Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/dCxnxFwqv-kVduFQUr-aqcFTlAk.roa
File: dCxnxFwqv-kVduFQUr-aqcFTlAk.roa (raw, json)
Hash identifier: QsxS/mNZfHA2v7njpH93Wd0oDYw5eCY+/7SeH+s5RMs=
Subject key identifier: 74:2C:67:C4:5C:2A:BF:E9:15:76:E1:50:52:BF:9A:A9:C1:53:94:09
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B14636AA57A65FE53548F2778692E
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/dCxnxFwqv-kVduFQUr-aqcFTlAk.roa
Signing time: Sun 01 Jan 2023 13:35:09 +0000
ROA not before: Sun 01 Jan 2023 13:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205815
IP address blocks: 194.209.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:14:63:6a:a5:7a:65:fe:53:54:8f:27:78:69:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=742c67c45c2abfe91576e15052bf9aa9c1539409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3c:4b:05:d9:6f:e9:07:de:07:69:cb:05:66:
0a:67:7d:50:4d:08:e6:75:c0:da:bc:d7:81:a5:0c:
4e:f3:75:3a:c4:4d:0f:87:1e:91:d6:a1:9d:9f:63:
2b:d3:b9:a2:17:24:1c:cf:3a:94:cb:e0:ad:78:a5:
88:14:5a:2d:e9:a6:d1:32:d2:7f:9e:32:63:cd:ef:
35:14:27:c1:ff:c8:1f:00:79:b1:b5:49:9e:26:8f:
b5:5c:6b:7f:b9:c2:90:8a:ee:cc:93:23:d1:4f:2e:
12:ea:60:d7:f2:a4:e1:de:13:55:cf:7d:84:f1:54:
98:25:ed:cd:ed:40:9e:47:62:9b:15:0f:da:c0:2f:
79:07:df:d9:35:b7:5a:ae:1b:13:5c:d1:3e:1d:f7:
52:23:d1:a8:43:76:1c:57:1a:0e:2c:8a:d1:4c:01:
3b:51:6e:2a:c3:4a:ea:9f:75:41:2b:32:77:64:8a:
2e:91:ab:08:75:f6:5e:60:02:2f:27:c9:da:ad:05:
60:3b:dd:5c:80:0e:53:a3:aa:bb:42:1e:fc:16:cc:
93:d3:41:05:84:77:6a:e9:83:78:dc:93:7c:42:4f:
02:53:ec:e8:16:11:5b:17:91:d8:46:06:cc:0c:af:
55:05:7f:3b:4d:85:f6:f9:34:c9:15:d4:69:39:e6:
36:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2C:67:C4:5C:2A:BF:E9:15:76:E1:50:52:BF:9A:A9:C1:53:94:09
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/dCxnxFwqv-kVduFQUr-aqcFTlAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.121.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9d:89:cd:38:f1:98:96:6e:1f:63:5d:ec:9b:ad:8e:87:1c:
e0:5e:6f:c5:2f:ac:80:1c:2d:a2:34:fe:74:fd:de:d8:47:d8:
14:f2:ef:3e:38:58:91:5e:74:00:cc:0c:ff:2d:f0:1d:bb:6e:
d3:12:9b:1f:dc:b5:e7:42:21:43:79:fc:60:0b:6b:ee:b8:96:
f1:e3:0b:c5:24:aa:62:d1:4a:9c:c9:5e:b7:1c:56:b7:49:b0:
e5:35:49:b3:95:73:a6:57:70:32:28:47:51:9e:4f:27:c4:f0:
4b:23:03:e1:24:d4:b9:a6:8f:57:60:43:e8:bc:27:f2:de:4f:
ed:0a:0c:91:7c:54:e7:4a:a7:1a:8a:ce:5e:e8:06:42:74:7d:
d0:6f:ee:57:de:1c:2f:9c:f3:b3:ac:b2:79:fa:f2:e1:d5:ce:
66:ab:ff:db:9f:de:b5:c8:5f:36:66:2c:6c:4a:ab:aa:10:1f:
3b:d5:8b:33:29:dd:d8:f5:0f:40:c4:5c:47:aa:fa:b9:7d:9d:
14:d0:3f:c2:76:6f:60:62:8e:a0:80:e9:bd:f9:32:2c:1c:28:
c3:ac:01:42:12:92:01:c5:46:fa:24:53:52:b2:7c:f2:d5:de:
cf:43:4b:ad:5f:76:d8:ae:d6:d2:dd:88:72:f1:52:e2:c1:e4:
f4:be:6d:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtixRjaqV6Zf5TVI8neGkuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDJjNjdjNDVjMmFiZmU5MTU3NmUxNTA1MmJmOWFhOWMxNTM5NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojxLBdlv6QfeB2nLBWYKZ31QTQjm
dcDavNeBpQxO83U6xE0Phx6R1qGdn2Mr07miFyQczzqUy+CteKWIFFot6abRMtJ/
njJjze81FCfB/8gfAHmxtUmeJo+1XGt/ucKQiu7MkyPRTy4S6mDX8qTh3hNVz32E
8VSYJe3N7UCeR2KbFQ/awC95B9/ZNbdarhsTXNE+HfdSI9GoQ3YcVxoOLIrRTAE7
UW4qw0rqn3VBKzJ3ZIoukasIdfZeYAIvJ8narQVgO91cgA5To6q7Qh78FsyT00EF
hHdq6YN43JN8Qk8CU+zoFhFbF5HYRgbMDK9VBX87TYX2+TTJFdRpOeY2JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQsZ8RcKr/pFXbhUFK/mqnBU5QJMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvZEN4bnhGd3F2LWtWZHVGUVVyLWFxY0ZUbEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtF5MA0G
CSqGSIb3DQEBCwUAA4IBAQAYnYnNOPGYlm4fY13sm62OhxzgXm/FL6yAHC2iNP50
/d7YR9gU8u8+OFiRXnQAzAz/LfAdu27TEpsf3LXnQiFDefxgC2vuuJbx4wvFJKpi
0UqcyV63HFa3SbDlNUmzlXOmV3AyKEdRnk8nxPBLIwPhJNS5po9XYEPovCfy3k/t
CgyRfFTnSqcais5e6AZCdH3Qb+5X3hwvnPOzrLJ5+vLh1c5mq//bn961yF82Zixs
SquqEB871YszKd3Y9Q9AxFxHqvq5fZ0U0D/Cdm9gYo6ggOm9+TIsHCjDrAFCEpIB
xUb6JFNSsnzy1d7PQ0utX3bYrtbS3Yhy8VLiweT0vm2J
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:32:46 2025 by rpki-client