Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/4YDT_cVUwxL-fHWI_gFi3Vh824I.roa
File: 4YDT_cVUwxL-fHWI_gFi3Vh824I.roa (raw, json)
Hash identifier: ruLj1UD5gblSH0Y2uM7nUS1T8M774ijJKcBvm6wumgQ=
Subject key identifier: E1:80:D3:FD:C5:54:C3:12:FE:7C:75:88:FE:01:62:DD:58:7C:DB:82
Certificate issuer: /CN=0781ee869d2e1c200ff8c697e2d37eaa42940a36
Certificate serial: 01856F1D8027A88389991ADC18AED6078AE8
Authority key identifier: 07:81:EE:86:9D:2E:1C:20:0F:F8:C6:97:E2:D3:7E:AA:42:94:0A:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4Huhp0uHCAP-MaX4tN-qkKUCjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/4YDT_cVUwxL-fHWI_gFi3Vh824I.roa
Signing time: Sun 01 Jan 2023 20:54:42 +0000
ROA not before: Sun 01 Jan 2023 20:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51075
IP address blocks: 193.168.219.0/24 maxlen: 24
2a10:f7c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:80:27:a8:83:89:99:1a:dc:18:ae:d6:07:8a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0781ee869d2e1c200ff8c697e2d37eaa42940a36
Validity
Not Before: Jan 1 20:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e180d3fdc554c312fe7c7588fe0162dd587cdb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7a:e1:77:f5:e1:42:a9:0f:cc:35:2a:70:1d:
11:a0:9a:0f:a6:ad:d4:7c:ad:1e:9e:6b:b7:a9:4b:
d8:ff:8e:05:58:68:60:e8:9a:2b:bf:1f:19:16:3b:
6b:58:95:ed:85:91:b4:54:ec:49:19:31:95:73:3f:
21:1b:ae:2e:ee:0f:e0:16:c3:02:a8:80:30:77:f4:
87:c7:fd:44:04:16:f8:cf:8d:af:48:42:d8:12:30:
ef:86:63:16:bf:dd:73:59:41:83:42:a8:0f:b0:ab:
15:15:cb:c5:ba:fd:de:5d:cb:bf:49:7c:49:34:2a:
af:80:44:5e:9a:8e:a6:bb:a2:42:3f:09:4e:c5:c4:
f7:2a:0b:35:93:b9:76:00:7c:80:9b:e1:19:5e:d3:
a4:7d:37:fe:4b:ab:7a:10:bd:e4:9e:ef:2b:10:00:
25:33:95:66:db:49:e5:7c:7a:7b:13:db:c0:05:7e:
c2:b5:97:61:33:12:78:0f:b2:09:7d:62:03:c9:74:
d0:1c:27:db:ff:e6:8e:27:44:e1:42:21:df:62:94:
a7:51:84:13:d6:de:c4:0e:85:2a:1f:0d:a0:f1:19:
63:81:12:0e:3f:ae:aa:ee:86:f6:3a:d8:03:d1:4f:
cf:7e:e1:a9:89:0c:94:71:40:0d:27:68:2f:7c:0c:
4f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:80:D3:FD:C5:54:C3:12:FE:7C:75:88:FE:01:62:DD:58:7C:DB:82
X509v3 Authority Key Identifier:
keyid:07:81:EE:86:9D:2E:1C:20:0F:F8:C6:97:E2:D3:7E:AA:42:94:0A:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4Huhp0uHCAP-MaX4tN-qkKUCjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/4YDT_cVUwxL-fHWI_gFi3Vh824I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/B4Huhp0uHCAP-MaX4tN-qkKUCjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.219.0/24
IPv6:
