Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/ricsBRmouNKNnkiVjgd5oUKOEBk.roa
File: ricsBRmouNKNnkiVjgd5oUKOEBk.roa (raw, json)
Hash identifier: yzfEKVX4ixqmZI/LDsHbkHuTmtmF84fwh8OQcGsAHdI=
Subject key identifier: AE:27:2C:05:19:A8:B8:D2:8D:9E:48:95:8E:07:79:A1:42:8E:10:19
Certificate issuer: /CN=7934f7ee5d04a026223c3aa31912bf610d00db7b
Certificate serial: 018572310E6F8935EFFBBDE239EA567F4AD9
Authority key identifier: 79:34:F7:EE:5D:04:A0:26:22:3C:3A:A3:19:12:BF:61:0D:00:DB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/ricsBRmouNKNnkiVjgd5oUKOEBk.roa
Signing time: Mon 02 Jan 2023 11:14:55 +0000
ROA not before: Mon 02 Jan 2023 11:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48152
IP address blocks: 194.88.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:0e:6f:89:35:ef:fb:bd:e2:39:ea:56:7f:4a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7934f7ee5d04a026223c3aa31912bf610d00db7b
Validity
Not Before: Jan 2 11:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae272c0519a8b8d28d9e48958e0779a1428e1019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:c8:63:06:e5:90:e3:58:39:cc:7a:86:cf:
a1:d8:55:4a:95:1d:a1:6b:56:71:ea:e8:c0:17:fd:
ed:4e:02:b8:d9:a9:cc:df:24:9d:fb:d8:86:51:f3:
df:56:f4:9c:60:40:fb:e4:7f:e8:00:7d:83:28:72:
04:72:69:16:07:43:dc:7d:c0:f8:d6:66:6a:e9:63:
57:9e:cf:fb:04:ae:03:71:05:31:db:c0:21:31:40:
23:ba:93:8c:6c:b9:9c:87:ac:ea:87:68:3a:a3:1c:
a3:00:f1:65:44:ad:6b:21:33:e1:00:e7:e2:a6:3b:
70:df:d8:3b:3e:7e:c5:91:06:9c:10:18:71:0c:61:
2f:34:b4:eb:d1:46:03:24:46:98:f9:12:77:45:4b:
63:57:c9:e6:77:c9:63:ad:41:65:50:25:1d:c2:0d:
06:aa:d1:e3:69:19:5a:ea:bf:54:5e:47:24:56:89:
7d:7f:79:71:6b:93:8c:e1:28:cd:69:8b:63:66:10:
0d:a1:2c:f3:b1:7a:01:e9:f9:c2:78:2f:c5:c8:5b:
36:5e:cb:43:48:77:dc:57:07:89:ea:a8:82:47:99:
15:e2:f2:1e:08:37:f8:83:f9:7c:ee:7a:4f:03:f2:
6e:4e:c2:a9:07:4c:cd:3c:05:99:1b:f5:f1:11:d6:
47:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:27:2C:05:19:A8:B8:D2:8D:9E:48:95:8E:07:79:A1:42:8E:10:19
X509v3 Authority Key Identifier:
keyid:79:34:F7:EE:5D:04:A0:26:22:3C:3A:A3:19:12:BF:61:0D:00:DB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/ricsBRmouNKNnkiVjgd5oUKOEBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/eTT37l0EoCYiPDqjGRK_YQ0A23s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.0.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:f2:d8:21:e3:3b:cd:a1:a9:03:03:c8:c6:25:cf:88:5a:5f:
