Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/eabb9a-9a07-4867-970b-2b1da624f7bc/1/3HsjDZWzUg_aTTQkd1hEjc2Ltl0.roa
File: 3HsjDZWzUg_aTTQkd1hEjc2Ltl0.roa (raw, json)
Hash identifier: KmeJoYQtGS78L7QqfOD6wJ0LVqNTPfuY1x9CRgPWuSk=
Subject key identifier: DC:7B:23:0D:95:B3:52:0F:DA:4D:34:24:77:58:44:8D:CD:8B:B6:5D
Certificate issuer: /CN=b60aac104376b79dd6829091947b779c989af68b
Certificate serial: 01856BEEC1567F2AA8567EAEBF7B563586DD
Authority key identifier: B6:0A:AC:10:43:76:B7:9D:D6:82:90:91:94:7B:77:9C:98:9A:F6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tgqsEEN2t53WgpCRlHt3nJia9os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/eabb9a-9a07-4867-970b-2b1da624f7bc/1/3HsjDZWzUg_aTTQkd1hEjc2Ltl0.roa
Signing time: Sun 01 Jan 2023 06:04:47 +0000
ROA not before: Sun 01 Jan 2023 06:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29551
IP address blocks: 194.153.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:c1:56:7f:2a:a8:56:7e:ae:bf:7b:56:35:86:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60aac104376b79dd6829091947b779c989af68b
Validity
Not Before: Jan 1 06:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc7b230d95b3520fda4d34247758448dcd8bb65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b2:72:e1:74:61:bc:96:16:a0:cd:a3:22:43:
0a:3a:b7:23:cc:8d:ec:e2:ff:88:b9:cd:5c:e5:b9:
02:48:2e:45:de:00:2b:91:ab:a5:86:12:f3:1e:68:
0e:36:a3:6a:42:b0:ca:a4:f3:ff:b1:53:e6:bf:09:
28:f1:ba:5a:62:0b:9f:59:93:9d:29:98:1e:9f:3a:
4c:3d:e3:ee:17:b1:ed:46:98:2b:9e:ef:34:7d:e1:
dc:f0:53:57:57:0e:f3:f6:1c:8f:04:06:8c:a2:86:
0d:bc:1a:cf:f9:16:04:e3:fd:17:7c:87:9e:f4:ef:
cb:8e:8e:b7:7b:34:3f:eb:44:55:ec:d4:74:a4:12:
a8:2d:ec:5b:5e:89:61:8d:d0:95:27:81:34:e9:4a:
2c:31:8a:41:6a:91:e4:29:a3:d2:f8:46:98:bb:07:
6b:52:ea:23:b4:b5:df:5c:0b:2f:bb:cd:0a:3a:99:
4a:74:58:33:0d:23:3e:ef:1f:e4:08:9c:c6:d3:54:
27:87:d8:08:2a:71:41:53:35:13:50:ac:98:4c:58:
75:9f:85:cc:17:2e:d0:8d:4d:96:91:8b:40:9f:43:
d8:40:df:2f:76:ce:a5:5f:94:8b:cb:23:95:a5:49:
a0:78:07:71:79:e6:69:a3:09:12:04:2c:ad:f5:55:
e5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7B:23:0D:95:B3:52:0F:DA:4D:34:24:77:58:44:8D:CD:8B:B6:5D
X509v3 Authority Key Identifier:
keyid:B6:0A:AC:10:43:76:B7:9D:D6:82:90:91:94:7B:77:9C:98:9A:F6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgqsEEN2t53WgpCRlHt3nJia9os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eabb9a-9a07-4867-970b-2b1da624f7bc/1/3HsjDZWzUg_aTTQkd1hEjc2Ltl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eabb9a-9a07-4867-970b-2b1da624f7bc/1/tgqsEEN2t53WgpCRlHt3nJia9os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.87.0/24
