Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8f0218-543d-4943-8e3c-aef1b34a287d/1/M2vXbkZdb7pRQ8og4kvyGLqiaD4.roa
File: M2vXbkZdb7pRQ8og4kvyGLqiaD4.roa (raw, json)
Hash identifier: 9Da+Pa5INDWVxuyO7GKfsb0Vi7z/meiWTf7fpcD1/mQ=
Subject key identifier: 33:6B:D7:6E:46:5D:6F:BA:51:43:CA:20:E2:4B:F2:18:BA:A2:68:3E
Certificate issuer: /CN=ca58aeb4129f8e2c9bc42cd19185c8d7f0e6eaf9
Certificate serial: 018B82739A4BB2517507E335A6AF1264AAFE
Authority key identifier: CA:58:AE:B4:12:9F:8E:2C:9B:C4:2C:D1:91:85:C8:D7:F0:E6:EA:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yliutBKfjiybxCzRkYXI1_Dm6vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/8f0218-543d-4943-8e3c-aef1b34a287d/1/M2vXbkZdb7pRQ8og4kvyGLqiaD4.roa
Signing time: Mon 30 Oct 2023 21:18:16 +0000
ROA not before: Mon 30 Oct 2023 21:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45049
IP address blocks: 194.113.116.0/24 maxlen: 24
2a14:4400::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:82:73:9a:4b:b2:51:75:07:e3:35:a6:af:12:64:aa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca58aeb4129f8e2c9bc42cd19185c8d7f0e6eaf9
Validity
Not Before: Oct 30 21:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=336bd76e465d6fba5143ca20e24bf218baa2683e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:ec:e2:2c:23:47:b6:b4:d6:66:89:e3:98:
c2:6e:01:b7:6e:32:d8:b0:3f:c6:49:ca:d4:d5:d5:
52:b8:49:eb:c0:79:13:ae:dd:2a:60:19:b1:dd:df:
af:a4:ed:a0:9a:23:08:cf:c4:e1:6c:8d:69:e9:ae:
d0:b1:97:32:0c:79:6d:03:fd:e8:ab:1b:7c:7b:90:
be:7e:88:46:25:63:68:a7:c7:36:5d:22:19:f5:c2:
74:de:a2:bf:63:f2:cb:59:2d:d5:21:b8:c3:7b:a4:
29:65:39:70:3e:fa:92:59:87:42:ab:35:14:e9:8b:
ae:b1:09:86:a2:21:1e:77:d8:5b:67:2b:dc:da:3b:
3c:84:4c:66:e4:d3:80:f9:f2:1c:e8:de:31:25:1a:
99:cd:52:33:d0:45:38:4f:f6:90:d9:c0:0b:7d:a0:
ce:19:64:22:4c:91:1c:86:ca:69:bf:65:61:4e:d0:
a7:f1:8c:f1:64:a8:d5:3f:76:ca:75:1c:77:13:06:
bd:6b:40:60:6e:97:ed:c8:b5:43:09:2a:96:53:7a:
81:f5:57:8e:d3:be:1c:0b:c3:bb:c9:c7:58:6e:50:
b6:89:b9:94:81:94:35:dc:41:ee:e3:07:35:ef:9b:
4d:bc:d6:0d:e6:de:04:15:4c:3d:ae:f0:84:66:26:
f3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6B:D7:6E:46:5D:6F:BA:51:43:CA:20:E2:4B:F2:18:BA:A2:68:3E
X509v3 Authority Key Identifier:
keyid:CA:58:AE:B4:12:9F:8E:2C:9B:C4:2C:D1:91:85:C8:D7:F0:E6:EA:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yliutBKfjiybxCzRkYXI1_Dm6vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8f0218-543d-4943-8e3c-aef1b34a287d/1/M2vXbkZdb7pRQ8og4kvyGLqiaD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8f0218-543d-4943-8e3c-aef1b34a287d/1/yliutBKfjiybxCzRkYXI1_Dm6vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.116.0/24
