Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/U8lDXznwSp7aqSOUdngljG7b-g0.roa
File: U8lDXznwSp7aqSOUdngljG7b-g0.roa (raw, json)
Hash identifier: RI2MtpAYLdjEb6nsDo3shPYmU5aqAAim/O4p3DyXEYE=
Subject key identifier: 53:C9:43:5F:39:F0:4A:9E:DA:A9:23:94:76:78:25:8C:6E:DB:FA:0D
Certificate issuer: /CN=e1a9fe3c8a69d50935a1f749666e08dc754594dd
Certificate serial: 01856B0A2D2978B840309CE29663B0390A55
Authority key identifier: E1:A9:FE:3C:8A:69:D5:09:35:A1:F7:49:66:6E:08:DC:75:45:94:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4an-PIpp1Qk1ofdJZm4I3HVFlN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/U8lDXznwSp7aqSOUdngljG7b-g0.roa
Signing time: Sun 01 Jan 2023 01:55:06 +0000
ROA not before: Sun 01 Jan 2023 01:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200345
IP address blocks: 194.147.24.0/22 maxlen: 24
2a0d:840::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:2d:29:78:b8:40:30:9c:e2:96:63:b0:39:0a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1a9fe3c8a69d50935a1f749666e08dc754594dd
Validity
Not Before: Jan 1 01:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53c9435f39f04a9edaa923947678258c6edbfa0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5f:7c:d9:c5:49:dd:4f:a3:98:d6:9c:78:62:
00:58:cd:7f:79:b7:10:36:75:68:35:91:24:06:98:
46:78:2b:82:ce:e1:de:15:53:99:f0:50:7c:a7:60:
65:c6:df:32:a5:e5:39:7f:14:4d:dd:77:39:59:db:
72:79:d7:36:c7:de:a8:e7:5b:e6:d6:79:a0:30:d9:
52:97:1b:69:23:f8:6b:05:1e:e1:da:26:63:9b:fe:
2f:06:df:34:c1:68:fc:27:a7:2a:ad:f3:1f:67:46:
8a:11:64:11:9e:68:f4:a8:55:92:64:94:3a:84:a2:
c5:e2:a0:25:4f:c6:41:a9:ab:8e:bb:9d:4d:eb:4d:
68:d3:6d:35:a3:bd:7e:7b:e6:52:10:fe:3f:4b:72:
56:17:90:3a:32:18:79:95:55:0a:7d:b2:45:1c:7a:
f3:d9:c0:f4:c7:82:88:ce:0d:41:23:09:37:95:c2:
f6:d2:3d:fd:6a:b2:65:94:86:43:c2:19:e3:75:22:
e6:b2:f2:a0:da:44:7c:5e:a1:2e:f9:32:27:58:eb:
bb:9f:b5:5f:1b:0e:d0:3c:c6:88:aa:67:bf:57:2c:
1f:01:3c:f6:82:f9:ce:dc:7b:f1:f5:21:dc:9d:ad:
b7:bb:fd:60:06:ff:ba:36:97:4a:c1:13:38:0b:46:
df:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C9:43:5F:39:F0:4A:9E:DA:A9:23:94:76:78:25:8C:6E:DB:FA:0D
X509v3 Authority Key Identifier:
keyid:E1:A9:FE:3C:8A:69:D5:09:35:A1:F7:49:66:6E:08:DC:75:45:94:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4an-PIpp1Qk1ofdJZm4I3HVFlN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/U8lDXznwSp7aqSOUdngljG7b-g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/4an-PIpp1Qk1ofdJZm4I3HVFlN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.24.0/22
IPv6:
2a0d:840::/29
