcZdYqqIHKrTCQbd0Y=
Subject key identifier: E0:B6:64:EA:AA:72:77:09:23:3D:24:C7:A0:CA:D4:FE:87:F7:97:81
Certificate issuer: /CN=01292e03a731796e1d7b148b1dd235d144352f5d
Certificate serial: 01FBE6B8
Authority key identifier: 01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/4LZk6qpydwkjPSTHoMrU_of3l4E.roa
Signing time: Mon 13 Jun 2022 11:05:14 +0000
ROA not before: Mon 13 Jun 2022 11:05:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210547
IP address blocks: 195.96.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33285816 (0x1fbe6b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01292e03a731796e1d7b148b1dd235d144352f5d
Validity
Not Before: Jun 13 11:05:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0b664eaaa727709233d24c7a0cad4fe87f79781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7f:21:fc:80:32:f3:08:e4:df:e3:97:96:2b:
b8:05:a9:50:1a:03:cf:74:eb:df:e1:6a:13:57:94:
a5:20:d5:a7:6c:7c:09:82:68:2c:66:a8:ba:71:9c:
76:65:18:c0:2c:9c:e4:07:06:37:d5:aa:c1:e9:09:
92:57:96:c7:a4:6b:e8:7c:7d:70:42:d1:55:43:7a:
77:d1:a7:c3:f5:16:12:28:2c:d5:5b:32:3c:bd:8f:
2d:d6:d9:0f:60:82:a2:9c:17:49:16:b5:6a:1e:50:
94:8c:a4:4c:9a:65:87:17:75:27:3f:30:c3:04:94:
43:8e:11:a0:dc:14:94:d4:dc:21:44:4c:19:95:b6:
a9:ba:3e:89:90:bd:79:ce:b3:52:f8:2d:a0:e2:55:
01:07:e4:06:c6:80:b4:bb:a2:01:f1:62:a0:9a:3f:
c1:54:72:6e:5c:4b:20:4f:ed:7e:e8:49:b6:0d:b1:
f2:b5:30:35:82:93:9b:a4:01:68:0a:b2:90:bc:d7:
1a:af:93:d3:f3:c3:12:29:7c:4a:95:31:bc:9e:13:
5a:0f:17:0f:6b:58:e9:85:ac:a9:82:05:8c:9b:05:
79:29:99:a1:d4:19:0e:70:23:42:b4:36:3f:6a:97:
30:0e:eb:92:1d:df:9c:79:7f:90:65:69:1b:67:91:
37:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B6:64:EA:AA:72:77:09:23:3D:24:C7:A0:CA:D4:FE:87:F7:97:81
X509v3 Authority Key Identifier:
keyid:01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/4LZk6qpydwkjPSTHoMrU_of3l4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.153.0/24
Signature Algorithm: sha256WithRSAEncryption
77:21:fb:68:19:73:17:7b:c1:e3:a9:dd:4c:52:c1:6e:99:d4:
d9:d8:f4:8f:5a:7b:ed:5d:a7:98:a3:d9:dc:fa:03:29:59:b7:
14:d7:bb:68:08:11:a4:f8:c7:97:51:59:4c:07:ba:a3:64:bf:
68:2c:56:88:f7:67:62:b7:15:fc:b8:6d:40:1b:08:e6:f1:7e:
d8:a8:c8:b4:db:0e:da:15:7b:87:f6:f0:ab:fd:0e:9f:18:f3:
97:6b:f1:0e:39:45:27:a0:1b:4a:64:4e:a1:73:cc:82:16:09:
71:6f:5b:0f:c5:85:37:66:3f:21:a9:de:50:4c:c4:68:b8:b1:
b9:6b:cc:9c:7d:04:59:9a:f5:f9:fa:4b:de:2b:ce:10:bc:1a:
30:bb:54:53:5c:07:5c:33:97:3a:7b:44:51:75:6d:cd:b2:f1:
80:2d:fa:1f:57:b4:8b:97:3e:c6:c4:b5:bd:ec:05:ff:fa:22:
80:66:19:05:99:4b:23:4d:5b:32:fc:26:e0:e5:3a:01:59:eb:
23:e6:26:e3:ed:b1:9e:31:42:ae:cd:e3:04:56:93:9e:f3:80:
bf:27:68:07:ec:83:08:b6:09:6b:56:85:6d:6d:87:08:9b:55:
69:a6:e0:91:78:37:63:9b:ab:d7:f3:45:1e:29:cf:67:92:b2:
57:9c:53:0d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfvmuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTI5MmUwM2E3MzE3OTZlMWQ3YjE0OGIxZGQyMzVkMTQ0MzUyZjVkMB4XDTIyMDYx
MzExMDUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBiNjY0ZWFhYTcy
NzcwOTIzM2QyNGM3YTBjYWQ0ZmU4N2Y3OTc4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPh/IfyAMvMI5N/jl5YruAWpUBoDz3Tr3+FqE1eUpSDVp2x8
CYJoLGaounGcdmUYwCyc5AcGN9WqwekJkleWx6Rr6Hx9cELRVUN6d9Gnw/UWEigs
1VsyPL2PLdbZD2CCopwXSRa1ah5QlIykTJplhxd1Jz8wwwSUQ44RoNwUlNTcIURM
GZW2qbo+iZC9ec6zUvgtoOJVAQfkBsaAtLuiAfFioJo/wVRyblxLIE/tfuhJtg2x
8rUwNYKTm6QBaAqykLzXGq+T0/PDEil8SpUxvJ4TWg8XD2tY6YWsqYIFjJsFeSmZ
odQZDnAjQrQ2P2qXMA7rkh3fnHl/kGVpG2eRNzsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTgtmTqqnJ3CSM9JMegytT+h/eXgTAfBgNVHSMEGDAWgBQBKS4DpzF5bh17
FIsd0jXRRDUvXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FTa3VBNmN4ZVc0ZGV4U0xIZEkxMFVRMUwxMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvM2FhMGY1LWVhZTUtNDlhMy04ZWU5LTBkZjdkZjRkNWIwMS8x
LzRMWms2cXB5ZHdralBTVEhvTXJVX29mM2w0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
M2FhMGY1LWVhZTUtNDlhMy04ZWU5LTBkZjdkZjRkNWIwMS8xL0FTa3VBNmN4ZVc0
ZGV4U0xIZEkxMFVRMUwxMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNgmTANBgkqhkiG9w0BAQsFAAOC
AQEAdyH7aBlzF3vB46ndTFLBbpnU2dj0j1p77V2nmKPZ3PoDKVm3FNe7aAgRpPjH
l1FZTAe6o2S/aCxWiPdnYrcV/LhtQBsI5vF+2KjItNsO2hV7h/bwq/0Onxjzl2vx
DjlFJ6AbSmROoXPMghYJcW9bD8WFN2Y/IaneUEzEaLixuWvMnH0EWZr1+fpL3ivO
ELwaMLtUU1wHXDOXOntEUXVtzbLxgC36H1e0i5c+xsS1vewF//oigGYZBZlLI01b
Mvwm4OU6AVnrI+Ym4+2xnjFCrs3jBFaTnvOAvydoB+yDCLYJa1aFbW2HCJtVaabg
kXg3Y5ur1/NFHinPZ5KyV5xTDQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:25 2023 by rpki-client on console-fra.rpki-client.org