Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/d_bFIqOYadL0bKx5VmMJjqq5iWE.roa
File: d_bFIqOYadL0bKx5VmMJjqq5iWE.roa (raw, json)
Hash identifier: HGM5L+NjscnxbJT+UvEoMjrgQptvO1r1Gvuq+AA41Do=
Subject key identifier: 77:F6:C5:22:A3:98:69:D2:F4:6C:AC:79:56:63:09:8E:AA:B9:89:61
Certificate issuer: /CN=d4c0d694d59d7d36ba421a3050f4ec7dd3781efd
Certificate serial: 01833FF35EB1B2CB84DE958E617F659653EB
Authority key identifier: D4:C0:D6:94:D5:9D:7D:36:BA:42:1A:30:50:F4:EC:7D:D3:78:1E:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MDWlNWdfTa6QhowUPTsfdN4Hv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/d_bFIqOYadL0bKx5VmMJjqq5iWE.roa
Signing time: Thu 15 Sep 2022 07:00:57 +0000
ROA not before: Thu 15 Sep 2022 07:00:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39121
IP address blocks: 195.66.89.0/24 maxlen: 24
193.105.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3f:f3:5e:b1:b2:cb:84:de:95:8e:61:7f:65:96:53:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c0d694d59d7d36ba421a3050f4ec7dd3781efd
Validity
Not Before: Sep 15 07:00:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77f6c522a39869d2f46cac795663098eaab98961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:71:66:7f:7c:12:26:1e:8c:9f:b0:ab:ca:69:
87:36:d9:74:35:c7:33:e1:78:cb:8f:25:b0:61:2f:
bd:b7:0d:51:90:2b:10:43:03:2f:e6:cb:09:94:9b:
c7:24:6d:ee:60:a0:75:58:86:98:50:dd:5d:3c:87:
f7:e6:a8:59:26:98:d6:cc:92:71:33:c3:46:16:8d:
dd:71:01:8a:12:19:f3:8b:cb:f8:85:fe:7f:0a:90:
67:30:d0:50:12:a9:42:ac:06:f4:ce:26:37:6a:eb:
5d:fc:14:81:37:5d:48:c3:96:a8:dc:32:06:92:00:
66:18:a0:f1:60:71:e8:e8:f8:86:85:5d:56:08:8b:
52:9a:39:01:a8:87:38:5c:1d:1e:85:3d:97:d3:db:
eb:47:a1:f3:9e:fb:42:b9:51:8b:24:43:9a:82:82:
58:7c:0e:38:6e:52:63:b2:f4:fe:66:dd:50:f8:f6:
84:d2:af:bf:a9:d8:93:bf:4a:1e:d0:88:0f:48:fd:
76:93:a0:1b:1f:30:8e:8d:b2:94:b7:03:53:9d:43:
9a:e1:af:88:dc:bd:9a:c7:f2:66:a6:61:ba:20:5c:
90:17:dc:98:79:f3:ae:45:48:4b:63:8a:3c:15:73:
85:d7:92:7f:96:a6:2d:0b:88:a3:0f:9d:ae:e2:96:
c2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F6:C5:22:A3:98:69:D2:F4:6C:AC:79:56:63:09:8E:AA:B9:89:61
X509v3 Authority Key Identifier:
keyid:D4:C0:D6:94:D5:9D:7D:36:BA:42:1A:30:50:F4:EC:7D:D3:78:1E:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MDWlNWdfTa6QhowUPTsfdN4Hv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/d_bFIqOYadL0bKx5VmMJjqq5iWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/1MDWlNWdfTa6QhowUPTsfdN4Hv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.126.0/24
195.66.89.0/24
