Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/aoao9FOfXBkHUdNlIc5GY-YRIis.roa
File: aoao9FOfXBkHUdNlIc5GY-YRIis.roa (raw, json)
Hash identifier: 9V8R04bd+AWt0I6SgI6DdCwwTCJpko+e+D/wrnTX9t4=
Subject key identifier: 6A:86:A8:F4:53:9F:5C:19:07:51:D3:65:21:CE:46:63:E6:11:22:2B
Certificate issuer: /CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Certificate serial: 01874EAF275D330543C6F95B852CF9A96106
Authority key identifier: 7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/aoao9FOfXBkHUdNlIc5GY-YRIis.roa
Signing time: Tue 04 Apr 2023 23:51:54 +0000
ROA not before: Tue 04 Apr 2023 23:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205424
IP address blocks: 194.24.188.0/24 maxlen: 24
185.42.172.0/24 maxlen: 24
185.42.173.0/24 maxlen: 24
185.42.175.0/24 maxlen: 24
185.42.174.0/24 maxlen: 24
2a01:63a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4e:af:27:5d:33:05:43:c6:f9:5b:85:2c:f9:a9:61:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Validity
Not Before: Apr 4 23:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a86a8f4539f5c190751d36521ce4663e611222b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0b:7b:d8:84:82:f3:6f:0e:ae:20:f5:d3:ea:
51:b4:e4:ff:f2:5c:c0:67:82:72:23:4b:75:a8:89:
7d:94:3b:79:02:48:ce:e3:7d:40:1c:b6:f6:f5:d2:
9e:f5:a9:72:50:ac:b5:da:0d:05:71:15:42:00:4c:
dc:e2:c3:ba:68:e0:ec:56:01:f7:0d:93:c2:2d:68:
de:4d:b0:6b:d4:87:6f:90:99:cc:58:b2:bf:9f:97:
7e:79:63:7d:31:f2:93:25:66:70:d6:1d:83:9a:b6:
08:f6:27:b0:b3:b9:04:cb:50:32:fc:62:2f:4f:97:
42:b8:da:df:a4:1d:f7:e0:18:6b:31:e5:67:88:ac:
5e:12:02:82:e5:c7:a5:ad:73:17:6c:28:d6:88:21:
62:c0:99:b9:93:dc:39:ac:53:b1:a2:cc:c4:f2:e0:
51:d0:6f:04:f5:d3:de:17:1c:6f:2f:b4:73:b1:0f:
63:b2:4e:1a:9b:a1:c2:0d:48:91:2c:d0:cf:5b:fd:
c4:ab:e4:72:0d:e6:bf:73:21:7b:c7:0f:ed:78:9c:
bb:e0:e7:7b:fb:3a:a2:34:e1:3d:05:1d:6d:db:51:
dc:cb:77:14:f9:29:f6:3c:d0:ef:94:3e:3c:0f:3e:
39:2a:3e:70:28:7b:f7:f5:b9:2e:fe:fc:b9:21:c8:
d4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:86:A8:F4:53:9F:5C:19:07:51:D3:65:21:CE:46:63:E6:11:22:2B
X509v3 Authority Key Identifier:
keyid:7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/aoao9FOfXBkHUdNlIc5GY-YRIis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.172.0/22
194.24.188.0/24
IPv6:
2a01:63a0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:8e:b6:5e:94:f2:d6:a9:df:b1:17:18:1b:7a:1e:85:34:a2:
79:6f:c7:ca:8b:16:e7:0c:23:97:0a:83:5e:ed:90:6d:bb:bd:
b5:f0:86:01:8f:3a:d6:28:11:6a:df:25:82:d1:fb:80:4b:30:
3d:34:92:8f:81:05:48:b5:d2:ee:4d:fb:ca:62:69:a1:3e:75:
c8:a0:f1:2d:37:a0:8a:81:c7:52:63:5b:8c:27:2a:8d:db:5c:
83:60:01:be:64:0d:39:22:4b:f6:dc:2a:54:89:47:99:e7:90:
8e:44:9c:9f:86:17:63:63:aa:13:24:56:a9:5c:d9:f8:c1:23:
f3:74:38:fd:8c:a4:b8:3c:ad:65:58:73:23:bd:01:bd:dd:d3:
da:4e:6f:0e:d9:59:c2:23:3e:1f:29:75:1f:7f:8b:85:70:81:
98:3d:f8:a8:36:31:71:8a:5b:34:24:06:ab:78:7d:68:f4:c0:
e0:b5:27:18:6c:d0:69:c3:74:7d:2b:cd:46:78:72:3f:71:8b:
a5:13:af:8a:1d:34:44:7b:ff:64:a1:d1:c5:a6:0b:2e:8e:1c:
b4:64:01:32:68:ae:69:3f:eb:ca:96:9e:27:c2:8e:bc:5a:c2:
c3:f2:c7:f1:6b:7e:d4:47:d7:32:03:d6:9f:0a:7e:8f:ca:82:
be:35:29:8b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYdOryddMwVDxvlbhSz5qWEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMWY1NTdlZTI2M2NiMzU5YTE5ZWEyY2Q3ZmEwZThjOTEz
OWViNzYwHhcNMjMwNDA0MjM1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg2YThmNDUzOWY1YzE5MDc1MWQzNjUyMWNlNDY2M2U2MTEyMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwt72ISC828OriD10+pRtOT/8lzA
Z4JyI0t1qIl9lDt5AkjO431AHLb29dKe9alyUKy12g0FcRVCAEzc4sO6aODsVgH3
DZPCLWjeTbBr1IdvkJnMWLK/n5d+eWN9MfKTJWZw1h2DmrYI9iews7kEy1Ay/GIv
T5dCuNrfpB334BhrMeVniKxeEgKC5celrXMXbCjWiCFiwJm5k9w5rFOxoszE8uBR
0G8E9dPeFxxvL7RzsQ9jsk4am6HCDUiRLNDPW/3Eq+RyDea/cyF7xw/teJy74Od7
+zqiNOE9BR1t21Hcy3cU+Sn2PNDvlD48Dz45Kj5wKHv39bku/vy5IcjU4QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGqGqPRTn1wZB1HTZSHORmPmESIrMB8GA1UdIwQY
MBaAFHsfVX7iY8s1mhnqLNf6DoyROet2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEt
M2UzNjYwZGExM2E0LzEvYW9hbzlGT2ZYQmtIVWRObEljNUdZLVlSSWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEtM2UzNjYwZGExM2E0
LzEvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSqsAwQA
whi8MA0EAgACMAcDBQAqAWOgMA0GCSqGSIb3DQEBCwUAA4IBAQAvjrZelPLWqd+x
Fxgbeh6FNKJ5b8fKixbnDCOXCoNe7ZBtu7218IYBjzrWKBFq3yWC0fuASzA9NJKP
gQVItdLuTfvKYmmhPnXIoPEtN6CKgcdSY1uMJyqN21yDYAG+ZA05Ikv23CpUiUeZ
55CORJyfhhdjY6oTJFapXNn4wSPzdDj9jKS4PK1lWHMjvQG93dPaTm8O2VnCIz4f
KXUff4uFcIGYPfioNjFxils0JAareH1o9MDgtScYbNBpw3R9K81GeHI/cYulE6+K
HTREe/9kodHFpgsujhy0ZAEyaK5pP+vKlp4nwo68WsLD8sfxa37UR9cyA9afCn6P
yoK+NSmL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:57 2025 by rpki-client