Signature Algorithm: sha256WithRSAEncryption
85:79:f9:d8:10:25:7d:d7:db:3a:35:f1:47:b7:ee:5b:f6:98:
e7:04:30:06:9d:80:aa:32:af:b6:36:8d:91:5a:46:52:8e:30:
e4:60:5f:9e:d4:e8:2e:8c:26:3a:db:05:25:ce:29:a6:19:b4:
99:fa:c3:c4:72:20:4e:5d:d9:3f:ec:d9:69:23:f8:91:2f:67:
f9:14:3b:22:79:bd:3f:78:d2:42:8a:26:c1:7e:62:ca:62:15:
49:0c:4a:44:d1:f5:33:bf:5d:96:bb:a9:11:6b:ce:89:cd:00:
03:07:62:fb:a0:30:93:21:ec:dc:57:57:92:8d:74:d9:f5:da:
12:28:d1:ab:92:1c:39:21:fd:80:73:48:1e:eb:83:fc:e3:25:
ac:dc:90:5b:70:b5:a6:11:f0:fe:42:1b:74:5f:5e:d6:d9:85:
c4:a3:d4:3a:7f:1a:b2:c0:97:3f:9a:7c:9e:70:39:04:22:35:
e4:91:67:b3:d7:1d:1b:75:3e:9e:35:f5:74:22:a8:8a:85:6e:
0b:2f:07:03:5f:0f:a2:bc:56:51:0b:6c:d1:0e:f3:c9:af:ec:
7f:7a:83:25:8e:18:5e:9b:24:95:cc:40:94:8b:3f:6f:ca:2a:
57:2a:04:6d:63:34:e3:70:ac:4d:2a:fb:2d:df:2c:b4:29:cc:
3c:5e:ea:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrCi0peLhAMJzilmOwOQpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYTlmZTNjOGE2OWQ1MDkzNWExZjc0OTY2NmUwOGRjNzU0
NTk0ZGQwHhcNMjMwMTAxMDE1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2M5NDM1ZjM5ZjA0YTllZGFhOTIzOTQ3Njc4MjU4YzZlZGJmYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1982cVJ3U+jmNaceGIAWM1/ebcQ
NnVoNZEkBphGeCuCzuHeFVOZ8FB8p2Blxt8ypeU5fxRN3Xc5Wdtyedc2x96o51vm
1nmgMNlSlxtpI/hrBR7h2iZjm/4vBt80wWj8J6cqrfMfZ0aKEWQRnmj0qFWSZJQ6
hKLF4qAlT8ZBqauOu51N601o0201o71+e+ZSEP4/S3JWF5A6Mhh5lVUKfbJFHHrz
2cD0x4KIzg1BIwk3lcL20j39arJllIZDwhnjdSLmsvKg2kR8XqEu+TInWOu7n7Vf
Gw7QPMaIqme/VywfATz2gvnO3Hvx9SHcna23u/1gBv+6NpdKwRM4C0bfawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFPJQ1858Eqe2qkjlHZ4JYxu2/oNMB8GA1UdIwQY
MBaAFOGp/jyKadUJNaH3SWZuCNx1RZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGFuLVBJcHAxUWsxb2ZkSlptNEkzSFZGbE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wZTZmNGEtZmQ1Ny00MTFiLWE5NGIt
NmI2ZmRiNTRiYTMxLzEvVThsRFh6bndTcDdhcVNPVWRuZ2xqRzdiLWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wZTZmNGEtZmQ1Ny00MTFiLWE5NGItNmI2ZmRiNTRiYTMx
LzEvNGFuLVBJcHAxUWsxb2ZkSlptNEkzSFZGbE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwpMYMA0E
AgACMAcDBQMqDQhAMA0GCSqGSIb3DQEBCwUAA4IBAQCFefnYECV919s6NfFHt+5b
9pjnBDAGnYCqMq+2No2RWkZSjjDkYF+e1OgujCY62wUlzimmGbSZ+sPEciBOXdk/
7NlpI/iRL2f5FDsieb0/eNJCiibBfmLKYhVJDEpE0fUzv12Wu6kRa86JzQADB2L7
oDCTIezcV1eSjXTZ9doSKNGrkhw5If2Ac0ge64P84yWs3JBbcLWmEfD+Qht0X17W
2YXEo9Q6fxqywJc/mnyecDkEIjXkkWez1x0bdT6eNfV0IqiKhW4LLwcDXw+ivFZR
C2zRDvPJr+x/eoMljhhemySVzECUiz9vyipXKgRtYzTjcKxNKvst3yy0Kcw8XuqA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:28 2025 by rpki-client