IPv6:
2a14:4400::/32
Signature Algorithm: sha256WithRSAEncryption
68:db:bb:78:e3:14:b7:ce:60:c6:6f:6a:77:86:fe:39:d8:db:
a3:b8:10:a0:5a:1d:65:56:78:29:5a:87:31:de:64:74:d8:04:
99:38:9b:ba:39:16:1a:39:ca:8d:0f:0a:fe:77:d7:e0:40:11:
24:bc:23:f0:4f:57:1c:4c:f7:90:fe:59:8c:18:0f:3c:7a:f0:
cb:71:c2:42:fb:16:f8:44:14:65:23:70:3f:55:93:0f:39:40:
4e:71:00:8c:e0:fc:18:86:26:24:07:ef:56:d3:d6:c3:37:17:
b1:78:0c:01:5b:f0:74:1d:b0:8a:48:0b:0a:ae:c9:ff:4e:1c:
f1:7c:ac:57:41:67:72:d5:50:85:af:19:0e:b6:ad:b4:31:d3:
d9:23:cf:5a:c3:cc:67:90:c0:34:02:c5:80:9a:51:16:ba:c8:
a7:46:dc:e4:2c:8c:f5:64:c3:83:08:cc:c8:fa:58:8a:03:65:
ba:b7:e0:98:8c:fc:37:41:e7:31:79:37:71:08:79:29:1d:1c:
e7:dd:ca:c9:50:3a:f6:f8:34:1a:ff:94:b6:3f:8c:86:92:f0:
16:10:91:71:52:b0:03:2f:14:30:ad:ae:32:13:ee:f0:8b:94:
77:2c:4d:00:29:0b:71:88:fc:1a:1b:f7:10:23:fe:55:96:5c:
43:a1:05:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuCc5pLslF1B+M1pq8SZKr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNThhZWI0MTI5ZjhlMmM5YmM0MmNkMTkxODVjOGQ3ZjBl
NmVhZjkwHhcNMjMxMDMwMjExODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZiZDc2ZTQ2NWQ2ZmJhNTE0M2NhMjBlMjRiZjIxOGJhYTI2ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt77s4iwjR7a01maJ45jCbgG3bjLY
sD/GScrU1dVSuEnrwHkTrt0qYBmx3d+vpO2gmiMIz8ThbI1p6a7QsZcyDHltA/3o
qxt8e5C+fohGJWNop8c2XSIZ9cJ03qK/Y/LLWS3VIbjDe6QpZTlwPvqSWYdCqzUU
6YuusQmGoiEed9hbZyvc2js8hExm5NOA+fIc6N4xJRqZzVIz0EU4T/aQ2cALfaDO
GWQiTJEchsppv2VhTtCn8YzxZKjVP3bKdRx3Ewa9a0BgbpftyLVDCSqWU3qB9VeO
074cC8O7ycdYblC2ibmUgZQ13EHu4wc175tNvNYN5t4EFUw9rvCEZibz5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDNr125GXW+6UUPKIOJL8hi6omg+MB8GA1UdIwQY
MBaAFMpYrrQSn44sm8Qs0ZGFyNfw5ur5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxpdXRCS2ZqaXlieEN6UmtZWEkxX0RtNnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84ZjAyMTgtNTQzZC00OTQzLThlM2Mt
YWVmMWIzNGEyODdkLzEvTTJ2WGJrWmRiN3BSUThvZzRrdnlHTHFpYUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84ZjAyMTgtNTQzZC00OTQzLThlM2MtYWVmMWIzNGEyODdk
LzEveWxpdXRCS2ZqaXlieEN6UmtZWEkxX0RtNnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwnF0MA0E
AgACMAcDBQAqFEQAMA0GCSqGSIb3DQEBCwUAA4IBAQBo27t44xS3zmDGb2p3hv45
2NujuBCgWh1lVngpWocx3mR02ASZOJu6ORYaOcqNDwr+d9fgQBEkvCPwT1ccTPeQ
/lmMGA88evDLccJC+xb4RBRlI3A/VZMPOUBOcQCM4PwYhiYkB+9W09bDNxexeAwB
W/B0HbCKSAsKrsn/ThzxfKxXQWdy1VCFrxkOtq20MdPZI89aw8xnkMA0AsWAmlEW
usinRtzkLIz1ZMODCMzI+liKA2W6t+CYjPw3QecxeTdxCHkpHRzn3crJUDr2+DQa
/5S2P4yGkvAWEJFxUrADLxQwra4yE+7wi5R3LE0AKQtxiPwaG/cQI/5VllxDoQUp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:27 2025 by rpki-client