Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/9ss8c0qnRu76C0AnUxYXKE71AU8.roa
File: 9ss8c0qnRu76C0AnUxYXKE71AU8.roa (raw, json)
Hash identifier: 1GcUaWAqAC2hS3CulRQQ3AoRUNlj3RBqvpZ5oax6yzw=
Subject key identifier: F6:CB:3C:73:4A:A7:46:EE:FA:0B:40:27:53:16:17:28:4E:F5:01:4F
Certificate issuer: /CN=db375e16a19367de99bb24ac115d259a2a0481ac
Certificate serial: 01856C412C848753E13979229585AE574EB0
Authority key identifier: DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/9ss8c0qnRu76C0AnUxYXKE71AU8.roa
Signing time: Sun 01 Jan 2023 07:34:48 +0000
ROA not before: Sun 01 Jan 2023 07:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 194.102.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:2c:84:87:53:e1:39:79:22:95:85:ae:57:4e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db375e16a19367de99bb24ac115d259a2a0481ac
Validity
Not Before: Jan 1 07:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6cb3c734aa746eefa0b4027531617284ef5014f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f6:a5:1d:35:77:17:0f:1f:26:6c:c3:76:35:
6c:b3:4d:ba:3e:14:56:c9:25:a1:0e:74:0c:83:14:
a8:3d:1c:6a:20:1e:3d:c6:97:51:3b:c2:6c:7a:82:
f3:ad:ee:1b:cc:44:be:33:00:2d:e7:5d:a6:dc:3a:
aa:1c:e1:7e:77:35:cb:c7:f1:13:b0:f6:63:a5:bf:
8f:c7:87:56:89:23:fd:49:98:6c:29:76:23:14:81:
37:52:79:ab:6c:fd:5c:5b:af:3a:86:cc:00:4f:50:
6d:15:ff:f3:e3:0d:96:cd:5f:9e:a0:48:b3:6d:31:
4f:17:0d:47:cc:31:5d:63:30:d7:ec:cc:dc:33:0e:
6b:11:b0:42:90:40:ef:cb:5e:4b:f3:ce:55:5b:e8:
2d:b6:b2:ef:c4:86:45:0d:39:16:3e:46:ba:9c:6e:
40:a3:e4:c4:30:78:b2:56:84:2f:4c:19:2c:e1:02:
20:d5:90:e0:9e:ac:05:3e:9e:3a:7a:c1:b1:41:96:
22:79:88:0d:0f:d4:01:38:ea:8a:f9:85:a2:13:2d:
46:bc:20:72:26:97:e5:c0:a8:41:5d:1f:22:af:df:
32:c1:5e:dc:0d:7b:db:b9:b1:45:b7:eb:ae:82:b2:
47:35:19:29:57:ed:6f:63:03:b4:d0:d0:db:26:1d:
b4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:CB:3C:73:4A:A7:46:EE:FA:0B:40:27:53:16:17:28:4E:F5:01:4F
X509v3 Authority Key Identifier:
keyid:DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/9ss8c0qnRu76C0AnUxYXKE71AU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.190.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c2:b0:13:e2:df:16:13:66:a6:ba:d2:ed:4d:23:e5:a9:aa:
bd:b6:ba:6d:21:9e:de:b6:b3:30:77:e6:46:f0:52:5e:7d:af:
45:d3:35:4b:07:e0:06:74:9d:ca:da:cc:de:76:05:be:95:21:
87:ac:69:15:7f:00:15:e5:1c:80:ff:89:fa:29:85:27:3a:e8:
65:77:68:20:65:13:f6:fc:7e:bb:e6:14:eb:ff:97:ee:d8:7b:
db:c6:92:e7:97:00:83:1c:ed:c1:a1:a1:b4:07:36:ea:27:93:
ed:1d:46:5f:e8:1f:31:93:91:93:73:fa:b7:fd:52:37:1a:fc:
1d:9b:a2:0b:14:aa:e8:a9:ba:72:d0:90:bf:b6:a9:7a:2b:b3:
44:35:96:d7:89:d4:e1:31:7b:05:9e:b3:aa:23:be:6e:bc:5d:
3e:6d:96:47:2f:40:80:23:f3:5d:3b:4e:59:3d:42:bb:e2:5b:
9c:6f:64:d6:62:a0:4e:6d:a3:e0:6f:56:41:7b:49:c3:40:a5:
4f:60:6b:a5:85:bb:2e:bd:ef:ae:3e:e9:a7:69:09:5e:8c:7b:
26:b6:36:50:1a:a1:e7:dd:53:ff:31:ef:48:a1:e4:6b:17:a5:
7a:68:82:97:fd:bc:26:45:55:fa:b4:f3:4e:a9:3f:9c:8d:b7:
46:bf:de:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQSyEh1PhOXkilYWuV06wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMzc1ZTE2YTE5MzY3ZGU5OWJiMjRhYzExNWQyNTlhMmEw
NDgxYWMwHhcNMjMwMTAxMDczNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmNiM2M3MzRhYTc0NmVlZmEwYjQwMjc1MzE2MTcyODRlZjUwMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/alHTV3Fw8fJmzDdjVss026PhRW
ySWhDnQMgxSoPRxqIB49xpdRO8JseoLzre4bzES+MwAt512m3DqqHOF+dzXLx/ET
sPZjpb+Px4dWiSP9SZhsKXYjFIE3UnmrbP1cW686hswAT1BtFf/z4w2WzV+eoEiz
bTFPFw1HzDFdYzDX7MzcMw5rEbBCkEDvy15L885VW+gttrLvxIZFDTkWPka6nG5A
o+TEMHiyVoQvTBks4QIg1ZDgnqwFPp46esGxQZYieYgND9QBOOqK+YWiEy1GvCBy
JpflwKhBXR8ir98ywV7cDXvbubFFt+uugrJHNRkpV+1vYwO00NDbJh20QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbLPHNKp0bu+gtAJ1MWFyhO9QFPMB8GA1UdIwQY
MBaAFNs3Xhahk2fembskrBFdJZoqBIGsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2Ut
NWI4NmJhNTg1OTIyLzEvOXNzOGMwcW5SdTc2QzBBblV4WVhLRTcxQVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2UtNWI4NmJhNTg1OTIy
LzEvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwma+MA0G
CSqGSIb3DQEBCwUAA4IBAQCGwrAT4t8WE2amutLtTSPlqaq9trptIZ7etrMwd+ZG
8FJefa9F0zVLB+AGdJ3K2szedgW+lSGHrGkVfwAV5RyA/4n6KYUnOuhld2ggZRP2
/H675hTr/5fu2HvbxpLnlwCDHO3BoaG0BzbqJ5PtHUZf6B8xk5GTc/q3/VI3Gvwd
m6ILFKroqbpy0JC/tql6K7NENZbXidThMXsFnrOqI75uvF0+bZZHL0CAI/NdO05Z
PUK74lucb2TWYqBObaPgb1ZBe0nDQKVPYGulhbsuve+uPumnaQlejHsmtjZQGqHn
3VP/Me9IoeRrF6V6aIKX/bwmRVX6tPNOqT+cjbdGv97e
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:36 2025 by rpki-client