Signature Algorithm: sha256WithRSAEncryption
74:8f:6c:91:dd:5f:79:4b:e5:be:d4:df:3a:89:f2:4e:89:0d:
31:a2:fe:b9:11:92:7a:50:1a:7e:95:72:34:b5:0d:db:a6:ac:
65:e0:2c:41:f1:d0:06:27:51:53:2d:54:1c:67:8d:61:e6:21:
33:70:9e:40:61:6a:2f:90:6a:d2:ed:6d:b9:31:c1:c7:56:a6:
f1:11:98:51:57:60:5b:64:af:4c:04:9e:ae:aa:bb:f4:cd:0a:
5f:b3:74:d7:61:17:b0:0c:d5:dc:6a:3b:0e:e6:5c:3b:18:17:
e4:84:e5:d1:12:06:d6:7e:d2:a3:a5:48:5d:ef:d5:79:38:cb:
05:3f:22:2a:01:4e:e6:54:fa:82:f8:a5:d3:e9:e8:13:39:3f:
db:dd:75:6c:60:2d:f1:57:99:d0:ee:4a:13:b1:ac:88:c7:09:
ab:7c:94:71:fb:11:07:e2:9e:9d:46:05:db:3c:c1:93:38:71:
cc:70:59:af:a6:96:bd:c1:ef:97:dd:46:0e:6f:af:f5:7a:37:
7e:f4:e6:05:e3:66:ad:73:b6:37:50:73:48:84:05:8d:4d:a4:
3e:df:77:77:3f:9f:38:fb:22:08:96:da:34:6d:d2:b5:41:86:
5c:12:f0:87:b1:9e:ea:fa:68:32:a5:0c:e8:87:56:f8:ec:07:
e8:33:84:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM/816xssuE3pWOYX9lllPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzBkNjk0ZDU5ZDdkMzZiYTQyMWEzMDUwZjRlYzdkZDM3
ODFlZmQwHhcNMjIwOTE1MDcwMDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Y2YzUyMmEzOTg2OWQyZjQ2Y2FjNzk1NjYzMDk4ZWFhYjk4OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinFmf3wSJh6Mn7CrymmHNtl0Nccz
4XjLjyWwYS+9tw1RkCsQQwMv5ssJlJvHJG3uYKB1WIaYUN1dPIf35qhZJpjWzJJx
M8NGFo3dcQGKEhnzi8v4hf5/CpBnMNBQEqlCrAb0ziY3autd/BSBN11Iw5ao3DIG
kgBmGKDxYHHo6PiGhV1WCItSmjkBqIc4XB0ehT2X09vrR6HznvtCuVGLJEOagoJY
fA44blJjsvT+Zt1Q+PaE0q+/qdiTv0oe0IgPSP12k6AbHzCOjbKUtwNTnUOa4a+I
3L2ax/JmpmG6IFyQF9yYefOuRUhLY4o8FXOF15J/lqYtC4ijD52u4pbCcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHf2xSKjmGnS9GyseVZjCY6quYlhMB8GA1UdIwQY
MBaAFNTA1pTVnX02ukIaMFD07H3TeB79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1EV2xOV2RmVGE2UWhvd1VQVHNmZE40SHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MWNjY2UtYWNkOC00ZmI4LWIxNDgt
YTc5NTEwZTYxM2U4LzEvZF9iRklxT1lhZEwwYkt4NVZtTUpqcXE1aVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MWNjY2UtYWNkOC00ZmI4LWIxNDgtYTc5NTEwZTYxM2U4
LzEvMU1EV2xOV2RmVGE2UWhvd1VQVHNmZE40SHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWl+AwQA
w0JZMA0GCSqGSIb3DQEBCwUAA4IBAQB0j2yR3V95S+W+1N86ifJOiQ0xov65EZJ6
UBp+lXI0tQ3bpqxl4CxB8dAGJ1FTLVQcZ41h5iEzcJ5AYWovkGrS7W25McHHVqbx
EZhRV2BbZK9MBJ6uqrv0zQpfs3TXYRewDNXcajsO5lw7GBfkhOXREgbWftKjpUhd
79V5OMsFPyIqAU7mVPqC+KXT6egTOT/b3XVsYC3xV5nQ7koTsayIxwmrfJRx+xEH
4p6dRgXbPMGTOHHMcFmvppa9we+X3UYOb6/1ejd+9OYF42atc7Y3UHNIhAWNTaQ+
33d3P584+yIIlto0bdK1QYZcEvCHsZ7q+mgypQzoh1b47AfoM4T4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:34 2023 by rpki-client on console-ams.rpki-client.org