Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee4a56-d5c9-4652-9cf1-f09462c12da4/1/1-lzf74Xpm0BGXPFnmW-o0foSFHw.roa
File: 1-lzf74Xpm0BGXPFnmW-o0foSFHw.roa (raw, json)
Hash identifier: DwSVB+e7wSIREynPW6MiPJou+hDcc7oFSNSfzpvFwso=
Subject key identifier: FA:5C:DF:EF:85:E9:9B:40:46:5C:F1:67:99:6F:A8:D1:FA:12:14:7C
Certificate issuer: /CN=a8a251140114c8fd8ad5fb45b7189aba7bc5048f
Certificate serial: 018570674B58928996421743D5ACF5698B70
Authority key identifier: A8:A2:51:14:01:14:C8:FD:8A:D5:FB:45:B7:18:9A:BA:7B:C5:04:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qKJRFAEUyP2K1ftFtxiaunvFBI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/ee4a56-d5c9-4652-9cf1-f09462c12da4/1/1-lzf74Xpm0BGXPFnmW-o0foSFHw.roa
Signing time: Mon 02 Jan 2023 02:54:55 +0000
ROA not before: Mon 02 Jan 2023 02:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198567
IP address blocks: 194.153.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:4b:58:92:89:96:42:17:43:d5:ac:f5:69:8b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8a251140114c8fd8ad5fb45b7189aba7bc5048f
Validity
Not Before: Jan 2 02:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa5cdfef85e99b40465cf167996fa8d1fa12147c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:54:49:e3:cd:36:b3:ce:cb:cc:ea:ce:95:c4:
17:e8:cf:58:03:c5:98:22:3e:63:9a:49:2c:c1:78:
0e:1b:4d:08:75:60:a1:a5:fe:79:d1:39:d0:8c:c2:
22:f5:9e:70:d8:14:fb:39:4c:cc:bd:c8:0e:c7:cb:
9c:18:bd:ce:6a:a9:10:b6:09:53:54:3e:7e:02:3b:
c2:9c:16:50:c8:50:10:20:76:2b:c3:a0:8a:e8:c5:
c5:9a:3a:79:c6:58:7b:1f:58:f3:66:a5:9a:82:2a:
71:60:2a:de:0d:93:72:ff:2d:f5:a8:ba:13:30:44:
35:12:18:3b:df:54:17:58:ff:e3:67:5c:07:25:50:
3c:9e:32:f2:16:16:97:0e:2d:4b:45:ce:ea:a3:0f:
62:04:6e:da:c6:47:e4:e4:d2:8e:e2:08:9b:e7:80:
31:03:3b:ea:c5:f4:69:90:78:96:7c:4d:ff:2d:97:
ef:54:78:8d:a8:35:9d:98:5a:9d:c4:14:a5:68:13:
52:3c:d5:28:2c:da:7e:07:b9:bb:92:91:2c:e7:f2:
fa:34:4b:13:a2:38:de:8f:c7:6a:56:49:e6:c1:97:
2c:8d:18:10:e2:57:2d:6b:9b:6c:22:b4:71:e5:38:
f6:fe:b1:e1:fb:a0:83:74:05:68:97:bc:b7:f8:b8:
1b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5C:DF:EF:85:E9:9B:40:46:5C:F1:67:99:6F:A8:D1:FA:12:14:7C
X509v3 Authority Key Identifier:
keyid:A8:A2:51:14:01:14:C8:FD:8A:D5:FB:45:B7:18:9A:BA:7B:C5:04:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qKJRFAEUyP2K1ftFtxiaunvFBI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee4a56-d5c9-4652-9cf1-f09462c12da4/1/1-lzf74Xpm0BGXPFnmW-o0foSFHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee4a56-d5c9-4652-9cf1-f09462c12da4/1/qKJRFAEUyP2K1ftFtxiaunvFBI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.184.0/24
