Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7RI9ChN1hL4Y53HVOYTwWCIFBQQ.roa
File: 7RI9ChN1hL4Y53HVOYTwWCIFBQQ.roa (raw, json)
Hash identifier: nidJx2KwClyIojwBPmlVGjP6TyfJABNORP4xBL+p+fU=
Subject key identifier: ED:12:3D:0A:13:75:84:BE:18:E7:71:D5:39:84:F0:58:22:05:05:04
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0183AD510C2737D24B10FDB49B34B6E04F80
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7RI9ChN1hL4Y53HVOYTwWCIFBQQ.roa
Signing time: Thu 06 Oct 2022 12:41:53 +0000
ROA not before: Thu 06 Oct 2022 12:41:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12297
IP address blocks: 212.42.192.0/19 maxlen: 19
89.249.192.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ad:51:0c:27:37:d2:4b:10:fd:b4:9b:34:b6:e0:4f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 6 12:41:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed123d0a137584be18e771d53984f05822050504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d3:01:69:8d:a3:cc:29:c1:01:68:72:20:2f:
be:6a:5e:0e:9e:e5:34:0d:70:ce:20:65:59:6e:db:
78:82:2d:65:5a:d2:a2:56:07:0c:80:99:b3:1f:ea:
a3:9c:7e:15:6e:df:d2:31:30:cb:03:36:78:c8:43:
5c:96:f7:3b:d8:9f:77:f5:3d:a9:aa:00:c5:fc:f1:
d0:bf:20:d2:c7:19:5d:0a:cd:a6:70:6b:7e:c9:4e:
8d:1a:94:73:bf:2e:35:da:c1:fe:b1:35:63:29:e7:
4f:af:a9:fe:55:ab:cc:16:9b:6a:11:a0:a9:96:19:
a0:ab:33:c5:29:0d:fe:86:b0:3a:ec:5b:b0:5c:9a:
14:a3:14:89:48:e2:8f:27:74:b3:8d:39:c0:5b:f9:
b0:e9:01:a6:af:33:3d:4a:47:9c:c4:27:05:41:5b:
8d:eb:72:9e:91:d7:48:a7:93:77:b0:0a:67:65:a3:
c5:69:30:6d:23:05:cf:97:96:97:4c:d7:ba:69:c9:
d7:9b:70:71:19:54:c6:80:b7:75:9e:99:6f:26:e4:
8a:7f:08:ce:31:fc:f1:f7:21:64:2f:b4:11:f4:e2:
49:58:30:42:4a:46:2c:99:09:34:af:9e:f2:a9:19:
7e:f4:eb:cd:b2:f0:be:40:0b:d8:b0:db:9e:bf:64:
d3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:12:3D:0A:13:75:84:BE:18:E7:71:D5:39:84:F0:58:22:05:05:04
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7RI9ChN1hL4Y53HVOYTwWCIFBQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/20
212.42.192.0/19
Signature Algorithm: sha256WithRSAEncryption
84:8b:36:22:50:59:af:81:c8:db:74:b0:c2:ab:54:9c:e4:ca:
af:bf:1a:ff:78:bf:ed:35:3a:b2:ea:46:d2:12:d4:0b:3b:2f:
28:09:b9:3b:45:c1:01:c9:cf:9e:74:e5:e7:36:4f:48:df:76:
35:77:d2:69:8c:7a:d8:bf:43:9b:42:fe:0e:e8:da:23:c6:f1:
37:e7:76:6e:64:12:1a:bc:74:4a:86:6f:2a:dd:26:a7:79:f1:
90:fb:18:eb:d7:37:47:d2:c7:e6:b8:b7:38:e5:33:f8:34:e3:
50:65:76:40:8f:ce:ee:34:ad:f5:a3:7c:b5:9d:4c:0e:0f:67:
05:ad:ce:8f:6c:d4:52:06:b1:19:c0:7d:06:18:88:17:8c:e1:
55:f8:90:0f:41:83:50:6c:7f:03:4f:05:8b:d1:61:9f:89:34:
c5:13:65:a0:c7:82:b7:17:8b:00:5c:e4:c7:82:64:a5:da:90:
02:4b:60:06:ba:72:d4:42:34:1e:05:b8:c3:02:51:dd:b4:0e:
cd:1e:6f:08:00:33:af:6e:41:74:ce:e4:c1:bb:38:4b:ce:8b:
4b:ef:a6:08:5d:00:26:00:bb:5d:42:95:9d:87:aa:53:5f:22:
70:15:61:0c:4a:d0:96:30:68:a7:a7:02:41:77:dd:0f:0a:73:
25:fc:90:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOtUQwnN9JLEP20mzS24E+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjIxMDA2MTI0MTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDEyM2QwYTEzNzU4NGJlMThlNzcxZDUzOTg0ZjA1ODIyMDUwNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtMBaY2jzCnBAWhyIC++al4OnuU0
DXDOIGVZbtt4gi1lWtKiVgcMgJmzH+qjnH4Vbt/SMTDLAzZ4yENclvc72J939T2p
qgDF/PHQvyDSxxldCs2mcGt+yU6NGpRzvy412sH+sTVjKedPr6n+VavMFptqEaCp
lhmgqzPFKQ3+hrA67FuwXJoUoxSJSOKPJ3SzjTnAW/mw6QGmrzM9SkecxCcFQVuN
63KekddIp5N3sApnZaPFaTBtIwXPl5aXTNe6acnXm3BxGVTGgLd1nplvJuSKfwjO
Mfzx9yFkL7QR9OJJWDBCSkYsmQk0r57yqRl+9OvNsvC+QAvYsNuev2TTbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO0SPQoTdYS+GOdx1TmE8FgiBQUEMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvN1JJOUNoTjFoTDRZNTNIVk9ZVHdXQ0lGQlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWfnAAwQF
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQCEizYiUFmvgcjbdLDCq1Sc5Mqvvxr/eL/t
NTqy6kbSEtQLOy8oCbk7RcEByc+edOXnNk9I33Y1d9JpjHrYv0ObQv4O6NojxvE3
53ZuZBIavHRKhm8q3SanefGQ+xjr1zdH0sfmuLc45TP4NONQZXZAj87uNK31o3y1
nUwOD2cFrc6PbNRSBrEZwH0GGIgXjOFV+JAPQYNQbH8DTwWL0WGfiTTFE2Wgx4K3
F4sAXOTHgmSl2pACS2AGunLUQjQeBbjDAlHdtA7NHm8IADOvbkF0zuTBuzhLzotL
76YIXQAmALtdQpWdh6pTXyJwFWEMStCWMGinpwJBd90PCnMl/JDM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:32 2025 by rpki-client