70:c5:a0:f7:11:8f:6e:f8:1d:93:76:ca:a9:d1:4c:19:b6:5d:
c7:62:d0:90:83:d6:8a:ca:04:8a:d7:9f:93:1a:ef:c3:63:5a:
9c:b0:e5:3a:3d:00:f6:e1:5d:0f:f6:79:6f:b5:77:ef:6e:8b:
ad:0a:fc:c2:8b:2d:a0:c5:22:f8:9d:1d:ce:cd:38:48:a7:f2:
02:01:30:f7:75:93:f5:4f:3f:86:aa:20:03:50:5f:91:26:ec:
11:a2:b9:81:28:37:e4:b1:a6:4b:f4:43:96:24:a5:d0:cb:94:
4f:62:40:53:b4:ad:9b:df:1d:93:1f:af:66:46:29:c1:6c:13:
75:f8:fc:4a:c2:34:b4:f1:d0:67:ee:8a:ae:70:75:18:71:1d:
8d:27:0e:17:f5:a0:86:97:51:ab:c5:92:25:fd:42:2b:76:09:
86:b2:dc:1e:e2:85:c0:de:85:51:bf:1f:41:ee:b6:9f:ea:a5:
01:72:2b:21:2b:d4:3d:28:20:5b:cf:c1:67:57:cc:c3:a5:d6:
34:5a:99:bf:06:7d:a7:6c:6a:d3:94:08:9b:95:2d:e0:20:b1:
88:18:27:df:9b:bb:0a:ff:b5:7d:42:4e:1f:a2:5d:95:be:72:
61:d7:41:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMQ5viTXv+73iOepWf0rZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzRmN2VlNWQwNGEwMjYyMjNjM2FhMzE5MTJiZjYxMGQw
MGRiN2IwHhcNMjMwMTAyMTExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTI3MmMwNTE5YThiOGQyOGQ5ZTQ4OTU4ZTA3NzlhMTQyOGUxMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMDIYwblkONYOcx6hs+h2FVKlR2h
a1Zx6ujAF/3tTgK42anM3ySd+9iGUfPfVvScYED75H/oAH2DKHIEcmkWB0PcfcD4
1mZq6WNXns/7BK4DcQUx28AhMUAjupOMbLmch6zqh2g6oxyjAPFlRK1rITPhAOfi
pjtw39g7Pn7FkQacEBhxDGEvNLTr0UYDJEaY+RJ3RUtjV8nmd8ljrUFlUCUdwg0G
qtHjaRla6r9UXkckVol9f3lxa5OM4SjNaYtjZhANoSzzsXoB6fnCeC/FyFs2XstD
SHfcVweJ6qiCR5kV4vIeCDf4g/l87npPA/JuTsKpB0zNPAWZG/XxEdZH5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4nLAUZqLjSjZ5IlY4HeaFCjhAZMB8GA1UdIwQY
MBaAFHk09+5dBKAmIjw6oxkSv2ENANt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRUMzdsMEVvQ1lpUERxakdSS19ZUTBBMjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jNjU1ODctZjNlYy00M2NlLWFiNzYt
ZjFkMzQ5ODIzNTA0LzEvcmljc0JSbW91TktObmtpVmpnZDVvVUtPRUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jNjU1ODctZjNlYy00M2NlLWFiNzYtZjFkMzQ5ODIzNTA0
LzEvZVRUMzdsMEVvQ1lpUERxakdSS19ZUTBBMjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlgAMA0G
CSqGSIb3DQEBCwUAA4IBAQCd8tgh4zvNoakDA8jGJc+IWl9wxaD3EY9u+B2Tdsqp
0UwZtl3HYtCQg9aKygSK15+TGu/DY1qcsOU6PQD24V0P9nlvtXfvboutCvzCiy2g
xSL4nR3OzThIp/ICATD3dZP1Tz+GqiADUF+RJuwRormBKDfksaZL9EOWJKXQy5RP
YkBTtK2b3x2TH69mRinBbBN1+PxKwjS08dBn7oqucHUYcR2NJw4X9aCGl1GrxZIl
/UIrdgmGstwe4oXA3oVRvx9B7raf6qUBcishK9Q9KCBbz8FnV8zDpdY0Wpm/Bn2n
bGrTlAiblS3gILGIGCffm7sK/7V9Qk4fol2VvnJh10GX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:30 2025 by rpki-client