Signature Algorithm: sha256WithRSAEncryption
69:0d:94:14:0a:d6:73:f7:7f:a8:72:06:77:30:45:84:1e:e6:
ce:92:e9:80:14:f3:e3:01:f3:57:71:e2:9d:ab:e6:cb:f6:d7:
3c:53:66:5c:95:95:25:1a:56:e1:04:7c:65:fc:ea:64:88:7c:
df:32:81:8c:6f:60:66:ab:f6:9b:53:38:2c:38:a7:96:7e:ca:
5a:cb:50:d9:91:5f:b1:c4:07:cd:ce:0a:ba:9a:ca:56:f4:ca:
02:4d:7f:82:82:43:39:a0:57:ac:0a:d9:fa:c2:a9:55:42:55:
22:9b:cb:4c:f2:ae:27:7e:aa:9b:2f:7b:b6:88:fe:74:77:c5:
35:4b:87:ac:44:a1:00:31:9b:a6:c6:5a:b3:e1:90:89:81:2f:
5b:a8:3e:7c:b2:f8:94:69:ad:a2:1e:9b:aa:01:69:41:96:d3:
4c:f8:02:29:eb:5f:00:a7:b4:c9:95:c8:31:07:ed:7d:42:cc:
32:bb:f7:78:bc:25:a2:08:0c:3f:fe:4c:92:22:63:1b:41:45:
cf:c3:6e:e5:2c:b4:51:ba:0e:a5:27:f7:3a:88:29:ae:fc:33:
29:e7:49:c2:10:93:f0:32:e5:11:f7:f7:47:6d:3b:7a:8c:e1:
39:56:82:38:23:4f:5c:51:3f:d9:40:d1:a9:5d:39:6b:d3:f3:
ce:25:c9:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sFWfyqoVn6uv3tWNYbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MGFhYzEwNDM3NmI3OWRkNjgyOTA5MTk0N2I3NzljOTg5
YWY2OGIwHhcNMjMwMTAxMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdiMjMwZDk1YjM1MjBmZGE0ZDM0MjQ3NzU4NDQ4ZGNkOGJiNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7Jy4XRhvJYWoM2jIkMKOrcjzI3s
4v+Iuc1c5bkCSC5F3gArkaulhhLzHmgONqNqQrDKpPP/sVPmvwko8bpaYgufWZOd
KZgenzpMPePuF7HtRpgrnu80feHc8FNXVw7z9hyPBAaMooYNvBrP+RYE4/0XfIee
9O/Ljo63ezQ/60RV7NR0pBKoLexbXolhjdCVJ4E06UosMYpBapHkKaPS+EaYuwdr
UuojtLXfXAsvu80KOplKdFgzDSM+7x/kCJzG01Qnh9gIKnFBUzUTUKyYTFh1n4XM
Fy7QjU2WkYtAn0PYQN8vds6lX5SLyyOVpUmgeAdxeeZpowkSBCyt9VXlawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNx7Iw2Vs1IP2k00JHdYRI3Ni7ZdMB8GA1UdIwQY
MBaAFLYKrBBDdred1oKQkZR7d5yYmvaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGdxc0VFTjJ0NTNXZ3BDUmxIdDNuSmlhOW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9lYWJiOWEtOWEwNy00ODY3LTk3MGIt
MmIxZGE2MjRmN2JjLzEvM0hzakRaV3pVZ19hVFRRa2QxaEVqYzJMdGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9lYWJiOWEtOWEwNy00ODY3LTk3MGItMmIxZGE2MjRmN2Jj
LzEvdGdxc0VFTjJ0NTNXZ3BDUmxIdDNuSmlhOW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwplXMA0G
CSqGSIb3DQEBCwUAA4IBAQBpDZQUCtZz93+ocgZ3MEWEHubOkumAFPPjAfNXceKd
q+bL9tc8U2ZclZUlGlbhBHxl/OpkiHzfMoGMb2Bmq/abUzgsOKeWfspay1DZkV+x
xAfNzgq6mspW9MoCTX+CgkM5oFesCtn6wqlVQlUim8tM8q4nfqqbL3u2iP50d8U1
S4esRKEAMZumxlqz4ZCJgS9bqD58sviUaa2iHpuqAWlBltNM+AIp618Ap7TJlcgx
B+19Qswyu/d4vCWiCAw//kySImMbQUXPw27lLLRRug6lJ/c6iCmu/DMp50nCEJPw
MuUR9/dHbTt6jOE5VoI4I09cUT/ZQNGpXTlr0/POJcnB
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:21:43 2025 by rpki-client