Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/eEvoUjB5Bk9pU6dXK34AeicGG8s.roa
File: eEvoUjB5Bk9pU6dXK34AeicGG8s.roa (raw, json)
Hash identifier: twEeYU7umXRgsazDg9Sv0ni12+DiIDdIvHak02YWitM=
Subject key identifier: 78:4B:E8:52:30:79:06:4F:69:53:A7:57:2B:7E:00:7A:27:06:1B:CB
Certificate issuer: /CN=906426f483c36aacda8732324ab88ad5800c9a2d
Certificate serial: 01838525D196D813DF9F37C038DED70157B2
Authority key identifier: 90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/eEvoUjB5Bk9pU6dXK34AeicGG8s.roa
Signing time: Wed 28 Sep 2022 17:29:51 +0000
ROA not before: Wed 28 Sep 2022 17:29:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20900
IP address blocks: 194.4.7.0/24 maxlen: 24
194.4.10.0/24 maxlen: 24
194.4.13.0/24 maxlen: 24
194.4.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:85:25:d1:96:d8:13:df:9f:37:c0:38:de:d7:01:57:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=906426f483c36aacda8732324ab88ad5800c9a2d
Validity
Not Before: Sep 28 17:29:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=784be8523079064f6953a7572b7e007a27061bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f5:3d:bd:11:ad:cb:e3:34:b4:f1:f8:d2:e0:
d7:2d:4b:60:f3:20:26:7a:70:01:f1:8e:4f:d0:66:
d2:c0:3f:ab:5c:69:13:fc:9a:bc:01:aa:ec:51:df:
3a:d0:07:bb:95:a4:1f:69:8c:1f:cf:32:2f:77:e4:
7a:0b:53:fc:70:04:84:98:f0:aa:36:b2:72:f1:99:
6e:c0:00:30:c7:24:7a:81:f0:2a:2f:84:53:8d:b0:
de:c8:91:c6:41:1e:54:fc:cc:40:b6:e4:aa:42:22:
46:a5:15:28:5c:ee:f0:10:b3:a7:9d:57:3b:08:a8:
f1:4b:51:09:66:01:8d:5e:71:0c:d6:15:ce:94:2d:
3b:2d:d4:d8:c1:f8:31:20:7c:81:4c:ef:36:bf:4c:
d3:d4:3d:d6:e4:98:fa:16:a1:7a:c7:e5:9e:51:41:
9b:58:5b:7f:ce:52:5c:f4:48:29:ba:62:47:44:a7:
0d:3d:78:f0:71:00:a6:1f:3a:59:00:cb:e0:37:e4:
eb:97:db:70:fc:48:c1:2d:38:bd:d3:e3:7c:d2:82:
aa:88:74:d4:cb:d9:1d:27:3c:37:d7:e2:c2:bc:1b:
7e:85:28:45:69:60:b6:55:64:24:42:64:0d:07:8e:
d7:b2:15:cf:e4:4b:16:ce:a2:5d:94:24:43:76:92:
b0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:4B:E8:52:30:79:06:4F:69:53:A7:57:2B:7E:00:7A:27:06:1B:CB
X509v3 Authority Key Identifier:
keyid:90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/eEvoUjB5Bk9pU6dXK34AeicGG8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.7.0/24
194.4.10.0/24
194.4.12.0/23
Signature Algorithm: sha256WithRSAEncryption
07:bd:86:45:13:41:6d:ae:39:29:69:ff:7c:0d:36:e2:e9:48:
96:e2:51:00:e5:45:b4:09:3a:30:13:22:cb:02:00:96:61:e5:
33:ec:ee:38:61:d5:08:7f:c0:df:0c:88:b8:13:c2:28:8f:a4:
d4:1f:8b:13:51:47:86:7c:90:15:10:4c:86:f5:3a:1c:df:03:
e9:58:fa:6c:6e:54:bc:c7:bb:19:d4:8d:ed:63:f0:e4:9c:a2:
eb:e9:20:29:f8:65:fa:be:d8:24:87:2e:b1:cd:c7:80:47:d7:
53:f1:ab:eb:63:b7:83:6e:cd:8c:b7:ed:78:0b:ab:7a:ee:b4:
a0:3b:d2:3d:de:f3:c5:06:70:ec:59:24:b4:ff:38:41:9c:a0:
f6:b4:35:9c:68:24:6a:71:f6:dd:11:38:4e:f2:cf:c4:99:d4:
70:74:4a:d4:90:8e:36:47:ad:32:8b:db:25:2c:10:12:ee:d2:
70:9c:a0:01:8a:76:27:28:46:20:de:2f:42:87:93:cc:07:0b:
4f:2a:5e:be:8a:7a:0e:cf:81:6f:04:24:88:28:0a:d7:97:cb:
cf:73:fc:e7:ed:41:2c:1d:18:c7:59:5a:cf:5f:91:46:32:36:
8f:02:b6:e8:9f:5f:f8:93:a3:35:5d:2b:55:21:1b:3f:a3:c0:
d3:d1:6d:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOFJdGW2BPfnzfAON7XAVeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjQyNmY0ODNjMzZhYWNkYTg3MzIzMjRhYjg4YWQ1ODAw
YzlhMmQwHhcNMjIwOTI4MTcyOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODRiZTg1MjMwNzkwNjRmNjk1M2E3NTcyYjdlMDA3YTI3MDYxYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvU9vRGty+M0tPH40uDXLUtg8yAm
enAB8Y5P0GbSwD+rXGkT/Jq8AarsUd860Ae7laQfaYwfzzIvd+R6C1P8cASEmPCq
NrJy8ZluwAAwxyR6gfAqL4RTjbDeyJHGQR5U/MxAtuSqQiJGpRUoXO7wELOnnVc7
CKjxS1EJZgGNXnEM1hXOlC07LdTYwfgxIHyBTO82v0zT1D3W5Jj6FqF6x+WeUUGb
WFt/zlJc9EgpumJHRKcNPXjwcQCmHzpZAMvgN+Trl9tw/EjBLTi90+N80oKqiHTU
y9kdJzw31+LCvBt+hShFaWC2VWQkQmQNB47XshXP5EsWzqJdlCRDdpKwowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHhL6FIweQZPaVOnVyt+AHonBhvLMB8GA1UdIwQY
MBaAFJBkJvSDw2qs2ocyMkq4itWADJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEt
OTRjNWFkMTdhN2EwLzEvZUV2b1VqQjVCazlwVTZkWEszNEFlaWNHRzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEtOTRjNWFkMTdhN2Ew
LzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwgQHAwQA
wgQKAwQBwgQMMA0GCSqGSIb3DQEBCwUAA4IBAQAHvYZFE0Ftrjkpaf98DTbi6UiW
4lEA5UW0CTowEyLLAgCWYeUz7O44YdUIf8DfDIi4E8Ioj6TUH4sTUUeGfJAVEEyG
9Toc3wPpWPpsblS8x7sZ1I3tY/DknKLr6SAp+GX6vtgkhy6xzceAR9dT8avrY7eD
bs2Mt+14C6t67rSgO9I93vPFBnDsWSS0/zhBnKD2tDWcaCRqcfbdEThO8s/EmdRw
dErUkI42R60yi9slLBAS7tJwnKABinYnKEYg3i9Ch5PMBwtPKl6+inoOz4FvBCSI
KArXl8vPc/zn7UEsHRjHWVrPX5FGMjaPArbon1/4k6M1XStVIRs/o8DT0W30
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:28 2025 by rpki-client