Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/RDSqXCFMMrA_ZQGHvsf77FSb3kU.roa
File: RDSqXCFMMrA_ZQGHvsf77FSb3kU.roa (raw, json)
Hash identifier: GFk+d9gOI8MnTtRnmoWkwQ+4fYWqNhLUCgHTKItA5p0=
Subject key identifier: 44:34:AA:5C:21:4C:32:B0:3F:65:01:87:BE:C7:FB:EC:54:9B:DE:45
Certificate issuer: /CN=a0afe1fed1f2b7db24a0c2d1f61010684e93cbd5
Certificate serial: 01856D2F3CF79255429463C1D52049625792
Authority key identifier: A0:AF:E1:FE:D1:F2:B7:DB:24:A0:C2:D1:F6:10:10:68:4E:93:CB:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oK_h_tHyt9skoMLR9hAQaE6Ty9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/RDSqXCFMMrA_ZQGHvsf77FSb3kU.roa
Signing time: Sun 01 Jan 2023 11:54:50 +0000
ROA not before: Sun 01 Jan 2023 11:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201425
IP address blocks: 188.214.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:3c:f7:92:55:42:94:63:c1:d5:20:49:62:57:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0afe1fed1f2b7db24a0c2d1f61010684e93cbd5
Validity
Not Before: Jan 1 11:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4434aa5c214c32b03f650187bec7fbec549bde45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f0:3c:1f:ed:fe:36:44:ba:e4:ba:ce:56:b2:
52:67:96:15:af:05:6b:c2:ce:f6:e8:f8:1e:ba:af:
cd:98:13:7d:57:e1:60:68:df:f2:6c:80:f9:89:95:
b9:e7:f3:81:59:14:a9:aa:4c:f3:f6:e9:0a:bd:2f:
31:05:19:fb:19:2f:0e:c0:13:35:e2:c2:41:b1:82:
49:0a:ac:78:32:77:6c:8a:55:45:68:1d:88:f9:f6:
a8:4c:48:1f:28:f3:47:67:c7:2d:bf:4c:40:10:2b:
de:00:56:97:ae:1d:04:6c:b2:10:5a:35:4c:0f:b6:
37:b9:f3:f7:75:c4:c1:c0:db:92:6e:93:4d:8b:16:
26:dd:55:7c:93:44:05:17:aa:12:bf:16:5d:38:c6:
f1:45:74:e5:20:a1:2d:a2:29:07:21:1e:3f:61:ad:
d0:f5:3a:8b:88:20:5a:51:d0:15:83:40:b1:8e:95:
a0:fc:e2:77:d0:d0:aa:3c:ff:b7:62:58:7d:db:ec:
3e:42:6e:7c:94:4c:a1:5f:79:c8:d1:e7:4d:b6:7b:
fa:3f:8f:99:5c:c7:fa:09:3e:23:8a:a0:9b:4c:2d:
77:dc:42:08:ee:bd:49:1a:d3:82:f1:6a:58:78:fc:
81:8f:75:cd:af:45:45:dc:2e:e8:4a:17:ff:f0:84:
56:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:34:AA:5C:21:4C:32:B0:3F:65:01:87:BE:C7:FB:EC:54:9B:DE:45
X509v3 Authority Key Identifier:
keyid:A0:AF:E1:FE:D1:F2:B7:DB:24:A0:C2:D1:F6:10:10:68:4E:93:CB:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oK_h_tHyt9skoMLR9hAQaE6Ty9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/RDSqXCFMMrA_ZQGHvsf77FSb3kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/oK_h_tHyt9skoMLR9hAQaE6Ty9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.100.0/24
