Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/EFR88nUfhk6o5O1tVqNhTYp3Kho.roa
File: EFR88nUfhk6o5O1tVqNhTYp3Kho.roa (raw, json)
Hash identifier: S7UAIwSUo4NpZo+4GzwCLndjafTLRvN6y7lUHNs4QOc=
Subject key identifier: 10:54:7C:F2:75:1F:86:4E:A8:E4:ED:6D:56:A3:61:4D:8A:77:2A:1A
Certificate issuer: /CN=659a6b975eafd2ce51468723814355f56c55bafb
Certificate serial: 0185704BC1EC66B5754631916CF29CA1088C
Authority key identifier: 65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/EFR88nUfhk6o5O1tVqNhTYp3Kho.roa
Signing time: Mon 02 Jan 2023 02:24:51 +0000
ROA not before: Mon 02 Jan 2023 02:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15642
IP address blocks: 194.125.232.0/24 maxlen: 24
194.125.232.0/22 maxlen: 24
194.242.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c1:ec:66:b5:75:46:31:91:6c:f2:9c:a1:08:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659a6b975eafd2ce51468723814355f56c55bafb
Validity
Not Before: Jan 2 02:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10547cf2751f864ea8e4ed6d56a3614d8a772a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:32:6a:20:6d:47:cd:4c:9d:ba:0c:14:d3:46:
0d:67:33:e0:7a:02:db:06:a7:2e:59:b6:29:0f:5b:
fa:4e:81:46:2e:0e:08:79:ae:98:24:dd:30:56:8b:
01:31:d4:96:4c:48:12:91:9a:de:12:36:7a:d7:40:
76:de:21:05:e2:d7:d1:44:dd:29:66:ac:74:c5:e6:
3a:1f:4b:2f:89:35:60:13:08:31:45:01:c0:57:69:
79:5d:72:0c:47:59:ff:72:10:7c:d5:b4:71:7e:db:
68:05:1c:a9:52:34:a2:f1:13:4b:86:1e:f8:80:3a:
79:43:5b:39:c1:9e:77:b8:67:c8:0c:1a:74:e8:37:
c3:8f:89:33:59:7c:1c:b6:6c:fa:19:1d:f8:34:10:
6e:47:77:92:e6:96:1f:11:65:bf:f3:93:b1:ae:41:
26:24:74:5c:9d:55:60:f6:bd:07:81:39:52:7b:4a:
33:c7:2a:b1:d5:c5:73:06:17:ed:59:42:43:4c:1d:
63:10:8f:5a:eb:5a:8c:15:c9:19:41:8a:92:0d:91:
ff:e2:f8:3c:3a:cd:0f:25:35:97:6a:2e:b7:35:c8:
af:50:ed:e5:01:e9:3d:e2:dd:c5:99:44:c8:9e:6f:
6c:25:c4:f2:8b:e6:e4:5c:b0:59:7a:03:cf:4d:78:
ba:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:54:7C:F2:75:1F:86:4E:A8:E4:ED:6D:56:A3:61:4D:8A:77:2A:1A
X509v3 Authority Key Identifier:
keyid:65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/EFR88nUfhk6o5O1tVqNhTYp3Kho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.125.232.0/22
194.242.32.0/24
Signature Algorithm: sha256WithRSAEncryption
89:1e:d2:87:0d:08:7f:84:fa:84:5b:e1:0f:ec:58:51:10:b9:
d4:c2:15:be:be:94:e1:49:4c:3e:f8:34:77:ed:f4:3e:c4:d5:
b1:a8:2d:c2:a8:84:23:ed:e7:5b:fd:a6:8e:19:c3:be:2d:15:
b9:9e:fb:f8:5d:bf:83:c7:19:46:28:68:ac:5f:cc:4e:0a:4a:
69:93:f3:75:0a:a1:89:a1:1d:ea:eb:fe:e4:b2:4d:cd:33:9d:
74:74:11:91:63:ec:6e:aa:6f:79:88:ad:4c:29:fc:64:3f:9a:
7d:73:bb:26:bc:8a:09:18:21:cd:86:ee:38:6d:83:fa:12:35:
1d:32:9f:a8:6e:05:de:cf:0e:ff:c0:62:2a:40:1f:8d:28:63:
7d:8e:3e:4d:cf:f0:af:1d:67:27:ad:10:24:f8:28:85:77:ea:
65:54:40:65:c2:e8:85:30:25:1d:66:9f:44:9c:47:3c:1d:9c:
ba:dd:16:f0:0d:78:7b:d7:ce:82:2d:20:ae:f4:f3:64:a0:29:
81:b4:12:04:6d:9b:fa:6c:f6:e0:d1:32:96:39:62:bb:32:9b:
48:60:80:0e:e2:93:65:46:24:be:b9:a3:bf:33:e7:7a:88:3a:
77:04:56:8b:38:90:5c:8b:76:bb:e8:13:05:94:ca:0a:19:b2:
fe:c3:d0:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwS8HsZrV1RjGRbPKcoQiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWE2Yjk3NWVhZmQyY2U1MTQ2ODcyMzgxNDM1NWY1NmM1
NWJhZmIwHhcNMjMwMTAyMDIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDU0N2NmMjc1MWY4NjRlYThlNGVkNmQ1NmEzNjE0ZDhhNzcyYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDJqIG1HzUydugwU00YNZzPgegLb
BqcuWbYpD1v6ToFGLg4Iea6YJN0wVosBMdSWTEgSkZreEjZ610B23iEF4tfRRN0p
Zqx0xeY6H0sviTVgEwgxRQHAV2l5XXIMR1n/chB81bRxfttoBRypUjSi8RNLhh74
gDp5Q1s5wZ53uGfIDBp06DfDj4kzWXwctmz6GR34NBBuR3eS5pYfEWW/85OxrkEm
JHRcnVVg9r0HgTlSe0ozxyqx1cVzBhftWUJDTB1jEI9a61qMFckZQYqSDZH/4vg8
Os0PJTWXai63NcivUO3lAek94t3FmUTInm9sJcTyi+bkXLBZegPPTXi6KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBBUfPJ1H4ZOqOTtbVajYU2KdyoaMB8GA1UdIwQY
MBaAFGWaa5der9LOUUaHI4FDVfVsVbr7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQt
ZWZmM2NkY2JkMDBhLzEvRUZSODhuVWZoazZvNU8xdFZxTmhUWXAzS2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQtZWZmM2NkY2JkMDBh
LzEvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwn3oAwQA
wvIgMA0GCSqGSIb3DQEBCwUAA4IBAQCJHtKHDQh/hPqEW+EP7FhRELnUwhW+vpTh
SUw++DR37fQ+xNWxqC3CqIQj7edb/aaOGcO+LRW5nvv4Xb+DxxlGKGisX8xOCkpp
k/N1CqGJoR3q6/7ksk3NM510dBGRY+xuqm95iK1MKfxkP5p9c7smvIoJGCHNhu44
bYP6EjUdMp+obgXezw7/wGIqQB+NKGN9jj5Nz/CvHWcnrRAk+CiFd+plVEBlwuiF
MCUdZp9EnEc8HZy63RbwDXh7186CLSCu9PNkoCmBtBIEbZv6bPbg0TKWOWK7MptI
YIAO4pNlRiS+uaO/M+d6iDp3BFaLOJBci3a76BMFlMoKGbL+w9BK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:56 2025 by rpki-client