Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/bdTS4oLAlF4CrXvRmxgCU1M-fXM.roa
File: bdTS4oLAlF4CrXvRmxgCU1M-fXM.roa (raw, json)
Hash identifier: HR6xOuGVckcXmQjn3PO55v5QvFe4jbQe4tTDrhB+wis=
Subject key identifier: 6D:D4:D2:E2:82:C0:94:5E:02:AD:7B:D1:9B:18:02:53:53:3E:7D:73
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 0182687B6894AD1874F6B289783D8437315E
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/bdTS4oLAlF4CrXvRmxgCU1M-fXM.roa
Signing time: Thu 04 Aug 2022 10:51:34 +0000
ROA not before: Thu 04 Aug 2022 10:51:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:7b:68:94:ad:18:74:f6:b2:89:78:3d:84:37:31:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Aug 4 10:51:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dd4d2e282c0945e02ad7bd19b180253533e7d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:63:b4:d1:6c:2d:ce:98:33:9e:10:35:b1:86:
c2:d7:c0:56:16:f1:28:0b:47:3a:a4:57:d1:e6:ef:
1f:a2:8f:33:a7:35:1b:14:30:a3:ee:7a:50:fc:13:
e1:19:ad:fc:57:df:c2:67:10:71:66:7e:14:1f:d1:
65:9c:eb:2a:39:ac:45:a7:5e:91:a2:87:d6:f7:06:
d3:3c:db:73:43:b6:5a:54:f1:0f:6f:94:d7:f9:6a:
41:78:fa:29:1e:dc:56:81:0c:fb:73:dd:fe:66:52:
13:60:3f:b4:11:c9:15:22:d0:0d:d0:da:41:65:5b:
58:c6:b4:30:c0:e1:c3:12:b6:58:f7:22:38:e5:c6:
2a:31:d2:98:2f:35:3e:11:f5:95:bd:65:c7:04:87:
7c:cd:a5:8c:48:55:34:2d:50:91:f7:ca:1a:a6:e3:
83:df:ee:e7:38:7e:48:af:3c:af:32:3b:88:91:7c:
14:65:3a:83:1f:d7:f6:b9:07:48:81:be:eb:bc:2a:
a8:16:50:f9:bc:30:c9:da:7c:6b:d1:9b:82:cb:4f:
0d:c9:ce:20:e1:81:c6:f7:6e:01:f0:f3:1f:c3:c1:
b8:b8:b6:ca:8a:43:9e:f7:40:e9:cc:60:f9:43:4f:
92:6f:9b:9e:11:12:10:70:f7:c2:32:43:6e:ce:a5:
29:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D4:D2:E2:82:C0:94:5E:02:AD:7B:D1:9B:18:02:53:53:3E:7D:73
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/bdTS4oLAlF4CrXvRmxgCU1M-fXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
10:da:f5:8b:00:b9:40:97:bc:1e:11:fe:88:9b:6a:6f:19:8a:
52:fd:9f:f7:7a:9b:14:2b:f7:11:ba:14:0d:a8:e9:2c:cf:9f:
74:7e:af:21:6f:1f:be:fd:3b:a9:95:15:b3:37:15:3f:af:c9:
41:61:d3:0b:0d:b7:c3:bb:9a:aa:51:16:d2:83:d9:70:2d:68:
bb:d4:34:a3:6a:5e:38:6f:a6:c0:41:ea:35:e8:b0:e7:6d:e0:
40:8d:7a:62:51:21:e0:0d:40:b4:91:23:7d:bf:33:57:a3:ed:
1c:18:1f:3e:a1:89:5c:e6:9c:43:29:b2:55:56:c1:e1:6d:ef:
96:b5:a5:e4:ea:06:94:ba:6f:3b:6a:3a:a8:34:01:00:33:54:
95:bf:48:99:9a:f1:a5:1d:e9:44:e7:db:04:cb:94:d8:e0:32:
b6:5a:74:8b:f9:08:01:ef:07:ad:63:3d:d3:ae:13:30:28:c8:
50:59:c2:53:63:0e:82:c6:10:b7:14:19:1d:c8:b0:b6:6d:44:
63:fc:bc:79:69:30:23:85:79:ab:43:3f:f7:78:80:77:c6:78:
3d:ef:9b:92:f1:2a:9b:0a:27:b3:8a:ad:b8:e4:e7:8f:2c:fe:
76:e6:7a:e2:a8:c7:55:91:4a:fa:8c:6c:a7:9c:37:13:40:e9:
69:30:45:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJoe2iUrRh09rKJeD2ENzFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjIwODA0MTA1MTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ0ZDJlMjgyYzA5NDVlMDJhZDdiZDE5YjE4MDI1MzUzM2U3ZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmO00WwtzpgznhA1sYbC18BWFvEo
C0c6pFfR5u8foo8zpzUbFDCj7npQ/BPhGa38V9/CZxBxZn4UH9FlnOsqOaxFp16R
oofW9wbTPNtzQ7ZaVPEPb5TX+WpBePopHtxWgQz7c93+ZlITYD+0EckVItAN0NpB
ZVtYxrQwwOHDErZY9yI45cYqMdKYLzU+EfWVvWXHBId8zaWMSFU0LVCR98oapuOD
3+7nOH5IrzyvMjuIkXwUZTqDH9f2uQdIgb7rvCqoFlD5vDDJ2nxr0ZuCy08Nyc4g
4YHG924B8PMfw8G4uLbKikOe90DpzGD5Q0+Sb5ueERIQcPfCMkNuzqUpNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3U0uKCwJReAq170ZsYAlNTPn1zMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvYmRUUzRvTEFsRjRDclh2Um14Z0NVMU0tZlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ2vWLALlAl7weEf6Im2pvGYpS/Z/3epsUK/cRuhQN
qOksz590fq8hbx++/TuplRWzNxU/r8lBYdMLDbfDu5qqURbSg9lwLWi71DSjal44
b6bAQeo16LDnbeBAjXpiUSHgDUC0kSN9vzNXo+0cGB8+oYlc5pxDKbJVVsHhbe+W
taXk6gaUum87ajqoNAEAM1SVv0iZmvGlHelE59sEy5TY4DK2WnSL+QgB7wetYz3T
rhMwKMhQWcJTYw6CxhC3FBkdyLC2bURj/Lx5aTAjhXmrQz/3eIB3xng975uS8Sqb
Cieziq245OePLP525nriqMdVkUr6jGynnDcTQOlpMEWN
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net