2a10:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:83:11:04:82:4f:03:c5:13:f9:fe:4b:e4:19:20:52:b6:c3:
9b:91:b2:e8:aa:7c:fe:bd:26:be:08:84:f7:3a:b2:33:5a:35:
0a:e4:c3:56:ec:83:8b:0b:14:8f:97:95:a9:d9:ce:9c:ed:8a:
ff:8e:4e:f7:23:ec:91:ab:fa:bf:dd:44:94:f3:3b:15:7d:05:
e2:21:18:cb:81:85:ef:61:86:ad:04:33:43:19:f9:e0:74:dc:
13:3b:e3:7d:2c:0c:f2:0f:91:69:7d:4c:6d:32:9b:45:4c:bd:
86:87:94:bc:27:b8:7c:fe:0a:78:9c:49:2d:e0:19:a7:87:84:
cc:b0:5d:1a:a1:0c:4a:45:03:34:fd:63:a0:82:11:4e:75:01:
21:b9:61:fd:09:cd:d9:ba:38:d7:6c:03:2e:06:bb:62:bd:0d:
9d:b9:0d:0d:40:ac:72:b1:76:61:5e:dc:de:7d:a5:de:b5:1a:
5b:ad:79:20:86:c5:9d:ca:84:da:e9:6a:39:56:62:09:96:b1:
ae:bd:de:9c:46:95:11:58:1a:e9:04:c7:11:4a:d4:28:9a:97:
d6:be:ea:42:26:9d:7c:04:97:1d:02:b5:bb:2b:9a:6e:93:e5:
3b:67:d6:04:8c:c4:cc:04:65:bd:61:eb:a7:3d:38:77:d4:ee:
57:c3:45:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHYAnqIOJmRrcGK7WB4roMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ODFlZTg2OWQyZTFjMjAwZmY4YzY5N2UyZDM3ZWFhNDI5
NDBhMzYwHhcNMjMwMTAxMjA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTgwZDNmZGM1NTRjMzEyZmU3Yzc1ODhmZTAxNjJkZDU4N2NkYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHrhd/XhQqkPzDUqcB0RoJoPpq3U
fK0enmu3qUvY/44FWGhg6Jorvx8ZFjtrWJXthZG0VOxJGTGVcz8hG64u7g/gFsMC
qIAwd/SHx/1EBBb4z42vSELYEjDvhmMWv91zWUGDQqgPsKsVFcvFuv3eXcu/SXxJ
NCqvgERemo6mu6JCPwlOxcT3Kgs1k7l2AHyAm+EZXtOkfTf+S6t6EL3knu8rEAAl
M5Vm20nlfHp7E9vABX7CtZdhMxJ4D7IJfWIDyXTQHCfb/+aOJ0ThQiHfYpSnUYQT
1t7EDoUqHw2g8RljgRIOP66q7ob2OtgD0U/PfuGpiQyUcUANJ2gvfAxPhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGA0/3FVMMS/nx1iP4BYt1YfNuCMB8GA1UdIwQY
MBaAFAeB7oadLhwgD/jGl+LTfqpClAo2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRIdWhwMHVIQ0FQLU1hWDR0Ti1xa0tVQ2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81NjQ1ZDItNzIyNC00ZDEwLTgyYmYt
M2U3NTA1MWI4ZWFjLzEvNFlEVF9jVlV3eEwtZkhXSV9nRmkzVmg4MjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81NjQ1ZDItNzIyNC00ZDEwLTgyYmYtM2U3NTA1MWI4ZWFj
LzEvQjRIdWhwMHVIQ0FQLU1hWDR0Ti1xa0tVQ2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwajbMA0E
AgACMAcDBQMqEPfAMA0GCSqGSIb3DQEBCwUAA4IBAQBLgxEEgk8DxRP5/kvkGSBS
tsObkbLoqnz+vSa+CIT3OrIzWjUK5MNW7IOLCxSPl5Wp2c6c7Yr/jk73I+yRq/q/
3USU8zsVfQXiIRjLgYXvYYatBDNDGfngdNwTO+N9LAzyD5FpfUxtMptFTL2Gh5S8
J7h8/gp4nEkt4Bmnh4TMsF0aoQxKRQM0/WOgghFOdQEhuWH9Cc3ZujjXbAMuBrti
vQ2duQ0NQKxysXZhXtzefaXetRpbrXkghsWdyoTa6Wo5VmIJlrGuvd6cRpURWBrp
BMcRStQompfWvupCJp18BJcdArW7K5puk+U7Z9YEjMTMBGW9YeunPTh31O5Xw0VX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:23 2025 by rpki-client