Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/Iafd_k82QLVfQCz2kz8R7sgt1mw.roa
File: Iafd_k82QLVfQCz2kz8R7sgt1mw.roa (raw, json)
Hash identifier: wEYdkf/dFs2Z3z3dpiVJ7JiRo6XxEFcFMim6+KONios=
Subject key identifier: 21:A7:DD:FE:4F:36:40:B5:5F:40:2C:F6:93:3F:11:EE:C8:2D:D6:6C
Certificate issuer: /CN=c98b825f36e9cc330315c940de800cbabce3397b
Certificate serial: 0185735F1642F244CB5D81BABDC50959AE02
Authority key identifier: C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/Iafd_k82QLVfQCz2kz8R7sgt1mw.roa
Signing time: Mon 02 Jan 2023 16:44:49 +0000
ROA not before: Mon 02 Jan 2023 16:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 194.11.129.0/24 maxlen: 24
194.11.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:5f:16:42:f2:44:cb:5d:81:ba:bd:c5:09:59:ae:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98b825f36e9cc330315c940de800cbabce3397b
Validity
Not Before: Jan 2 16:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21a7ddfe4f3640b55f402cf6933f11eec82dd66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:bd:df:6c:1b:09:fa:e4:9c:3d:5c:bf:10:
41:16:91:98:91:19:48:f5:75:e8:ee:f8:6b:2d:5d:
fb:4d:7a:01:77:42:1f:aa:8d:f6:d0:92:10:a2:c1:
0e:c5:bc:f3:36:2a:3e:34:7d:e6:c8:4d:5d:1f:90:
b4:72:1d:da:68:45:dd:10:c0:91:44:ab:e6:69:78:
b7:5d:98:a9:5c:61:d9:b1:79:c8:81:ef:86:37:70:
25:9f:78:1f:15:ff:d5:0f:2f:e0:29:87:01:f5:16:
e1:47:3e:42:d2:9f:a8:c4:f4:91:3f:f9:8c:7f:d6:
db:0d:5c:9d:03:1a:e6:ed:e6:33:d9:b0:e1:df:6f:
0b:51:1d:dd:8d:03:d3:aa:04:43:53:3a:d6:2d:36:
c7:9f:5c:76:e1:d0:96:cc:0a:3a:8b:72:41:bc:2b:
0b:27:00:ce:3a:21:d9:d9:a6:13:5d:aa:29:00:f6:
1e:7f:8c:a1:2d:f1:10:50:ef:d6:e8:e7:a1:c5:17:
61:19:51:83:9c:c3:f8:ab:75:06:d5:63:eb:75:11:
d2:ed:f8:f4:c8:96:9d:8c:8f:c1:d6:e9:0b:47:29:
0d:84:c9:5b:39:6e:4b:72:2e:17:44:24:82:bd:ad:
08:3c:79:35:db:2d:af:d6:d6:48:3b:c7:69:d2:01:
0d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A7:DD:FE:4F:36:40:B5:5F:40:2C:F6:93:3F:11:EE:C8:2D:D6:6C
X509v3 Authority Key Identifier:
keyid:C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/Iafd_k82QLVfQCz2kz8R7sgt1mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/yYuCXzbpzDMDFclA3oAMurzjOXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.129.0-194.11.130.255
Signature Algorithm: sha256WithRSAEncryption
a6:7d:da:05:78:48:0b:d2:d3:f1:68:e3:9f:3c:1b:88:aa:11:
30:ee:c8:d7:53:b9:e7:32:21:03:5d:81:b1:42:38:85:ec:39:
c9:a9:3e:a5:37:43:f7:ae:2d:73:69:e8:6d:21:7d:0a:1b:6e:
8d:ee:85:b6:f7:54:4a:26:49:cb:a8:c9:ab:b3:d4:fa:9b:27:
42:37:2b:b0:1c:48:71:2e:7f:29:d6:1c:d5:e6:98:5c:70:ef:
5a:47:4e:50:d5:b4:95:50:96:92:5d:7a:7b:45:13:0c:30:1a:
a4:c9:f4:14:3b:03:df:b6:c0:42:34:74:d4:9b:18:82:9c:d7:
bc:ca:15:29:29:c8:b3:6e:eb:f8:a7:39:5a:ab:e3:c4:0b:0a:
03:42:3f:aa:6f:3d:ec:81:d8:da:5a:82:b4:6b:f7:dc:f1:44:
27:2f:3e:42:d8:93:8f:df:14:71:fa:55:2d:e9:f1:11:ee:30:
9d:15:bc:8c:7c:d2:62:2f:45:50:94:fd:98:35:f3:92:14:e7:
4a:ac:2a:18:1c:70:cb:31:cf:d3:69:f6:de:4c:8a:94:64:9f:
0b:1e:9b:f8:6c:0e:d8:20:ef:cf:d1:a1:7f:02:e4:f7:6d:3b:
d1:1d:b2:94:e2:a0:d8:88:9e:ca:58:01:a1:cd:69:1d:e4:45:
07:11:56:d0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVzXxZC8kTLXYG6vcUJWa4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGI4MjVmMzZlOWNjMzMwMzE1Yzk0MGRlODAwY2JhYmNl
MzM5N2IwHhcNMjMwMTAyMTY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE3ZGRmZTRmMzY0MGI1NWY0MDJjZjY5MzNmMTFlZWM4MmRkNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpO932wbCfrknD1cvxBBFpGYkRlI
9XXo7vhrLV37TXoBd0Ifqo320JIQosEOxbzzNio+NH3myE1dH5C0ch3aaEXdEMCR
RKvmaXi3XZipXGHZsXnIge+GN3Aln3gfFf/VDy/gKYcB9RbhRz5C0p+oxPSRP/mM
f9bbDVydAxrm7eYz2bDh328LUR3djQPTqgRDUzrWLTbHn1x24dCWzAo6i3JBvCsL
JwDOOiHZ2aYTXaopAPYef4yhLfEQUO/W6OehxRdhGVGDnMP4q3UG1WPrdRHS7fj0
yJadjI/B1ukLRykNhMlbOW5Lci4XRCSCva0IPHk12y2v1tZIO8dp0gEN1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCGn3f5PNkC1X0As9pM/Ee7ILdZsMB8GA1UdIwQY
MBaAFMmLgl826cwzAxXJQN6ADLq84zl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUt
Yjg5YTUxMWMzYmJkLzEvSWFmZF9rODJRTFZmUUN6Mmt6OFI3c2d0MW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUtYjg5YTUxMWMzYmJk
LzEveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCC4ED
BADCC4IwDQYJKoZIhvcNAQELBQADggEBAKZ92gV4SAvS0/Fo4588G4iqETDuyNdT
uecyIQNdgbFCOIXsOcmpPqU3Q/euLXNp6G0hfQobbo3uhbb3VEomScuoyauz1Pqb
J0I3K7AcSHEufynWHNXmmFxw71pHTlDVtJVQlpJdentFEwwwGqTJ9BQ7A9+2wEI0
dNSbGIKc17zKFSkpyLNu6/inOVqr48QLCgNCP6pvPeyB2NpagrRr99zxRCcvPkLY
k4/fFHH6VS3p8RHuMJ0VvIx80mIvRVCU/Zg185IU50qsKhgccMsxz9Np9t5MipRk
nwsem/hsDtgg78/RoX8C5PdtO9EdspTioNiInspYAaHNaR3kRQcRVtA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:44:48 2025 by rpki-client