Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/aMjLf2bOw5Yt5-L5jT6CSEXdZB0.roa
File: aMjLf2bOw5Yt5-L5jT6CSEXdZB0.roa (raw, json)
Hash identifier: XT8voTgvvgvg449rfeXNVeRcIVxOf8Z7RP8HUYiDCU8=
Subject key identifier: 68:C8:CB:7F:66:CE:C3:96:2D:E7:E2:F9:8D:3E:82:48:45:DD:64:1D
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50E40BFC
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/aMjLf2bOw5Yt5-L5jT6CSEXdZB0.roa
Signing time: Sat 01 Jan 2022 16:01:56 +0000
ROA not before: Sat 01 Jan 2022 16:01:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203042
IP address blocks: 194.209.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1357122556 (0x50e40bfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68c8cb7f66cec3962de7e2f98d3e824845dd641d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:60:2e:cb:a8:96:6a:26:1e:a2:f0:81:10:59:
0e:0c:55:ea:78:a3:e6:ad:1b:12:b4:3d:09:ac:2a:
6d:c3:50:81:92:a9:ad:d7:9d:a0:ac:b7:3f:b3:aa:
49:55:5d:11:b3:b5:c7:e5:2b:2b:05:63:3e:74:6c:
82:98:f3:2b:8e:2c:fa:f2:fe:de:48:ae:c9:a3:18:
45:f0:d5:5b:f2:4d:2b:47:f6:fb:ad:90:5e:de:5a:
0b:f9:12:df:d6:99:61:88:ef:db:a8:e9:62:ee:0c:
a0:96:74:2c:55:4b:35:44:a7:8e:d3:cb:92:52:64:
40:82:f4:2d:06:c7:29:27:4a:03:33:18:58:6e:98:
87:9c:28:93:66:6e:c3:3a:ac:6b:1e:4b:4f:f3:97:
26:74:d0:fa:4e:66:a8:42:24:3f:a9:9c:df:82:00:
af:f8:57:8e:9c:d2:f0:dc:62:92:63:ba:a0:a6:19:
46:4e:aa:50:10:31:bc:f5:1a:17:a9:8d:5f:fb:a5:
e6:d0:ad:35:86:da:9e:c8:c5:a1:42:ea:48:2e:b7:
f4:86:ab:cc:6a:c4:81:46:58:0f:21:d9:40:ec:90:
32:7c:4c:f9:4f:7c:5b:c4:bb:54:6d:07:9c:39:54:
23:b8:fc:ba:87:da:ee:cb:80:65:f6:29:73:0f:76:
1c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C8:CB:7F:66:CE:C3:96:2D:E7:E2:F9:8D:3E:82:48:45:DD:64:1D
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/aMjLf2bOw5Yt5-L5jT6CSEXdZB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.64.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ac:bd:98:6f:1a:95:b1:e2:92:49:77:dd:a6:76:65:31:55:
d2:22:8d:e9:37:e4:10:b5:16:7a:7f:9b:3b:43:be:95:df:16:
01:fd:5a:26:d4:1c:92:61:08:0c:fe:c4:64:00:e8:24:16:26:
64:28:82:3c:1a:bc:15:be:e7:9c:d9:1e:97:bb:da:97:32:cf:
9f:e2:3a:88:46:a3:04:f9:d9:a4:a6:71:b0:71:66:f8:c6:de:
dc:dd:5a:c1:28:6c:24:0d:ca:3c:be:6e:6f:4a:4a:49:06:f0:
5d:9d:91:82:36:02:02:68:b9:8a:be:64:1e:7f:28:af:13:9a:
d3:78:bb:1f:14:77:f0:a2:e2:52:ca:f3:d3:f3:02:9d:94:e0:
ce:32:1f:d3:3e:6d:e5:f2:57:0b:65:81:38:82:1d:e4:7a:9a:
93:ff:0b:19:a3:ce:b9:50:bc:69:5f:fc:dd:08:0e:7b:5d:86:
8a:a0:3a:26:ec:db:ee:cb:b7:df:e5:01:40:9f:4f:5a:d6:ba:
bd:2d:d4:ee:0f:c5:10:70:47:3e:5c:54:4d:80:a6:0e:fc:f5:
7b:c4:35:56:67:d5:70:fa:35:5c:63:c3:6e:b8:57:6b:92:fe:
e2:60:a1:98:e4:a9:11:88:3c:b6:dc:a6:2a:15:8d:7f:96:ed:
76:e4:0b:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEUOQL/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhjOGNiN2Y2NmNl
YzM5NjJkZTdlMmY5OGQzZTgyNDg0NWRkNjQxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFgLsuolmomHqLwgRBZDgxV6nij5q0bErQ9CawqbcNQgZKp
rdedoKy3P7OqSVVdEbO1x+UrKwVjPnRsgpjzK44s+vL+3kiuyaMYRfDVW/JNK0f2
+62QXt5aC/kS39aZYYjv26jpYu4MoJZ0LFVLNUSnjtPLklJkQIL0LQbHKSdKAzMY
WG6Yh5wok2Zuwzqsax5LT/OXJnTQ+k5mqEIkP6mc34IAr/hXjpzS8NxikmO6oKYZ
Rk6qUBAxvPUaF6mNX/ul5tCtNYbansjFoULqSC639IarzGrEgUZYDyHZQOyQMnxM
+U98W8S7VG0HnDlUI7j8uofa7suAZfYpcw92HGsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoyMt/Zs7Dli3n4vmNPoJIRd1kHTAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L2FNakxmMmJPdzVZdDUtTDVqVDZDU0VYZFpCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMLRQDANBgkqhkiG9w0BAQsFAAOC
AQEATay9mG8albHikkl33aZ2ZTFV0iKN6TfkELUWen+bO0O+ld8WAf1aJtQckmEI
DP7EZADoJBYmZCiCPBq8Fb7nnNkel7valzLPn+I6iEajBPnZpKZxsHFm+Mbe3N1a
wShsJA3KPL5ub0pKSQbwXZ2RgjYCAmi5ir5kHn8orxOa03i7HxR38KLiUsrz0/MC
nZTgzjIf0z5t5fJXC2WBOIId5Hqak/8LGaPOuVC8aV/83QgOe12GiqA6Juzb7su3
3+UBQJ9PWta6vS3U7g/FEHBHPlxUTYCmDvz1e8Q1VmfVcPo1XGPDbrhXa5L+4mCh
mOSpEYg8ttymKhWNf5btduQLSA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:36:54 2025 by rpki-client