Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/1mQAldkEAotNekOfl_ZnNuBtCbI.roa
File: 1mQAldkEAotNekOfl_ZnNuBtCbI.roa (raw, json)
Hash identifier: UNbKU/ItiY7yYe6b1WAWFke8CN4UlASkZ8yAPey3ATU=
Subject key identifier: D6:64:00:95:D9:04:02:8B:4D:7A:43:9F:97:F6:67:36:E0:6D:09:B2
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018570399EA064AFE300D86F4B53B61825D4
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/1mQAldkEAotNekOfl_ZnNuBtCbI.roa
Signing time: Mon 02 Jan 2023 02:05:02 +0000
ROA not before: Mon 02 Jan 2023 02:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 194.64.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:9e:a0:64:af:e3:00:d8:6f:4b:53:b6:18:25:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 02:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6640095d904028b4d7a439f97f66736e06d09b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8e:01:4b:71:90:d1:10:6c:63:9f:68:8a:32:
5c:46:98:1c:0e:75:40:c9:07:30:76:12:f6:77:20:
6d:28:83:5d:ae:ef:d0:16:95:89:ba:51:44:ce:f2:
08:f3:f1:c7:f2:e7:a5:75:69:83:cd:f6:75:5c:6e:
84:1f:d4:09:61:83:72:3d:51:a0:1f:5c:f4:d5:48:
1a:50:6d:99:cc:28:b9:80:42:b3:28:28:0b:ce:4d:
4f:30:b8:e7:d9:ae:3e:45:b5:bf:50:c9:01:e6:69:
6b:b0:59:2e:5a:23:cf:fc:81:4e:d3:bd:4c:bb:89:
aa:56:01:a8:c7:d3:83:2b:01:6f:c9:06:91:e4:4b:
ae:ca:5c:17:01:4b:c9:ef:a9:74:2d:7e:e3:63:80:
7b:98:46:9f:e7:8b:f3:fa:e8:7b:27:55:6f:aa:48:
99:70:e0:18:ae:7a:1a:f0:ad:97:b5:c2:84:d6:51:
b6:e6:e7:ff:ca:e9:f1:9b:28:70:80:bb:d3:86:46:
9b:f0:8e:5b:e4:12:4d:0d:ba:7e:eb:12:e7:fa:ca:
cf:3e:4e:af:0e:00:9f:bf:bd:64:cd:25:6e:21:b2:
03:f8:cb:f4:7f:3b:5b:c3:46:ab:11:ba:01:75:60:
d2:cb:1a:90:cf:da:47:fe:8e:66:88:ff:3f:72:0e:
52:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:64:00:95:D9:04:02:8B:4D:7A:43:9F:97:F6:67:36:E0:6D:09:B2
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/1mQAldkEAotNekOfl_ZnNuBtCbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.89.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:61:b9:cd:4c:4e:2c:0d:bd:20:44:3a:e1:53:4b:c5:b0:da:
ca:fd:13:e3:0e:81:ad:9e:5b:a3:81:6a:34:dc:7c:dc:fc:e3:
c9:3d:b4:aa:61:eb:45:4c:a8:f6:8b:2d:5c:01:f3:49:54:95:
6e:c0:35:c4:f7:f2:1f:fd:3c:30:48:70:df:9f:81:d9:04:25:
58:2f:d8:f0:71:4b:ce:a2:38:ef:b4:6a:5a:ca:31:bb:fb:7f:
b1:70:b2:00:c1:8f:3c:9e:15:f7:a3:fc:b1:40:9c:5c:d6:ce:
13:6c:79:1a:30:cd:9d:2a:53:ac:81:da:e0:72:26:e0:38:78:
bc:73:d8:3c:c1:f0:6b:c9:dd:c7:1d:75:7c:2c:44:3b:89:43:
61:4e:19:c5:a4:14:13:20:06:a8:e0:ad:c6:f9:37:c4:42:c8:
08:a0:35:aa:0c:17:5e:32:c5:d8:02:72:31:b3:d6:49:11:f2:
c5:1e:82:ca:8b:a6:aa:71:93:63:1e:e8:3d:95:31:2c:7d:e3:
49:c6:86:c8:6d:60:4c:05:41:7a:03:c7:de:d1:06:00:1b:c2:
79:39:17:96:88:af:1a:3d:34:3a:e3:e8:de:8d:51:75:fe:3e:
68:34:a2:3b:f4:a4:91:0b:b7:69:a3:35:13:22:fc:d2:96:fc:
73:4c:0a:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOZ6gZK/jANhvS1O2GCXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwMTAyMDIwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjY0MDA5NWQ5MDQwMjhiNGQ3YTQzOWY5N2Y2NjczNmUwNmQwOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI4BS3GQ0RBsY59oijJcRpgcDnVA
yQcwdhL2dyBtKINdru/QFpWJulFEzvII8/HH8ueldWmDzfZ1XG6EH9QJYYNyPVGg
H1z01UgaUG2ZzCi5gEKzKCgLzk1PMLjn2a4+RbW/UMkB5mlrsFkuWiPP/IFO071M
u4mqVgGox9ODKwFvyQaR5EuuylwXAUvJ76l0LX7jY4B7mEaf54vz+uh7J1VvqkiZ
cOAYrnoa8K2XtcKE1lG25uf/yunxmyhwgLvThkab8I5b5BJNDbp+6xLn+srPPk6v
DgCfv71kzSVuIbID+Mv0fztbw0arEboBdWDSyxqQz9pH/o5miP8/cg5SnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZkAJXZBAKLTXpDn5f2ZzbgbQmyMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvMW1RQWxka0VBb3ROZWtPZmxfWm5OdUJ0Q2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkBZMA0G
CSqGSIb3DQEBCwUAA4IBAQCzYbnNTE4sDb0gRDrhU0vFsNrK/RPjDoGtnlujgWo0
3Hzc/OPJPbSqYetFTKj2iy1cAfNJVJVuwDXE9/If/TwwSHDfn4HZBCVYL9jwcUvO
ojjvtGpayjG7+3+xcLIAwY88nhX3o/yxQJxc1s4TbHkaMM2dKlOsgdrgcibgOHi8
c9g8wfBryd3HHXV8LEQ7iUNhThnFpBQTIAao4K3G+TfEQsgIoDWqDBdeMsXYAnIx
s9ZJEfLFHoLKi6aqcZNjHug9lTEsfeNJxobIbWBMBUF6A8fe0QYAG8J5OReWiK8a
PTQ64+jejVF1/j5oNKI79KSRC7dpozUTIvzSlvxzTAqo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:24 2025 by rpki-client