Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/TU0ugcPZzEf5yyEQ391BZMijabw.roa
File: TU0ugcPZzEf5yyEQ391BZMijabw.roa (raw, json)
Hash identifier: DUbiIzFYtImqoyXwoWJAyz5xYLuA+Z0u39H+LJle2Zk=
Subject key identifier: 4D:4D:2E:81:C3:D9:CC:47:F9:CB:21:10:DF:DD:41:64:C8:A3:69:BC
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 018511749D1937FE375DE090D991912E054A
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/TU0ugcPZzEf5yyEQ391BZMijabw.roa
Signing time: Wed 14 Dec 2022 16:25:33 +0000
ROA not before: Wed 14 Dec 2022 16:25:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6900
IP address blocks: 195.203.156.0/22 maxlen: 22
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
195.203.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:74:9d:19:37:fe:37:5d:e0:90:d9:91:91:2e:05:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Dec 14 16:25:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d4d2e81c3d9cc47f9cb2110dfdd4164c8a369bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e1:1d:d0:84:ba:63:28:a2:f0:22:a4:66:ad:
5e:71:93:57:a3:db:2b:d3:f8:7b:4c:3f:23:28:9c:
76:3d:25:a8:5d:0a:94:8e:2d:71:7e:d2:9a:1e:af:
50:81:8d:50:03:14:1f:01:e9:b6:ac:f0:e5:f2:6d:
e4:01:30:ca:fc:d7:2f:30:a2:76:6e:7a:86:ad:6b:
3b:43:b6:e6:ea:09:f6:99:8e:a7:ab:6d:60:e1:ff:
1a:06:64:71:74:c5:18:45:a3:22:23:59:36:91:ad:
0e:58:47:80:d7:cb:93:24:97:5f:d6:71:8a:60:03:
0c:01:51:c0:1a:70:22:09:eb:8c:af:9f:c0:91:41:
02:50:af:58:7f:88:6b:22:d8:f4:35:e9:e2:d0:65:
ef:86:01:79:69:eb:34:81:6c:48:49:1a:9c:92:02:
ee:88:5b:9b:d6:7f:54:6c:e5:b0:d7:a8:ca:16:45:
2a:fd:53:a2:39:9b:25:da:8d:a1:1b:6c:2e:eb:30:
69:ae:0e:c8:e3:90:68:37:73:f2:36:b2:37:aa:20:
e4:e6:61:48:1a:55:27:1c:8c:43:88:47:ff:d6:49:
8c:16:c9:32:a1:2f:5f:62:03:7d:bd:a4:71:c5:51:
ef:b8:34:0e:61:32:a1:bc:98:dc:99:91:93:22:6c:
e0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4D:2E:81:C3:D9:CC:47:F9:CB:21:10:DF:DD:41:64:C8:A3:69:BC
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/TU0ugcPZzEf5yyEQ391BZMijabw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.203.127.0/24
195.203.156.0/22
217.27.4.0/24
217.27.6.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:60:5c:7d:23:9c:ee:0a:58:0d:b7:e8:30:78:de:cc:ea:10:
b2:fb:46:46:aa:3b:11:4c:e7:88:d0:72:bd:89:53:49:f2:df:
be:16:73:5a:d0:d2:24:3b:19:0e:f7:59:33:17:6b:17:99:63:
99:fc:fc:3e:aa:63:53:c4:ac:83:76:ea:78:28:ca:77:4d:92:
23:60:ba:2b:9d:63:03:87:c9:d2:ed:f7:00:fd:d6:70:73:3d:
a9:7e:14:91:05:7f:7e:7c:cd:69:53:ce:40:0c:1e:cb:a6:09:
88:96:96:62:b3:6c:40:b0:e2:1a:23:df:81:da:6c:f9:94:05:
fc:05:66:c1:30:60:ec:90:0b:0d:b4:a8:a3:eb:f6:fa:99:51:
99:89:ca:c9:f6:97:fd:e3:14:c7:26:54:7e:34:1f:b1:c5:fd:
08:d8:10:96:d4:b4:b7:88:e7:79:90:13:7e:67:8e:f9:99:d5:
2e:e3:9e:ad:c0:60:35:dd:dc:46:84:aa:d9:2b:5f:93:e1:00:
ee:7f:ce:3e:70:be:e1:81:65:61:86:b3:c6:23:de:ff:b8:40:
d1:c0:8f:93:b8:76:18:bf:b4:6e:b2:da:e9:cd:c7:ff:cd:26:
05:ab:ef:26:cc:e9:75:bf:d0:a9:31:c4:04:ab:55:31:f6:6c:
c7:42:47:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYURdJ0ZN/43XeCQ2ZGRLgVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjIxMjE0MTYyNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRkMmU4MWMzZDljYzQ3ZjljYjIxMTBkZmRkNDE2NGM4YTM2OWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uEd0IS6Yyii8CKkZq1ecZNXo9sr
0/h7TD8jKJx2PSWoXQqUji1xftKaHq9QgY1QAxQfAem2rPDl8m3kATDK/NcvMKJ2
bnqGrWs7Q7bm6gn2mY6nq21g4f8aBmRxdMUYRaMiI1k2ka0OWEeA18uTJJdf1nGK
YAMMAVHAGnAiCeuMr5/AkUECUK9Yf4hrItj0Neni0GXvhgF5aes0gWxISRqckgLu
iFub1n9UbOWw16jKFkUq/VOiOZsl2o2hG2wu6zBprg7I45BoN3PyNrI3qiDk5mFI
GlUnHIxDiEf/1kmMFskyoS9fYgN9vaRxxVHvuDQOYTKhvJjcmZGTImzgvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE1NLoHD2cxH+cshEN/dQWTIo2m8MB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvVFUwdWdjUFp6RWY1eXlFUTM5MUJaTWlqYWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAw8t/AwQC
w8ucAwQA2RsEAwQB2RsGMA0GCSqGSIb3DQEBCwUAA4IBAQBNYFx9I5zuClgNt+gw
eN7M6hCy+0ZGqjsRTOeI0HK9iVNJ8t++FnNa0NIkOxkO91kzF2sXmWOZ/Pw+qmNT
xKyDdup4KMp3TZIjYLornWMDh8nS7fcA/dZwcz2pfhSRBX9+fM1pU85ADB7LpgmI
lpZis2xAsOIaI9+B2mz5lAX8BWbBMGDskAsNtKij6/b6mVGZicrJ9pf94xTHJlR+
NB+xxf0I2BCW1LS3iOd5kBN+Z475mdUu456twGA13dxGhKrZK1+T4QDuf84+cL7h
gWVhhrPGI97/uEDRwI+TuHYYv7Rustrpzcf/zSYFq+8mzOl1v9CpMcQEq1Ux9mzH
Qkdv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:11 2024 by rpki-client on console-fra.rpki-client.org