Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/714b48-6468-4d45-9fff-69367f9a5fc9/1/AkzfC2olunPICv8ldWYGqCkpEhs.roa
File: AkzfC2olunPICv8ldWYGqCkpEhs.roa (raw, json)
Hash identifier: HyA7X6DQJkjHhWFTtedThrhKnFnXhzm9Jvt93iW0hGI=
Subject key identifier: 02:4C:DF:0B:6A:25:BA:73:C8:0A:FF:25:75:66:06:A8:29:29:12:1B
Certificate issuer: /CN=db7fd26ca5f791470b0b729b72f61f800058a322
Certificate serial: 04EB907E
Authority key identifier: DB:7F:D2:6C:A5:F7:91:47:0B:0B:72:9B:72:F6:1F:80:00:58:A3:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23_SbKX3kUcLC3KbcvYfgABYoyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/714b48-6468-4d45-9fff-69367f9a5fc9/1/AkzfC2olunPICv8ldWYGqCkpEhs.roa
Signing time: Sat 01 Jan 2022 02:00:46 +0000
ROA not before: Sat 01 Jan 2022 02:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204810
IP address blocks: 94.142.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82546814 (0x4eb907e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db7fd26ca5f791470b0b729b72f61f800058a322
Validity
Not Before: Jan 1 02:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=024cdf0b6a25ba73c80aff25756606a82929121b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:1f:b8:37:79:9c:42:aa:7f:5e:0e:eb:9d:bd:
da:50:9f:18:65:8c:0d:b0:df:34:55:62:4c:93:4f:
f2:d0:a3:b5:15:43:d7:3c:fe:b4:d0:47:e4:07:d0:
37:f6:9c:3a:8d:fe:1c:17:b2:a9:62:5f:c8:fd:7e:
ce:3b:1c:b1:8a:cd:e6:8f:12:a6:8a:ba:62:ad:3a:
19:0b:5f:7f:b2:56:f7:ed:f2:b8:e9:8c:a1:da:5a:
b5:5a:6a:c7:7b:5f:bd:ad:03:4a:0e:a7:2b:be:67:
80:22:19:f6:c0:4c:63:97:97:22:0c:b4:84:77:9f:
5c:8b:c9:29:1a:90:d3:c7:35:d3:f5:41:bb:cc:57:
d5:64:04:d2:d8:ea:56:1e:4c:15:5d:af:fc:ac:60:
41:a1:ce:09:b9:bf:58:75:69:15:62:63:24:3c:26:
ef:2f:21:e6:0e:78:fa:f9:bf:6b:d3:0c:a1:1e:13:
7f:0a:70:43:0b:b6:bc:c2:46:d2:84:85:eb:54:11:
51:65:e7:4e:1c:8c:f2:95:83:9b:30:44:3e:38:94:
4a:ee:30:83:f2:d0:18:da:2c:b8:5a:5c:49:89:bf:
0f:a9:db:87:8e:a2:9c:69:0a:a8:2a:4f:bd:cb:90:
9d:0f:ce:78:f6:e2:71:c0:6d:35:63:6d:7e:e6:3d:
ae:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4C:DF:0B:6A:25:BA:73:C8:0A:FF:25:75:66:06:A8:29:29:12:1B
X509v3 Authority Key Identifier:
keyid:DB:7F:D2:6C:A5:F7:91:47:0B:0B:72:9B:72:F6:1F:80:00:58:A3:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23_SbKX3kUcLC3KbcvYfgABYoyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/714b48-6468-4d45-9fff-69367f9a5fc9/1/AkzfC2olunPICv8ldWYGqCkpEhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/714b48-6468-4d45-9fff-69367f9a5fc9/1/23_SbKX3kUcLC3KbcvYfgABYoyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:91:a8:0f:b8:e1:32:bb:23:56:87:ff:1b:3a:db:67:8b:e1:
