Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/l4Hq2EiaFsBx9oKGCc5nACoz93o.roa
File: l4Hq2EiaFsBx9oKGCc5nACoz93o.roa (raw, json)
Hash identifier: ndiBjMa4zOMneroXP+p9uK6ld+lYBMNJT/+GcPKsRhA=
Subject key identifier: 97:81:EA:D8:48:9A:16:C0:71:F6:82:86:09:CE:67:00:2A:33:F7:7A
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 0862A1
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/l4Hq2EiaFsBx9oKGCc5nACoz93o.roa
Signing time: Tue 01 Feb 2022 19:51:46 +0000
ROA not before: Tue 01 Feb 2022 19:51:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59645
IP address blocks: 195.191.196.0/23 maxlen: 24
2a06:d1c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 549537 (0x862a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Feb 1 19:51:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9781ead8489a16c071f6828609ce67002a33f77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:56:eb:29:ba:d7:bb:4f:a3:66:22:e8:4c:
11:c1:09:ea:a9:ef:03:75:e1:ad:d4:b9:e1:39:53:
28:b9:b5:7e:52:a9:6f:59:5c:2f:61:9c:00:8a:b7:
92:9c:ba:c4:57:7a:d2:0e:13:25:2e:b4:45:b5:bd:
fb:4d:ac:15:15:13:2d:98:ad:54:50:02:50:73:5a:
0b:ef:ce:03:2b:f8:c3:5a:37:33:65:fb:aa:bf:d0:
83:4a:66:83:af:18:3c:de:a1:af:17:3b:67:ba:d8:
01:ee:f6:ee:a3:84:c8:09:3d:3e:79:79:4e:e3:02:
41:43:a2:7f:03:45:30:5d:b4:8d:bb:ae:e0:4a:69:
17:52:54:78:df:ad:1f:33:39:89:2d:02:ea:6a:ff:
a9:be:e8:37:a3:84:e8:cf:d0:1f:c0:3b:9c:18:d4:
6a:13:95:27:96:09:9b:2f:da:d8:d3:31:23:36:9b:
7f:ac:cb:18:c1:30:af:54:f3:af:10:a9:54:78:e9:
f6:dc:8c:6c:1b:a7:f6:eb:c9:eb:6e:7b:22:84:09:
c9:a7:47:3f:2b:22:08:0e:cc:8b:46:15:8c:2d:aa:
b6:b9:3f:1a:e4:12:42:f7:d4:ef:c4:8d:8f:aa:cf:
9f:8b:ea:4b:e7:bd:23:70:50:df:2e:a2:54:c1:cb:
34:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:81:EA:D8:48:9A:16:C0:71:F6:82:86:09:CE:67:00:2A:33:F7:7A
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/l4Hq2EiaFsBx9oKGCc5nACoz93o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.196.0/23
IPv6:
2a06:d1c0::/32
Signature Algorithm: sha256WithRSAEncryption
1b:1c:78:8e:fc:6d:27:97:20:c6:4f:11:c8:0d:bb:94:fc:d8:
14:43:64:85:77:3f:ec:5c:c3:56:bb:0c:7e:9b:91:eb:ce:6b:
ae:5a:f3:5a:c4:e2:b4:ff:c1:37:fa:08:d5:fd:a7:56:4f:ea:
a1:5e:60:26:48:7e:9f:13:1b:4c:14:a6:93:32:21:d0:e3:77:
68:de:de:9a:65:19:aa:4e:af:4b:0c:02:ab:27:33:b4:1d:e4:
dc:7f:1d:96:55:56:2a:1b:b6:35:63:b0:d8:ea:f9:a3:41:8b:
97:89:f3:90:9b:4c:03:9b:6f:da:59:93:d8:9b:c4:86:a7:8f:
5e:29:28:de:6a:ff:d5:4e:fe:12:fc:6e:bd:8f:00:8a:00:5a:
f6:59:d0:10:a5:29:70:15:42:dc:8a:30:07:4c:31:f0:ad:c8:
61:b2:ac:d0:c5:5d:a1:ef:67:bd:72:55:15:b9:73:75:da:0d:
8e:57:c1:d6:c6:47:f7:11:3e:c2:31:0e:16:21:a7:a7:3b:c3:
37:a5:e2:f6:19:15:13:1d:9f:c9:77:6f:81:29:88:ab:55:04:
d3:2f:19:84:8e:0d:cc:84:01:20:96:07:ca:ad:e7:47:5e:d0:
9c:b3:3e:ac:16:cc:16:f7:9e:56:39:a6:0b:64:0c:00:e1:a0:
31:31:c7:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDCGKhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM2
NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWViZjQ3NWQwHhcNMjIwMjAx
MTk1MTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NzgxZWFkODQ4OWEx
NmMwNzFmNjgyODYwOWNlNjcwMDJhMzNmNzdhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsOtW6ym617tPo2Yi6EwRwQnqqe8DdeGt1LnhOVMoubV+Uqlv
WVwvYZwAireSnLrEV3rSDhMlLrRFtb37TawVFRMtmK1UUAJQc1oL784DK/jDWjcz
Zfuqv9CDSmaDrxg83qGvFztnutgB7vbuo4TICT0+eXlO4wJBQ6J/A0UwXbSNu67g
SmkXUlR4360fMzmJLQLqav+pvug3o4Toz9AfwDucGNRqE5UnlgmbL9rY0zEjNpt/
rMsYwTCvVPOvEKlUeOn23IxsG6f268nrbnsihAnJp0c/KyIIDsyLRhWMLaq2uT8a
5BJC99TvxI2Pqs+fi+pL570jcFDfLqJUwcs03QIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFJeB6thImhbAcfaChgnOZwAqM/d6MB8GA1UdIwQYMBaAFMZPoK2JhxSfBVNH
JLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5MzlkLzEv
bDRIcTJFaWFGc0J4OW9LR0NjNW5BQ296OTNvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8y
NDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5MzlkLzEveGstZ3JZbUhGSjhG
VTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw7/EMA0EAgACMAcDBQAqBtHAMA0G
CSqGSIb3DQEBCwUAA4IBAQAbHHiO/G0nlyDGTxHIDbuU/NgUQ2SFdz/sXMNWuwx+
m5HrzmuuWvNaxOK0/8E3+gjV/adWT+qhXmAmSH6fExtMFKaTMiHQ43do3t6aZRmq
Tq9LDAKrJzO0HeTcfx2WVVYqG7Y1Y7DY6vmjQYuXifOQm0wDm2/aWZPYm8SGp49e
KSjeav/VTv4S/G69jwCKAFr2WdAQpSlwFULcijAHTDHwrchhsqzQxV2h72e9clUV
uXN12g2OV8HWxkf3ET7CMQ4WIaenO8M3peL2GRUTHZ/Jd2+BKYirVQTTLxmEjg3M
hAEglgfKredHXtCcsz6sFswW955WOaYLZAwA4aAxMcec
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:04 2023 by rpki-client on console.sobornost.net