Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/1Xx_ao7Q7o1Tchg9Aytmh8xCsN0.roa
File: 1Xx_ao7Q7o1Tchg9Aytmh8xCsN0.roa (raw, json)
Hash identifier: 5Hnj2ZHXpCZ3XvRseSRmRDpKJupJye0t1+7ISy+0jb4=
Subject key identifier: D5:7C:7F:6A:8E:D0:EE:8D:53:72:18:3D:03:2B:66:87:CC:42:B0:DD
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B0A4ECF82D55A4095822B23B0089A
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/1Xx_ao7Q7o1Tchg9Aytmh8xCsN0.roa
Signing time: Sun 01 Jan 2023 13:35:06 +0000
ROA not before: Sun 01 Jan 2023 13:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51817
IP address blocks: 194.209.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:0a:4e:cf:82:d5:5a:40:95:82:2b:23:b0:08:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d57c7f6a8ed0ee8d5372183d032b6687cc42b0dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e4:02:a5:dd:aa:8f:28:bf:c7:62:89:d9:80:
87:6e:8f:6c:46:ef:49:de:d1:f9:de:7a:fa:4c:91:
e5:85:5d:1a:82:f2:69:0d:7f:91:11:91:58:2f:7d:
6c:d4:f8:c0:4e:95:a3:4d:70:92:e4:a9:f5:af:4f:
0c:5d:c4:76:f1:aa:dd:f5:e0:41:7d:32:10:dd:92:
a1:1e:3f:7f:ab:bf:ef:8f:a7:47:e3:8a:a7:5e:f7:
9c:ec:3b:7f:40:32:67:bc:cb:98:89:6f:92:6c:9e:
ef:c4:00:02:eb:30:5f:f6:ef:0a:8f:e4:50:7c:a9:
5a:2c:c0:ca:86:67:bf:ac:e1:24:b5:16:f9:4f:7f:
6f:58:4f:d3:fd:f3:da:08:df:f7:f8:76:77:d5:96:
fd:5e:91:82:ea:5a:b9:c3:14:2d:39:e4:3f:48:3d:
14:3e:bb:5c:f9:59:05:97:cb:51:a5:82:d6:da:68:
79:49:43:0c:83:a4:1b:ac:5a:2a:03:70:10:92:3e:
d5:54:ff:98:22:46:fb:0e:40:3b:0a:68:f0:da:a6:
9b:8d:7e:8a:e4:42:ac:1d:d6:04:c5:af:23:05:ce:
70:f8:5d:2e:ad:9b:f9:7e:91:0a:5a:ac:d7:8c:b5:
09:05:ef:53:e5:3b:77:3f:a8:a0:99:65:55:b6:68:
90:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7C:7F:6A:8E:D0:EE:8D:53:72:18:3D:03:2B:66:87:CC:42:B0:DD
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/1Xx_ao7Q7o1Tchg9Aytmh8xCsN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.170.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:3e:db:8f:87:da:26:9d:ae:bd:45:2b:e8:2a:a5:62:ea:36:
63:64:59:05:0c:52:51:95:f0:14:d2:a7:a4:a6:62:9d:9f:6c:
df:04:6b:3f:5a:a2:f4:9b:02:1e:74:ab:5b:47:61:3d:79:03:
a2:45:16:99:b6:fd:a3:d2:98:8e:ee:a8:74:da:7e:3a:52:39:
8b:37:78:1f:16:d1:76:58:bb:24:e9:2b:c9:83:8c:c5:af:5a:
64:6d:05:09:da:9a:12:14:da:65:c5:5a:77:aa:e2:f4:12:7c:
c9:8c:e6:bb:8c:f1:e7:e0:44:a8:79:9d:7a:db:68:35:89:8d:
5e:be:e9:53:fb:7a:9b:5c:52:85:56:ee:ae:c6:e5:7d:5c:91:
65:e7:49:45:02:5a:33:f9:74:36:27:d9:a9:e1:9a:71:90:17:
b6:45:a0:d2:55:f5:e8:93:91:bd:df:d6:ad:7d:2c:ed:9c:14:
f6:9a:c0:89:e1:2f:f6:21:e5:06:cd:06:66:8e:35:37:f3:5f:
b6:4d:29:7c:b2:e5:4d:7d:95:5e:12:23:82:91:f9:ad:91:3a:
7a:67:89:01:98:9c:85:a9:61:08:53:fc:c3:83:36:ec:f8:e4:
46:b5:93:da:3f:17:76:34:d7:84:b5:c0:64:78:2e:82:f4:48:
e1:35:65:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiwpOz4LVWkCVgisjsAiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdjN2Y2YThlZDBlZThkNTM3MjE4M2QwMzJiNjY4N2NjNDJiMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOQCpd2qjyi/x2KJ2YCHbo9sRu9J
3tH53nr6TJHlhV0agvJpDX+REZFYL31s1PjATpWjTXCS5Kn1r08MXcR28ard9eBB
fTIQ3ZKhHj9/q7/vj6dH44qnXvec7Dt/QDJnvMuYiW+SbJ7vxAAC6zBf9u8Kj+RQ
fKlaLMDKhme/rOEktRb5T39vWE/T/fPaCN/3+HZ31Zb9XpGC6lq5wxQtOeQ/SD0U
Prtc+VkFl8tRpYLW2mh5SUMMg6QbrFoqA3AQkj7VVP+YIkb7DkA7Cmjw2qabjX6K
5EKsHdYExa8jBc5w+F0urZv5fpEKWqzXjLUJBe9T5Tt3P6igmWVVtmiQAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNV8f2qO0O6NU3IYPQMrZofMQrDdMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvMVh4X2FvN1E3bzFUY2hnOUF5dG1oOHhDc04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtGqMA0G
CSqGSIb3DQEBCwUAA4IBAQC8PtuPh9omna69RSvoKqVi6jZjZFkFDFJRlfAU0qek
pmKdn2zfBGs/WqL0mwIedKtbR2E9eQOiRRaZtv2j0piO7qh02n46UjmLN3gfFtF2
WLsk6SvJg4zFr1pkbQUJ2poSFNplxVp3quL0EnzJjOa7jPHn4ESoeZ1622g1iY1e
vulT+3qbXFKFVu6uxuV9XJFl50lFAloz+XQ2J9mp4ZpxkBe2RaDSVfXok5G939at
fSztnBT2msCJ4S/2IeUGzQZmjjU381+2TSl8suVNfZVeEiOCkfmtkTp6Z4kBmJyF
qWEIU/zDgzbs+ORGtZPaPxd2NNeEtcBkeC6C9EjhNWWC
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:34:15 2025 by rpki-client