78:73:ca:ac:aa:ad:ef:7b:92:ce:42:08:07:56:f9:83:9d:ad:
26:65:cd:89:2e:1f:15:9c:ef:d5:a1:ea:ce:b7:ae:5b:bd:72:
c6:7c:1e:6c:07:01:7e:fb:3c:7f:46:a2:12:71:71:af:1a:38:
a3:07:92:99:90:72:4a:d3:51:14:83:65:c2:dd:da:2b:38:b1:
f9:df:09:c4:32:5e:d6:b5:27:51:d6:0c:28:d0:fd:af:27:6b:
b4:df:9e:dd:37:32:43:24:42:5c:d7:33:cc:b9:3a:d6:37:bc:
77:0f:b8:98:e6:0c:22:46:c6:d5:0b:bc:c9:ba:f3:d9:9d:fb:
d3:83:e7:83:30:ff:53:4f:dd:03:c8:43:9b:2d:95:80:87:7a:
86:c7:f2:dc:dd:8b:4b:8d:49:83:1f:44:fc:43:33:9f:ca:8b:
72:f7:33:bd:d4:f9:ef:fd:b7:24:5f:cb:ed:eb:f0:94:ee:b9:
07:67:d9:6a:11:ae:33:27:ff:d6:9a:07:27:cb:49:e7:7a:c9:
88:bc:26:11:5b:da:63:97:d0:ac:5c:67:87:45:cf:be:d0:0c:
46:e8:df:3a:a2:e8:c7:70:cb:cb:4b:92:b0:0d:09:08:ec:52:
fc:b6:76:a1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBOuQfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YjdmZDI2Y2E1Zjc5MTQ3MGIwYjcyOWI3MmY2MWY4MDAwNThhMzIyMB4XDTIyMDEw
MTAyMDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI0Y2RmMGI2YTI1
YmE3M2M4MGFmZjI1NzU2NjA2YTgyOTI5MTIxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPYfuDd5nEKqf14O65292lCfGGWMDbDfNFViTJNP8tCjtRVD
1zz+tNBH5AfQN/acOo3+HBeyqWJfyP1+zjscsYrN5o8Spoq6Yq06GQtff7JW9+3y
uOmModpatVpqx3tfva0DSg6nK75ngCIZ9sBMY5eXIgy0hHefXIvJKRqQ08c10/VB
u8xX1WQE0tjqVh5MFV2v/KxgQaHOCbm/WHVpFWJjJDwm7y8h5g54+vm/a9MMoR4T
fwpwQwu2vMJG0oSF61QRUWXnThyM8pWDmzBEPjiUSu4wg/LQGNosuFpcSYm/D6nb
h46inGkKqCpPvcuQnQ/OePbiccBtNWNtfuY9rvECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQCTN8LaiW6c8gK/yV1ZgaoKSkSGzAfBgNVHSMEGDAWgBTbf9JspfeRRwsL
cpty9h+AAFijIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzIzX1NiS1gza1VjTEMzS2JjdllmZ0FCWW95SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNzE0YjQ4LTY0NjgtNGQ0NS05ZmZmLTY5MzY3ZjlhNWZjOS8x
L0FremZDMm9sdW5QSUN2OGxkV1lHcUNrcEVocy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NzE0YjQ4LTY0NjgtNGQ0NS05ZmZmLTY5MzY3ZjlhNWZjOS8xLzIzX1NiS1gza1Vj
TEMzS2JjdllmZ0FCWW95SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF6OgTANBgkqhkiG9w0BAQsFAAOC
AQEAn5GoD7jhMrsjVof/GzrbZ4vheHPKrKqt73uSzkIIB1b5g52tJmXNiS4fFZzv
1aHqzreuW71yxnwebAcBfvs8f0aiEnFxrxo4oweSmZByStNRFINlwt3aKzix+d8J
xDJe1rUnUdYMKND9rydrtN+e3TcyQyRCXNczzLk61je8dw+4mOYMIkbG1Qu8ybrz
2Z3704PngzD/U0/dA8hDmy2VgId6hsfy3N2LS41Jgx9E/EMzn8qLcvczvdT57/23
JF/L7evwlO65B2fZahGuMyf/1poHJ8tJ53rJiLwmEVvaY5fQrFxnh0XPvtAMRujf
OqLox3DLy0uSsA0JCOxS/LZ2oQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:59 2024 by rpki-client on console-ams.rpki-client.org