Signature Algorithm: sha256WithRSAEncryption
36:76:22:c1:48:46:d0:80:23:56:9c:31:09:90:9c:ff:b1:eb:
c3:8b:d3:f6:5e:64:58:56:99:b3:0c:df:6e:96:91:4f:b0:97:
e4:08:0e:87:79:de:31:69:cc:8a:e1:26:55:1a:93:1f:7b:99:
77:b4:c0:21:dd:6f:f8:09:c1:27:8c:50:ba:f2:01:ae:77:06:
3d:24:9a:68:9d:09:e2:81:6c:44:73:6c:93:f0:ac:a1:92:63:
a0:41:a5:37:d1:23:b4:75:63:08:0b:9f:aa:59:79:72:21:91:
a8:0a:3b:46:95:a4:72:ed:06:bf:5d:75:1a:e3:29:87:ec:6d:
69:66:20:6b:c8:bb:ee:63:f5:95:cc:74:21:bc:0f:9d:b4:ad:
58:2f:d0:80:65:85:e4:8d:db:32:e9:1b:97:d4:69:a6:8a:dc:
f1:83:9d:f2:2d:c3:54:2a:2e:1c:46:a3:f8:59:1b:9b:26:21:
54:34:d5:14:e2:83:4c:44:18:73:3b:86:35:5d:43:7a:c3:28:
a4:74:a3:7c:bf:b3:69:85:d6:47:20:cc:fd:3c:16:b1:04:fd:
c5:6d:2f:60:f6:c6:af:0e:c2:8e:77:e9:f0:4d:b2:7a:e3:88:
32:0c:05:42:b6:43:ac:9f:b8:f0:a0:58:f7:fc:5e:bb:2a:b8:
95:46:64:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLzz3klVClGPB1SBJYleSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWZlMWZlZDFmMmI3ZGIyNGEwYzJkMWY2MTAxMDY4NGU5
M2NiZDUwHhcNMjMwMTAxMTE1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM0YWE1YzIxNGMzMmIwM2Y2NTAxODdiZWM3ZmJlYzU0OWJkZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPA8H+3+NkS65LrOVrJSZ5YVrwVr
ws726Pgeuq/NmBN9V+FgaN/ybID5iZW55/OBWRSpqkzz9ukKvS8xBRn7GS8OwBM1
4sJBsYJJCqx4MndsilVFaB2I+faoTEgfKPNHZ8ctv0xAECveAFaXrh0EbLIQWjVM
D7Y3ufP3dcTBwNuSbpNNixYm3VV8k0QFF6oSvxZdOMbxRXTlIKEtoikHIR4/Ya3Q
9TqLiCBaUdAVg0CxjpWg/OJ30NCqPP+3Ylh92+w+Qm58lEyhX3nI0edNtnv6P4+Z
XMf6CT4jiqCbTC133EII7r1JGtOC8WpYePyBj3XNr0VF3C7oShf/8IRWHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQ0qlwhTDKwP2UBh77H++xUm95FMB8GA1UdIwQY
MBaAFKCv4f7R8rfbJKDC0fYQEGhOk8vVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tfaF90SHl0OXNrb01MUjloQVFhRTZUeTlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMjAyYWQtN2I0Ni00MjJkLWE0ZDIt
ZWNhNTNhN2Y3NzYyLzEvUkRTcVhDRk1NckFfWlFHSHZzZjc3RlNiM2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMjAyYWQtN2I0Ni00MjJkLWE0ZDItZWNhNTNhN2Y3NzYy
LzEvb0tfaF90SHl0OXNrb01MUjloQVFhRTZUeTlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNZkMA0G
CSqGSIb3DQEBCwUAA4IBAQA2diLBSEbQgCNWnDEJkJz/sevDi9P2XmRYVpmzDN9u
lpFPsJfkCA6Hed4xacyK4SZVGpMfe5l3tMAh3W/4CcEnjFC68gGudwY9JJponQni
gWxEc2yT8KyhkmOgQaU30SO0dWMIC5+qWXlyIZGoCjtGlaRy7Qa/XXUa4ymH7G1p
ZiBryLvuY/WVzHQhvA+dtK1YL9CAZYXkjdsy6RuX1Gmmitzxg53yLcNUKi4cRqP4
WRubJiFUNNUU4oNMRBhzO4Y1XUN6wyikdKN8v7NphdZHIMz9PBaxBP3FbS9g9sav
DsKOd+nwTbJ644gyDAVCtkOsn7jwoFj3/F67KriVRmTz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:02 2025 by rpki-client