Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/IpReZFdjk_SpvcDdd3qVIHT_6qw.roa
File: IpReZFdjk_SpvcDdd3qVIHT_6qw.roa (raw, json)
Hash identifier: 3GV8f2eKeYsAbJtgRhMnL6H8HwnsTEemu5JQcKX13OY=
Subject key identifier: 22:94:5E:64:57:63:93:F4:A9:BD:C0:DD:77:7A:95:20:74:FF:EA:AC
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 35B5C5DE
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/IpReZFdjk_SpvcDdd3qVIHT_6qw.roa
Signing time: Wed 19 Jan 2022 20:38:42 +0000
ROA not before: Wed 19 Jan 2022 20:38:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60458
IP address blocks: 192.109.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901105118 (0x35b5c5de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 19 20:38:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22945e64576393f4a9bdc0dd777a952074ffeaac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6d:f1:0b:98:ac:f2:a4:87:ee:18:0f:39:7e:
3f:87:0f:4d:4b:e9:98:35:cd:16:63:dd:53:ca:92:
67:66:22:3c:08:96:54:7f:76:3b:c7:f1:8a:26:ba:
68:f3:99:c7:da:4d:53:4d:25:fc:09:16:e2:bf:e5:
2d:8c:03:50:c4:c6:76:9e:5d:8f:c8:99:6b:f4:f2:
cd:47:39:8d:71:66:81:cf:f1:8d:3b:74:a2:c1:84:
40:a5:e8:4d:96:aa:05:3e:e8:38:92:1a:68:3e:4e:
6d:75:d1:96:30:bd:e9:36:61:fa:87:dd:8c:38:3f:
13:4b:ca:57:32:62:37:c1:ca:dc:dc:2a:5d:22:c4:
a9:29:c7:03:d3:d0:75:1c:d0:b6:b0:0d:89:2e:83:
6e:26:96:78:e2:60:0c:a4:9c:73:2d:2b:4d:5e:d3:
6e:56:d1:d0:f2:9a:33:31:42:11:6f:ae:b5:5e:a3:
9a:1f:bd:ff:d4:34:84:28:47:86:64:0e:77:6d:e5:
63:e5:a0:cf:c0:e7:9d:ba:f8:d6:34:92:41:8e:a1:
86:96:9e:1d:a5:99:89:b3:f8:de:2e:92:18:4d:e2:
c7:79:7e:ac:dc:c3:9a:7e:79:18:1d:53:f9:5f:45:
74:77:48:f9:a2:82:f3:ff:0d:c1:80:04:c5:66:66:
23:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:94:5E:64:57:63:93:F4:A9:BD:C0:DD:77:7A:95:20:74:FF:EA:AC
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/IpReZFdjk_SpvcDdd3qVIHT_6qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:ce:12:92:05:2e:61:28:f3:cd:39:65:a0:a5:d9:68:7a:cf:
cd:4c:1b:07:79:de:d4:17:4e:53:12:19:9a:ef:91:2b:6c:5a:
10:43:6f:82:29:21:5d:c5:74:80:13:2c:5a:44:68:c3:48:f6:
3b:ac:b8:ec:24:52:9f:03:91:1d:ee:3c:20:8c:79:36:b7:ce:
99:df:82:48:0b:98:58:46:6f:4b:11:4e:74:d4:69:a8:60:e7:
79:da:b4:e5:03:2f:ce:ce:ba:5b:b0:84:2d:2b:95:84:77:a5:
5b:75:57:55:9b:4d:b1:47:72:76:79:8d:70:27:0d:6c:3f:8f:
06:98:f1:17:95:4a:43:19:7c:6a:a2:0f:17:28:fa:92:d9:cb:
37:88:b9:3b:05:26:ad:a6:9a:09:ac:ca:81:39:a7:85:c7:6f:
29:f4:23:37:fd:ef:af:0f:4d:27:85:6f:71:92:9e:91:3d:24:
3b:76:ac:a6:48:c8:7c:02:03:88:76:b4:59:f8:49:e4:ab:01:
b7:92:a1:bd:3c:5f:cd:af:d4:5e:ef:ff:c1:85:74:71:8d:60:
c1:24:3d:d4:e9:70:47:f6:3d:24:17:0f:f9:5f:02:ae:ba:f0:
40:9a:1e:0e:5b:65:a5:0b:c3:15:93:3a:ad:1c:a6:19:c6:b3:
df:ea:57:6b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENbXF3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWY1YTEwZTRmZDI2NTVhZGJiYjQwZWRlMThiMjYxNWFjNTU4ZWE5MB4XDTIyMDEx
OTIwMzg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI5NDVlNjQ1NzYz
OTNmNGE5YmRjMGRkNzc3YTk1MjA3NGZmZWFhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9t8QuYrPKkh+4YDzl+P4cPTUvpmDXNFmPdU8qSZ2YiPAiW
VH92O8fxiia6aPOZx9pNU00l/AkW4r/lLYwDUMTGdp5dj8iZa/TyzUc5jXFmgc/x
jTt0osGEQKXoTZaqBT7oOJIaaD5ObXXRljC96TZh+ofdjDg/E0vKVzJiN8HK3Nwq
XSLEqSnHA9PQdRzQtrANiS6DbiaWeOJgDKSccy0rTV7TblbR0PKaMzFCEW+utV6j
mh+9/9Q0hChHhmQOd23lY+Wgz8Dnnbr41jSSQY6hhpaeHaWZibP43i6SGE3ix3l+
rNzDmn55GB1T+V9FdHdI+aKC8/8NwYAExWZmI9UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQilF5kV2OT9Km9wN13epUgdP/qrDAfBgNVHSMEGDAWgBRB9aEOT9JlWtu7
QO3hiyYVrFWOqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmV2hEa19TWlZyYnUwRHQ0WXNtRmF4Vmpxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvOGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8x
L0lwUmVaRmRqa19TcHZjRGRkM3FWSUhUXzZxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
OGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8xL1FmV2hEa19TWlZy
YnUwRHQ0WXNtRmF4Vmpxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBtyDANBgkqhkiG9w0BAQsFAAOC
AQEAq84SkgUuYSjzzTlloKXZaHrPzUwbB3ne1BdOUxIZmu+RK2xaEENvgikhXcV0
gBMsWkRow0j2O6y47CRSnwORHe48IIx5NrfOmd+CSAuYWEZvSxFOdNRpqGDnedq0
5QMvzs66W7CELSuVhHelW3VXVZtNsUdydnmNcCcNbD+PBpjxF5VKQxl8aqIPFyj6
ktnLN4i5OwUmraaaCazKgTmnhcdvKfQjN/3vrw9NJ4VvcZKekT0kO3aspkjIfAID
iHa0WfhJ5KsBt5KhvTxfza/UXu//wYV0cY1gwSQ91OlwR/Y9JBcP+V8CrrrwQJoe
DltlpQvDFZM6rRymGcaz3+pXaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org