Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/1-mIWflZ3pfop3o9abkoXsrAQFmE.roa
File: 1-mIWflZ3pfop3o9abkoXsrAQFmE.roa (raw, json)
Hash identifier: sEgkb+gtagb2W843V3s0bgwjAjXLmrvv/0opRouOtl4=
Subject key identifier: FA:62:16:7E:56:77:A5:FA:29:DE:8F:5A:6E:4A:17:B2:B0:10:16:61
Certificate issuer: /CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Certificate serial: 018475BE1DCE3F5550B42D31CDCF84ACA9F8
Authority key identifier: 1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/1-mIWflZ3pfop3o9abkoXsrAQFmE.roa
Signing time: Mon 14 Nov 2022 10:45:04 +0000
ROA not before: Mon 14 Nov 2022 10:45:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210162
IP address blocks: 194.180.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:be:1d:ce:3f:55:50:b4:2d:31:cd:cf:84:ac:a9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Validity
Not Before: Nov 14 10:45:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa62167e5677a5fa29de8f5a6e4a17b2b0101661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:85:72:43:28:0e:3b:2d:78:37:f5:be:5a:4c:
7b:b0:4c:c0:87:db:19:f9:ec:b0:8b:63:ab:bd:03:
67:8e:27:f4:3e:ab:e5:94:8b:b8:37:31:ca:87:c7:
1b:3d:49:e8:e1:79:6d:1a:5c:85:ad:30:8b:84:e1:
f6:20:e0:7e:20:a5:56:36:6a:74:3f:df:6e:04:5d:
60:87:5f:5e:bb:43:1c:60:69:62:dc:f9:36:93:cb:
9f:45:95:ee:0d:03:ff:58:f2:ab:5c:58:d7:d8:25:
ca:28:fe:7a:ff:ed:50:d9:b0:32:59:07:cb:bb:c6:
3a:8c:bc:43:0a:e5:fd:23:47:0c:d3:c6:6e:d5:5f:
c4:25:17:cf:af:1a:f7:6a:98:bb:b3:ce:d7:fb:07:
ae:45:9a:4d:f2:7e:2a:e5:0c:27:6a:db:3e:78:7b:
2f:0c:2e:d7:38:6f:22:d7:4c:e0:1d:10:58:67:e5:
d9:0e:71:62:56:24:1e:de:5c:eb:83:9e:83:ed:1c:
01:0a:3e:c2:15:c3:dd:9f:ad:9e:9d:e4:56:ef:f1:
72:f6:40:23:33:fe:0c:40:92:a6:f7:fc:b7:3f:a3:
a6:ed:87:f1:d7:b3:29:8b:18:bb:44:a2:b4:bd:76:
3f:48:ad:d3:40:93:46:88:52:27:f9:5f:59:62:b1:
3d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:62:16:7E:56:77:A5:FA:29:DE:8F:5A:6E:4A:17:B2:B0:10:16:61
X509v3 Authority Key Identifier:
keyid:1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/1-mIWflZ3pfop3o9abkoXsrAQFmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.44.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:4b:7c:e4:c6:0c:78:27:c5:a0:f4:54:08:e3:72:31:08:47:
1c:f2:ca:b7:bc:62:9b:9a:b7:27:9e:77:64:57:95:72:f9:38:
a7:6b:fb:95:f3:21:fe:c6:57:0d:e9:dc:40:1f:26:27:13:8b:
0e:78:ee:c0:97:3a:93:9c:56:89:a4:1f:2b:b8:73:0d:1d:05:
21:a7:d8:e4:39:c8:7a:cb:90:3a:33:78:36:be:53:ca:9c:f0:
51:0c:20:a0:eb:58:23:66:68:02:9d:ce:72:e6:9d:0e:93:fb:
9c:44:c3:5b:03:cd:18:7d:e3:22:0b:1c:8f:4b:31:bf:a6:c2:
d2:b3:83:07:d6:76:a2:4c:07:67:dc:4b:a9:c3:28:c1:f7:63:
63:61:c9:e6:41:76:cd:a5:44:6b:79:59:fa:5b:e6:26:b8:e4:
b4:d1:39:ea:f3:2e:ef:4e:3a:f4:cd:f9:24:37:55:aa:82:00:
1f:7a:4b:da:5d:d8:ef:e2:e6:c6:66:50:9e:00:d3:e9:c1:fe:
87:d2:d6:b4:98:2b:24:78:e2:9a:84:bb:63:a5:59:bd:67:73:
f1:2e:70:97:19:92:69:1f:ba:09:e6:d5:f8:28:d0:6d:a6:d1:
da:f6:7e:f7:a9:3f:77:57:9b:e8:0d:5b:ba:2e:53:b0:12:fb:
8e:70:55:29
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYR1vh3OP1VQtC0xzc+ErKn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODg1YzM3ZTc0N2JjZTIzZWU5MDk3ZTVmZjdlOTgzYmNi
YTBkYjQwHhcNMjIxMTE0MTA0NTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTYyMTY3ZTU2NzdhNWZhMjlkZThmNWE2ZTRhMTdiMmIwMTAxNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4VyQygOOy14N/W+Wkx7sEzAh9sZ
+eywi2OrvQNnjif0PqvllIu4NzHKh8cbPUno4XltGlyFrTCLhOH2IOB+IKVWNmp0
P99uBF1gh19eu0McYGli3Pk2k8ufRZXuDQP/WPKrXFjX2CXKKP56/+1Q2bAyWQfL
u8Y6jLxDCuX9I0cM08Zu1V/EJRfPrxr3api7s87X+weuRZpN8n4q5Qwnats+eHsv
DC7XOG8i10zgHRBYZ+XZDnFiViQe3lzrg56D7RwBCj7CFcPdn62eneRW7/Fy9kAj
M/4MQJKm9/y3P6Om7Yfx17Mpixi7RKK0vXY/SK3TQJNGiFIn+V9ZYrE9YwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpiFn5Wd6X6Kd6PWm5KF7KwEBZhMB8GA1UdIwQY
MBaAFBqIXDfnR7ziPukJfl/36YO8ug20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5Mzkt
YzE0MDJkMjYxNDMyLzEvMS1tSVdmbFozcGZvcDNvOWFia29Yc3JBUUZtRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2YvYzU0MjE0LTUyZDUtNDZkYy05OTM5LWMxNDAyZDI2MTQz
Mi8xL0dvaGNOLWRIdk9JLTZRbC1YX2ZwZzd5NkRiUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsK0LDAN
BgkqhkiG9w0BAQsFAAOCAQEALEt85MYMeCfFoPRUCONyMQhHHPLKt7xim5q3J553
ZFeVcvk4p2v7lfMh/sZXDencQB8mJxOLDnjuwJc6k5xWiaQfK7hzDR0FIafY5DnI
esuQOjN4Nr5TypzwUQwgoOtYI2ZoAp3OcuadDpP7nETDWwPNGH3jIgscj0sxv6bC
0rODB9Z2okwHZ9xLqcMowfdjY2HJ5kF2zaVEa3lZ+lvmJrjktNE56vMu70469M35
JDdVqoIAH3pL2l3Y7+LmxmZQngDT6cH+h9LWtJgrJHjimoS7Y6VZvWdz8S5wlxmS
aR+6CebV+CjQbabR2vZ+96k/d1eb6A1bui5TsBL7jnBVKQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:22 2025 by rpki-client