Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/pkWtVdPvZBcvmvwM9qS-9yB0zDk.roa
File: pkWtVdPvZBcvmvwM9qS-9yB0zDk.roa (raw, json)
Hash identifier: 7ntjVPP3lbOSFFcWJTxTkbYxOQPCcYtrU/UsC+JqUxU=
Subject key identifier: A6:45:AD:55:D3:EF:64:17:2F:9A:FC:0C:F6:A4:BE:F7:20:74:CC:39
Certificate issuer: /CN=0e086b67d8989653baeb68b8d24ab9e9bd0caf2a
Certificate serial: 01C5263B
Authority key identifier: 0E:08:6B:67:D8:98:96:53:BA:EB:68:B8:D2:4A:B9:E9:BD:0C:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DghrZ9iYllO662i40kq56b0Mryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/pkWtVdPvZBcvmvwM9qS-9yB0zDk.roa
Signing time: Sat 01 Jan 2022 10:00:39 +0000
ROA not before: Sat 01 Jan 2022 10:00:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51964
IP address blocks: 194.9.145.0/24 maxlen: 24
194.9.141.0/24 maxlen: 24
194.9.142.0/24 maxlen: 24
194.9.149.0/24 maxlen: 24
193.17.48.0/24 maxlen: 24
194.9.166.0/24 maxlen: 24
194.9.164.0/24 maxlen: 24
2a04:1447::/45 maxlen: 45
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29697595 (0x1c5263b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e086b67d8989653baeb68b8d24ab9e9bd0caf2a
Validity
Not Before: Jan 1 10:00:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a645ad55d3ef64172f9afc0cf6a4bef72074cc39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8f:f8:2f:51:be:58:4c:fe:b8:fe:38:80:b1:
a9:c3:78:fe:59:e8:01:ef:53:00:15:4a:77:b0:5c:
ba:08:5b:d8:50:b8:a0:61:bc:a8:2d:24:69:d7:31:
12:b1:84:e0:cd:53:f6:c0:d7:47:8e:1d:e7:60:f5:
c5:91:a2:38:1e:d7:82:06:db:7f:c5:3c:d3:ea:88:
79:bc:45:b7:2c:4f:b8:9e:16:bd:37:66:ac:30:bb:
57:3e:71:30:06:8b:2f:7b:0e:65:ef:de:2f:fd:12:
4a:e0:c7:93:91:0a:28:a4:68:48:42:0a:52:7b:6b:
91:45:76:d7:46:f6:e8:13:7f:b1:cb:c8:2d:79:e6:
5d:56:16:6f:b1:2f:f6:a7:ad:3c:c6:66:cb:57:d5:
0a:17:cc:43:83:40:3d:d9:d6:58:18:01:12:3f:92:
42:2b:87:6b:d5:30:fa:ba:d8:cc:b6:aa:dc:fc:90:
16:e3:94:ee:bc:28:00:e4:23:a5:46:9e:5b:d8:d4:
21:e8:36:7a:a1:56:fa:b6:71:37:60:5e:1e:f0:eb:
38:2b:79:de:84:bc:04:d9:97:47:af:c4:23:60:72:
15:22:aa:b8:e7:9f:71:07:60:6a:3c:f6:4a:2b:29:
74:0f:75:96:fb:d3:a7:d9:11:21:1c:8b:7c:d2:38:
8d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:45:AD:55:D3:EF:64:17:2F:9A:FC:0C:F6:A4:BE:F7:20:74:CC:39
X509v3 Authority Key Identifier:
keyid:0E:08:6B:67:D8:98:96:53:BA:EB:68:B8:D2:4A:B9:E9:BD:0C:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DghrZ9iYllO662i40kq56b0Mryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/pkWtVdPvZBcvmvwM9qS-9yB0zDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/DghrZ9iYllO662i40kq56b0Mryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.48.0/24
194.9.141.0-194.9.142.255
194.9.145.0/24
194.9.149.0/24
194.9.164.0/24