Signature Algorithm: sha256WithRSAEncryption
73:81:ae:54:da:27:c3:10:60:ff:39:90:94:89:74:ec:07:1c:
c9:a6:61:63:ab:24:d9:f1:8e:4b:30:42:40:0e:11:6e:6b:e1:
ef:27:56:a0:9a:e7:2c:57:f1:81:db:96:89:20:d4:07:f5:e2:
f1:ad:1e:79:03:b9:a7:87:22:71:f8:10:19:77:b0:6b:c9:86:
32:cb:83:90:34:66:8c:34:c1:43:a1:2c:e3:1b:af:9e:13:53:
2f:14:8b:5d:d9:ac:1c:1a:be:47:87:7c:bb:6f:b9:f5:6b:ae:
2a:60:21:fd:4e:e1:21:45:33:70:34:64:40:c0:33:a7:5d:72:
a4:70:af:8a:bf:9d:d6:ce:06:a9:65:85:c5:65:ac:1c:02:bf:
1e:f9:36:69:d3:4e:9b:9f:b1:96:f8:8e:b8:2a:bf:33:92:c4:
94:b6:08:f2:68:1d:b7:0b:01:5d:8b:ab:c0:d6:f7:ec:2b:47:
b6:cf:27:f5:67:5f:b9:9a:2c:93:db:26:44:56:5e:d2:d8:d3:
9e:89:91:45:92:8f:15:41:ee:c9:4d:04:1c:39:1a:96:58:2f:
1c:8a:f1:7f:17:0a:5a:73:c1:66:e8:30:94:16:72:d9:8c:52:
2f:ca:60:74:7a:aa:c5:46:c2:29:bb:20:dd:63:63:d0:a6:05:
c0:72:04:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwZ0tYkomWQhdD1az1aYtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YTI1MTE0MDExNGM4ZmQ4YWQ1ZmI0NWI3MTg5YWJhN2Jj
NTA0OGYwHhcNMjMwMTAyMDI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVjZGZlZjg1ZTk5YjQwNDY1Y2YxNjc5OTZmYThkMWZhMTIxNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlRJ4802s87LzOrOlcQX6M9YA8WY
Ij5jmkkswXgOG00IdWChpf550TnQjMIi9Z5w2BT7OUzMvcgOx8ucGL3OaqkQtglT
VD5+AjvCnBZQyFAQIHYrw6CK6MXFmjp5xlh7H1jzZqWagipxYCreDZNy/y31qLoT
MEQ1Ehg731QXWP/jZ1wHJVA8njLyFhaXDi1LRc7qow9iBG7axkfk5NKO4gib54Ax
AzvqxfRpkHiWfE3/LZfvVHiNqDWdmFqdxBSlaBNSPNUoLNp+B7m7kpEs5/L6NEsT
ojjej8dqVknmwZcsjRgQ4lcta5tsIrRx5Tj2/rHh+6CDdAVol7y3+Lgb1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpc3++F6ZtARlzxZ5lvqNH6EhR8MB8GA1UdIwQY
MBaAFKiiURQBFMj9itX7RbcYmrp7xQSPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUtKUkZBRVV5UDJLMWZ0RnR4aWF1bnZGQkk4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTRhNTYtZDVjOS00NjUyLTljZjEt
ZjA5NDYyYzEyZGE0LzEvMS1semY3NFhwbTBCR1hQRm5tVy1vMGZvU0ZIdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvZWU0YTU2LWQ1YzktNDY1Mi05Y2YxLWYwOTQ2MmMxMmRh
NC8xL3FLSlJGQUVVeVAySzFmdEZ0eGlhdW52RkJJOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKZuDAN
BgkqhkiG9w0BAQsFAAOCAQEAc4GuVNonwxBg/zmQlIl07AccyaZhY6sk2fGOSzBC
QA4Rbmvh7ydWoJrnLFfxgduWiSDUB/Xi8a0eeQO5p4cicfgQGXewa8mGMsuDkDRm
jDTBQ6Es4xuvnhNTLxSLXdmsHBq+R4d8u2+59WuuKmAh/U7hIUUzcDRkQMAzp11y
pHCvir+d1s4GqWWFxWWsHAK/Hvk2adNOm5+xlviOuCq/M5LElLYI8mgdtwsBXYur
wNb37CtHts8n9WdfuZosk9smRFZe0tjTnomRRZKPFUHuyU0EHDkallgvHIrxfxcK
WnPBZugwlBZy2YxSL8pgdHqqxUbCKbsg3WNj0KYFwHIEIQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:41 2025 by rpki-client