Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/ES3bTjFirw99e6bxYs8xKHRUAAk.roa
File: ES3bTjFirw99e6bxYs8xKHRUAAk.roa (raw, json)
Hash identifier: VZzk+lBIfO3AypvkzZZwB+r4RUMSpJRpvdiRC/wGNLo=
Subject key identifier: 11:2D:DB:4E:31:62:AF:0F:7D:7B:A6:F1:62:CF:31:28:74:54:00:09
Certificate issuer: /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial: 01856F66D909E5E9306653055C2A4BDCB355
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/ES3bTjFirw99e6bxYs8xKHRUAAk.roa
Signing time: Sun 01 Jan 2023 22:14:49 +0000
ROA not before: Sun 01 Jan 2023 22:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204357
IP address blocks: 194.114.83.0/24 maxlen: 24
194.114.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:d9:09:e5:e9:30:66:53:05:5c:2a:4b:dc:b3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Validity
Not Before: Jan 1 22:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=112ddb4e3162af0f7d7ba6f162cf312874540009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:65:7c:f2:90:28:e6:30:d9:06:37:ea:0e:ad:
18:62:17:fc:fd:5e:b6:7c:cd:33:aa:9c:79:24:40:
1f:97:b7:e5:85:c6:b0:87:c7:5e:c6:c1:97:90:18:
bd:9c:46:a8:4a:77:03:27:8e:06:de:6a:ef:bb:7e:
e6:68:8b:45:89:d2:d7:40:9e:41:91:f9:04:9d:63:
06:47:b3:e0:5d:00:55:be:dc:46:7f:34:f5:d4:cf:
71:52:ea:f0:4b:aa:18:42:37:2a:0a:e5:ae:9c:32:
0e:72:29:c5:3e:c5:b5:3b:21:56:5a:a4:1f:5d:c4:
d7:51:77:b4:f8:95:80:e3:03:43:4d:06:21:29:d4:
0b:4a:39:a6:be:e7:51:2d:9a:8c:1e:08:2b:75:32:
5e:7d:9c:eb:27:5f:35:2d:69:36:89:cd:64:ae:93:
1d:ed:d2:2a:c5:78:83:84:b3:df:fa:b6:1a:f9:8c:
b5:72:81:74:e8:50:34:3c:21:e7:2f:d2:a3:a0:59:
02:13:73:5f:fd:63:7e:6b:3b:74:0e:7b:76:a5:bc:
3e:f9:25:af:c3:f9:a7:13:c7:fd:b1:c0:d8:f9:32:
e9:72:94:0a:5e:cc:26:23:58:79:c2:de:14:4f:9e:
b8:0e:18:4a:9c:24:75:fb:da:f1:9e:8d:3b:75:1c:
4f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2D:DB:4E:31:62:AF:0F:7D:7B:A6:F1:62:CF:31:28:74:54:00:09
X509v3 Authority Key Identifier:
keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/ES3bTjFirw99e6bxYs8xKHRUAAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.114.82.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:8b:c7:98:48:08:ca:f5:74:57:70:79:0e:a0:f3:30:09:3b:
40:cc:a6:ab:18:b6:e1:54:0d:31:d2:2f:73:b4:fe:cf:5e:31:
15:dc:97:dd:ec:c1:a7:7f:13:b9:4f:a2:5c:50:6a:4b:92:82:
24:ce:8e:65:94:ae:2a:2f:fd:fb:d7:50:1d:a0:15:32:54:25:
94:6e:3a:12:c5:2e:40:43:66:59:ac:3b:96:ec:94:fd:e8:bc:
ce:dd:50:64:d0:49:e3:10:a3:2b:a6:c7:39:64:2d:b1:3a:25:
66:c8:95:55:49:a5:0b:cf:10:4e:f9:81:35:34:4f:5f:3f:ec:
83:fb:72:17:a3:dd:f3:9a:7a:af:04:25:cc:59:e9:ba:87:46:
e5:97:2b:ab:86:5a:7d:9c:88:4b:d4:9f:b9:45:b9:b8:b3:52:
b9:46:a1:80:69:90:35:13:d3:0d:95:79:dc:52:89:2d:10:29:
b6:49:46:fc:79:e0:60:12:ca:1b:33:6e:55:78:1d:ae:47:9a:
14:76:cd:f3:d1:af:8d:ba:27:3c:e1:b7:b1:15:37:96:22:f4:
c6:f7:09:1b:05:e5:ef:e1:65:0f:0d:b0:63:a0:a7:8a:e7:b7:
e7:ce:5c:bd:0e:12:f1:d6:b2:cd:1d:33:12:24:d2:4d:ea:e9:
06:c1:56:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZtkJ5ekwZlMFXCpL3LNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjA0Yjc4YjJlZWRmOTk4ZWRkNWNjMWU4ODY3MWM4ZDEw
ZjE4NjUwHhcNMjMwMTAxMjIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJkZGI0ZTMxNjJhZjBmN2Q3YmE2ZjE2MmNmMzEyODc0NTQwMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2V88pAo5jDZBjfqDq0YYhf8/V62
fM0zqpx5JEAfl7flhcawh8dexsGXkBi9nEaoSncDJ44G3mrvu37maItFidLXQJ5B
kfkEnWMGR7PgXQBVvtxGfzT11M9xUurwS6oYQjcqCuWunDIOcinFPsW1OyFWWqQf
XcTXUXe0+JWA4wNDTQYhKdQLSjmmvudRLZqMHggrdTJefZzrJ181LWk2ic1krpMd
7dIqxXiDhLPf+rYa+Yy1coF06FA0PCHnL9KjoFkCE3Nf/WN+azt0Dnt2pbw++SWv
w/mnE8f9scDY+TLpcpQKXswmI1h5wt4UT564DhhKnCR1+9rxno07dRxPyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEt204xYq8PfXum8WLPMSh0VAAJMB8GA1UdIwQY
MBaAFMfwS3iy7t+Zjt1cweiGccjRDxhlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzct
ZjQzNzgzOTA5NWQxLzEvRVMzYlRqRmlydzk5ZTZieFlzOHhLSFJVQUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQx
LzEveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwnJSMA0G
CSqGSIb3DQEBCwUAA4IBAQB8i8eYSAjK9XRXcHkOoPMwCTtAzKarGLbhVA0x0i9z
tP7PXjEV3Jfd7MGnfxO5T6JcUGpLkoIkzo5llK4qL/3711AdoBUyVCWUbjoSxS5A
Q2ZZrDuW7JT96LzO3VBk0EnjEKMrpsc5ZC2xOiVmyJVVSaULzxBO+YE1NE9fP+yD
+3IXo93zmnqvBCXMWem6h0bllyurhlp9nIhL1J+5Rbm4s1K5RqGAaZA1E9MNlXnc
UoktECm2SUb8eeBgEsobM25VeB2uR5oUds3z0a+Nuic84bexFTeWIvTG9wkbBeXv
4WUPDbBjoKeK57fnzly9DhLx1rLNHTMSJNJN6ukGwVap
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:17 2025 by rpki-client