Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-XIat0KWL8oreew4v68MgwYDn2Q.roa
File: 1-XIat0KWL8oreew4v68MgwYDn2Q.roa (raw, json)
Hash identifier: 3pwQtLBUqcy93wnItYBd93QmC9fNKoAyjscyV9Rx2zA=
Subject key identifier: F9:72:1A:B7:42:96:2F:CA:2B:79:EC:38:BF:AF:0C:83:06:03:9F:64
Certificate issuer: /CN=fb3646fba69045ede5ef8e5c39a2fc17f9f0d2dc
Certificate serial: 0231CA
Authority key identifier: FB:36:46:FB:A6:90:45:ED:E5:EF:8E:5C:39:A2:FC:17:F9:F0:D2:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zZG-6aQRe3l745cOaL8F_nw0tw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-XIat0KWL8oreew4v68MgwYDn2Q.roa
Signing time: Thu 21 Apr 2022 10:25:51 +0000
ROA not before: Thu 21 Apr 2022 10:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50921
IP address blocks: 195.170.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143818 (0x231ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb3646fba69045ede5ef8e5c39a2fc17f9f0d2dc
Validity
Not Before: Apr 21 10:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9721ab742962fca2b79ec38bfaf0c8306039f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:89:0d:5a:9f:10:ce:9c:27:f5:72:17:f8:e2:
3e:07:46:45:1d:6f:8d:36:8f:07:e4:d2:af:8f:b0:
28:6d:f6:b6:29:77:eb:3f:15:76:b2:75:05:08:56:
64:bb:e4:ed:00:94:b2:0c:29:6e:63:0e:2c:73:1a:
d0:fb:c2:80:f9:86:5a:f1:01:07:35:4d:6c:59:70:
f1:2d:b7:75:65:90:dd:f1:65:3e:67:bb:72:1d:0a:
fc:46:66:db:36:b3:8b:d8:8f:c4:53:1e:82:6e:68:
9c:ba:bf:23:e7:9e:b3:c2:6e:7a:cb:7c:13:8d:c8:
e0:d1:b6:ff:a7:ed:9c:3e:cd:38:fe:39:fb:1d:b5:
4f:b6:77:47:f1:f5:cd:88:af:c5:68:58:99:35:a8:
1a:bc:2e:bb:f1:58:10:7a:08:60:f6:e9:ce:bc:a5:
71:c0:16:8f:ad:73:ac:20:99:7e:aa:01:56:e6:c2:
c6:00:85:39:74:4f:be:21:60:d0:ff:cb:a3:b2:c0:
86:9e:22:b4:dd:42:42:ac:59:93:b2:1d:63:ce:3e:
ed:c4:30:35:43:a5:aa:72:98:bf:a5:cd:20:90:0a:
c6:fc:28:be:88:d0:2b:9e:bc:e8:2e:85:42:c0:6a:
04:0a:d7:15:f7:af:98:33:c3:76:63:63:e8:eb:61:
18:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:72:1A:B7:42:96:2F:CA:2B:79:EC:38:BF:AF:0C:83:06:03:9F:64
X509v3 Authority Key Identifier:
keyid:FB:36:46:FB:A6:90:45:ED:E5:EF:8E:5C:39:A2:FC:17:F9:F0:D2:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zZG-6aQRe3l745cOaL8F_nw0tw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-XIat0KWL8oreew4v68MgwYDn2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-zZG-6aQRe3l745cOaL8F_nw0tw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.171.0/24
Signature Algorithm: sha256WithRSAEncryption
34:b9:d5:74:97:2a:db:db:df:6b:b8:91:81:84:1f:76:95:56:
97:67:c4:f4:36:8e:07:c4:52:e5:73:0e:72:30:18:f6:a9:16:
1a:4f:e9:28:fe:fc:94:f8:62:62:0e:e0:dc:e3:5d:e3:a7:47:
af:8a:18:53:fc:22:bf:8f:76:49:5d:a4:4d:a0:98:40:fe:b6:
dd:67:a3:9d:06:00:f3:62:62:59:10:66:b5:52:f0:4d:4d:81:
32:ac:de:81:34:1f:3e:87:c3:b4:ba:14:e4:b8:c0:f2:98:b0:
14:a5:49:d3:2e:62:e3:22:46:db:4c:45:29:4d:6c:c2:6a:ba:
37:5f:6e:04:13:d6:24:d4:fc:25:3b:e8:37:b3:24:d4:60:e6:
65:fd:17:48:a0:b0:dd:c9:59:04:f5:7d:ed:89:63:f1:f7:1c:
2d:4e:5f:cf:d1:3e:32:e2:24:af:9e:75:1c:ea:ab:9c:4d:3c:
75:3b:bd:fb:fd:28:22:f6:9e:aa:4a:a2:2d:d9:a3:3e:a4:9f:
db:7a:90:03:a8:88:33:8e:47:8b:73:05:93:ae:17:69:75:b2:
1a:49:7b:d7:e1:79:a8:fc:c6:c5:8b:f1:28:15:68:81:0e:4f:
df:80:77:e7:43:0b:b5:e5:df:25:96:9d:42:b5:dc:63:c7:bc:
4b:52:c3:02
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDAjHKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZi
MzY0NmZiYTY5MDQ1ZWRlNWVmOGU1YzM5YTJmYzE3ZjlmMGQyZGMwHhcNMjIwNDIx
MTAyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmOTcyMWFiNzQyOTYy
ZmNhMmI3OWVjMzhiZmFmMGM4MzA2MDM5ZjY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnIkNWp8Qzpwn9XIX+OI+B0ZFHW+NNo8H5NKvj7Aobfa2KXfr
PxV2snUFCFZku+TtAJSyDCluYw4scxrQ+8KA+YZa8QEHNU1sWXDxLbd1ZZDd8WU+
Z7tyHQr8RmbbNrOL2I/EUx6Cbmicur8j556zwm56y3wTjcjg0bb/p+2cPs04/jn7
HbVPtndH8fXNiK/FaFiZNagavC678VgQeghg9unOvKVxwBaPrXOsIJl+qgFW5sLG
AIU5dE++IWDQ/8ujssCGniK03UJCrFmTsh1jzj7txDA1Q6Wqcpi/pc0gkArG/Ci+
iNArnrzoLoVCwGoECtcV96+YM8N2Y2Po62EY4QIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFPlyGrdCli/KK3nsOL+vDIMGA59kMB8GA1UdIwQYMBaAFPs2RvumkEXt5e+O
XDmi/Bf58NLcMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEFBQcBAQRZMFcwVQYIKwYB
BQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MS16WkctNmFRUmUzbDc0NWNPYUw4Rl9udzB0dy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvNzA2ZjU0LTg3YTUtNDVlNy1iZjIyLThhNmI1NDc2NjZhYS8x
LzEtWElhdDBLV0w4b3JlZXc0djY4TWd3WURuMlEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVi
LzcwNmY1NC04N2E1LTQ1ZTctYmYyMi04YTZiNTQ3NjY2YWEvMS8xLXpaRy02YVFS
ZTNsNzQ1Y09hTDhGX253MHR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qrMA0GCSqGSIb3DQEBCwUA
A4IBAQA0udV0lyrb299ruJGBhB92lVaXZ8T0No4HxFLlcw5yMBj2qRYaT+ko/vyU
+GJiDuDc413jp0evihhT/CK/j3ZJXaRNoJhA/rbdZ6OdBgDzYmJZEGa1UvBNTYEy
rN6BNB8+h8O0uhTkuMDymLAUpUnTLmLjIkbbTEUpTWzCaro3X24EE9Yk1PwlO+g3
syTUYOZl/RdIoLDdyVkE9X3tiWPx9xwtTl/P0T4y4iSvnnUc6qucTTx1O737/Sgi
9p6qSqIt2aM+pJ/bepADqIgzjkeLcwWTrhdpdbIaSXvX4Xmo/MbFi/EoFWiBDk/f
gHfnQwu15d8llp1Ctdxjx7xLUsMC
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:21 2023 by rpki-client on console.sobornost.net