194.9.166.0/24
IPv6:
2a04:1447::/45
Signature Algorithm: sha256WithRSAEncryption
25:cf:b8:9d:1b:a6:35:bb:90:5e:c6:07:5c:75:a6:61:76:4b:
15:4d:fa:62:a5:ad:58:2a:23:1b:35:88:e8:c8:cd:4b:96:e5:
48:6a:f9:38:43:b6:2b:23:20:08:58:de:a7:b1:5f:c9:54:2b:
7b:15:7f:e2:48:b8:33:e8:5e:aa:5d:d1:e1:df:af:b8:31:0f:
c6:af:2f:e7:8d:e8:91:3a:b2:ad:ad:67:86:31:23:4b:2d:ea:
f4:5e:39:24:6d:11:22:ad:11:43:d1:2c:b9:10:15:67:22:4e:
37:ee:1f:bb:a2:84:47:91:c0:d0:d9:14:de:3b:a2:68:14:92:
57:ad:d6:c4:45:ea:a5:e2:dc:32:14:b9:c9:de:4b:59:94:39:
21:da:7c:a9:c3:1d:c3:44:e9:fe:84:61:ad:1b:a9:88:b2:5d:
55:b9:e9:7b:07:dd:14:87:e8:af:ee:84:c6:01:c1:02:ab:f3:
8f:65:df:2b:fa:a5:bc:c3:4c:0c:3f:fe:96:fc:de:5f:5f:95:
56:f2:ef:e8:3c:3c:f3:67:16:ea:2c:cd:99:8b:91:02:eb:a0:
b9:9e:f1:b1:b3:b1:1b:ad:0b:07:2d:8f:ca:db:d9:81:7e:e1:
c7:2e:73:a5:b6:17:1d:10:9c:71:24:49:24:eb:e9:fe:32:97:
3f:83:54:73
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIEAcUmOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTA4NmI2N2Q4OTg5NjUzYmFlYjY4YjhkMjRhYjllOWJkMGNhZjJhMB4XDTIyMDEw
MTEwMDAzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY0NWFkNTVkM2Vm
NjQxNzJmOWFmYzBjZjZhNGJlZjcyMDc0Y2MzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuP+C9RvlhM/rj+OICxqcN4/lnoAe9TABVKd7Bcughb2FC4
oGG8qC0kadcxErGE4M1T9sDXR44d52D1xZGiOB7Xggbbf8U80+qIebxFtyxPuJ4W
vTdmrDC7Vz5xMAaLL3sOZe/eL/0SSuDHk5EKKKRoSEIKUntrkUV210b26BN/scvI
LXnmXVYWb7Ev9qetPMZmy1fVChfMQ4NAPdnWWBgBEj+SQiuHa9Uw+rrYzLaq3PyQ
FuOU7rwoAOQjpUaeW9jUIeg2eqFW+rZxN2BeHvDrOCt53oS8BNmXR6/EI2ByFSKq
uOefcQdgajz2SispdA91lvvTp9kRIRyLfNI4jYkCAwEAAaOCAkAwggI8MB0GA1Ud
DgQWBBSmRa1V0+9kFy+a/Az2pL73IHTMOTAfBgNVHSMEGDAWgBQOCGtn2JiWU7rr
aLjSSrnpvQyvKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RnaHJaOWlZbGxPNjYyaTQwa3E1NmIwTXJ5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMzc5NmZhLWMwMmUtNDVmOS1hMWE0LTYyMmJiNDg5OTg4Ny8x
L3BrV3RWZFB2WkJjdm12d005cVMtOXlCMHpEay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
Mzc5NmZhLWMwMmUtNDVmOS1hMWE0LTYyMmJiNDg5OTg4Ny8xL0RnaHJaOWlZbGxP
NjYyaTQwa3E1NmIwTXJ5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBW
BggrBgEFBQcBBwEB/wRHMEUwMgQCAAEwLAMEAMERMDAMAwQAwgmNAwQAwgmOAwQA
wgmRAwQAwgmVAwQAwgmkAwQAwgmmMA8EAgACMAkDBwMqBBRHAAAwDQYJKoZIhvcN
AQELBQADggEBACXPuJ0bpjW7kF7GB1x1pmF2SxVN+mKlrVgqIxs1iOjIzUuW5Uhq
+ThDtisjIAhY3qexX8lUK3sVf+JIuDPoXqpd0eHfr7gxD8avL+eN6JE6sq2tZ4Yx
I0st6vReOSRtESKtEUPRLLkQFWciTjfuH7uihEeRwNDZFN47omgUklet1sRF6qXi
3DIUucneS1mUOSHafKnDHcNE6f6EYa0bqYiyXVW56XsH3RSH6K/uhMYBwQKr849l
3yv6pbzDTAw//pb83l9flVby7+g8PPNnFuoszZmLkQLroLme8bGzsRutCwctj8rb
2YF+4ccuc6W2Fx0QnHEkSSTr6f4ylz+DVHM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:51 2023 by rpki-client on console-ams.rpki-client.org