Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/vA4q6zA8smOknGDOTmBLYIHoLr4.roa
File: vA4q6zA8smOknGDOTmBLYIHoLr4.roa (raw, json)
Hash identifier: 2KPBIzCR3GtZleSmcLpee8bKjMgclpQAlr1b69VLxaM=
Subject key identifier: BC:0E:2A:EB:30:3C:B2:63:A4:9C:60:CE:4E:60:4B:60:81:E8:2E:BE
Certificate issuer: /CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Certificate serial: 01856E2FA401E42002A1A61047916BD0072D
Authority key identifier: 1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/vA4q6zA8smOknGDOTmBLYIHoLr4.roa
Signing time: Sun 01 Jan 2023 16:34:54 +0000
ROA not before: Sun 01 Jan 2023 16:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210163
IP address blocks: 194.180.44.0/24 maxlen: 24
194.180.46.0/24 maxlen: 24
194.180.47.0/24 maxlen: 24
194.180.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a4:01:e4:20:02:a1:a6:10:47:91:6b:d0:07:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Validity
Not Before: Jan 1 16:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc0e2aeb303cb263a49c60ce4e604b6081e82ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:78:78:60:3d:ca:37:c0:05:a2:d6:dd:64:26:
0e:a3:45:77:95:37:9c:5c:a5:34:6f:3d:19:ae:05:
0c:69:7f:05:67:16:76:df:2a:21:5a:2f:06:5a:5d:
8b:02:2a:31:5f:b6:bd:45:31:b1:ba:36:20:bb:92:
1e:76:51:5e:c0:d2:df:1e:37:4e:51:8f:98:55:9c:
a9:de:b6:52:c8:43:65:01:c6:f6:6c:c6:9e:6d:3e:
5f:96:d9:81:3f:fa:6c:cc:6b:b8:37:32:b6:01:33:
f4:af:2e:6a:c7:f2:36:18:c5:49:9c:79:16:c9:d8:
c4:b3:9e:0a:fd:20:50:7f:6f:2d:00:fe:35:ab:33:
7e:d1:60:09:5f:0d:c3:a7:78:ff:50:dc:7e:3b:37:
db:06:e3:3f:71:ce:ae:fe:0b:fe:23:68:d4:81:cb:
3b:65:0c:d3:85:49:87:73:0d:e8:c8:2b:60:6b:39:
c9:f6:32:59:ad:62:7b:53:b3:11:5b:c2:eb:28:57:
82:c8:66:c4:80:02:ea:7b:f3:cf:be:96:cc:40:98:
92:dc:46:53:2b:ba:b0:ac:a4:1a:9c:bb:df:cd:da:
24:df:b7:7d:e5:f2:8c:ed:d4:62:81:45:e7:f7:38:
fe:82:1e:33:81:4a:0a:07:88:b2:f9:ad:b6:5b:67:
55:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0E:2A:EB:30:3C:B2:63:A4:9C:60:CE:4E:60:4B:60:81:E8:2E:BE
X509v3 Authority Key Identifier:
keyid:1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/vA4q6zA8smOknGDOTmBLYIHoLr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.44.0/22
Signature Algorithm: sha256WithRSAEncryption
49:d6:e9:f8:3d:b9:a0:51:8f:1c:4a:53:6c:44:4d:97:62:8e:
81:88:da:23:85:e0:12:fc:0c:d5:ba:06:f0:ce:ae:f2:c6:60:
c2:c0:b5:7a:b3:ab:ab:cf:e8:60:7a:d5:78:03:e8:8a:c3:91:
4a:fa:64:05:29:7d:8a:5c:7a:40:c9:2e:ac:84:48:55:92:54:
88:dd:20:a7:42:9b:a0:a5:f6:82:11:52:f9:f1:47:8b:86:5e:
18:1d:77:e0:54:08:7e:f3:9e:6a:dd:5a:e4:78:cb:b4:cb:99:
5e:14:eb:bc:75:7f:2a:aa:0b:89:17:3e:61:ea:41:a2:6d:48:
77:8d:7a:e8:63:5f:9b:24:74:92:a8:0e:61:db:82:70:84:cb:
15:71:a7:c8:49:2a:12:d1:3f:a2:e4:09:e9:91:f1:44:d2:3e:
c3:a8:03:e2:f0:c0:e7:43:b4:3a:b6:45:6b:64:25:10:0a:d7:
a4:05:01:76:6e:ad:ab:79:7e:aa:47:cc:9b:cb:3f:be:f6:57:
60:c6:7d:72:f8:f1:e1:ba:67:18:9d:c0:65:1b:cf:31:0e:82:
96:c5:74:30:8d:f1:70:37:50:ef:c8:83:c6:ca:5f:27:89:e0:
02:df:c5:9a:4e:1c:d3:6d:31:22:a2:cf:6a:95:21:52:23:88:
92:af:67:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL6QB5CACoaYQR5Fr0ActMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODg1YzM3ZTc0N2JjZTIzZWU5MDk3ZTVmZjdlOTgzYmNi
YTBkYjQwHhcNMjMwMTAxMTYzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzBlMmFlYjMwM2NiMjYzYTQ5YzYwY2U0ZTYwNGI2MDgxZTgyZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXh4YD3KN8AFotbdZCYOo0V3lTec
XKU0bz0ZrgUMaX8FZxZ23yohWi8GWl2LAioxX7a9RTGxujYgu5IedlFewNLfHjdO
UY+YVZyp3rZSyENlAcb2bMaebT5fltmBP/pszGu4NzK2ATP0ry5qx/I2GMVJnHkW
ydjEs54K/SBQf28tAP41qzN+0WAJXw3Dp3j/UNx+OzfbBuM/cc6u/gv+I2jUgcs7
ZQzThUmHcw3oyCtgaznJ9jJZrWJ7U7MRW8LrKFeCyGbEgALqe/PPvpbMQJiS3EZT
K7qwrKQanLvfzdok37d95fKM7dRigUXn9zj+gh4zgUoKB4iy+a22W2dVLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwOKuswPLJjpJxgzk5gS2CB6C6+MB8GA1UdIwQY
MBaAFBqIXDfnR7ziPukJfl/36YO8ug20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5Mzkt
YzE0MDJkMjYxNDMyLzEvdkE0cTZ6QThzbU9rbkdET1RtQkxZSUhvTHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5MzktYzE0MDJkMjYxNDMy
LzEvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwrQsMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ1un4PbmgUY8cSlNsRE2XYo6BiNojheAS/AzVugbw
zq7yxmDCwLV6s6urz+hgetV4A+iKw5FK+mQFKX2KXHpAyS6shEhVklSI3SCnQpug
pfaCEVL58UeLhl4YHXfgVAh+855q3VrkeMu0y5leFOu8dX8qqguJFz5h6kGibUh3
jXroY1+bJHSSqA5h24JwhMsVcafISSoS0T+i5AnpkfFE0j7DqAPi8MDnQ7Q6tkVr
ZCUQCtekBQF2bq2reX6qR8ybyz++9ldgxn1y+PHhumcYncBlG88xDoKWxXQwjfFw
N1DvyIPGyl8nieAC38WaThzTbTEios9qlSFSI4iSr2dX
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:10 2025 by rpki-client