Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/de64f7-39d9-4bbd-b023-bedcbc5a0174/1/X4m1VOwicVdr3wMqIGqeoEHrrnM.roa
File: X4m1VOwicVdr3wMqIGqeoEHrrnM.roa (raw, json)
Hash identifier: /Oj9eEs0dEk/kzdMKtgrl0WEFTXQIjjXYZg5GPwEeyo=
Subject key identifier: 5F:89:B5:54:EC:22:71:57:6B:DF:03:2A:20:6A:9E:A0:41:EB:AE:73
Certificate issuer: /CN=80d1c0b4ef090c44d78b7ccb0bf72f09d0831f34
Certificate serial: 018570F0AB6D3A36829F9281C2EA02A898E8
Authority key identifier: 80:D1:C0:B4:EF:09:0C:44:D7:8B:7C:CB:0B:F7:2F:09:D0:83:1F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gNHAtO8JDETXi3zLC_cvCdCDHzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/de64f7-39d9-4bbd-b023-bedcbc5a0174/1/X4m1VOwicVdr3wMqIGqeoEHrrnM.roa
Signing time: Mon 02 Jan 2023 05:24:58 +0000
ROA not before: Mon 02 Jan 2023 05:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25099
IP address blocks: 194.0.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ab:6d:3a:36:82:9f:92:81:c2:ea:02:a8:98:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80d1c0b4ef090c44d78b7ccb0bf72f09d0831f34
Validity
Not Before: Jan 2 05:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f89b554ec2271576bdf032a206a9ea041ebae73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:6b:95:65:29:57:c8:27:e0:de:e7:cf:a7:
12:0b:3e:8f:56:47:ed:f1:78:9a:2f:2d:3b:c3:7c:
e9:f0:6e:80:e6:fe:81:11:12:36:52:50:3e:1e:eb:
e5:7a:45:37:97:fa:58:94:ae:95:2a:bd:9e:f5:73:
05:cb:70:3a:af:72:0f:23:fa:3e:fe:4f:73:79:f3:
06:36:14:c6:ce:04:3f:2c:1d:3a:47:92:cd:30:23:
08:ba:5c:35:34:c5:17:45:e8:ea:c9:19:aa:fd:00:
6d:89:91:7b:a1:44:6b:04:8c:ba:7e:a8:ee:e9:c9:
12:79:76:3b:68:a7:9c:ad:5b:85:1c:10:bf:d1:be:
64:81:e7:cf:51:1a:f3:fa:37:23:70:42:10:f5:c4:
b5:2e:01:cb:b1:3d:be:e1:57:16:8c:08:84:f6:54:
91:5b:59:f5:23:14:32:b9:20:61:ce:a1:05:c8:e8:
04:d1:ef:47:58:28:6b:f2:a3:cb:50:1e:42:ff:f0:
ce:3e:73:41:c6:4d:91:b6:e8:70:65:de:bd:ea:e9:
60:1d:4a:d4:68:40:4d:9f:39:b0:bd:05:7c:1a:41:
e9:ef:79:56:12:4d:5e:a3:a6:e7:2d:20:1b:73:ba:
fa:f1:41:cf:f4:09:f5:e1:6f:39:94:15:2b:4e:85:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:89:B5:54:EC:22:71:57:6B:DF:03:2A:20:6A:9E:A0:41:EB:AE:73
X509v3 Authority Key Identifier:
keyid:80:D1:C0:B4:EF:09:0C:44:D7:8B:7C:CB:0B:F7:2F:09:D0:83:1F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gNHAtO8JDETXi3zLC_cvCdCDHzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/de64f7-39d9-4bbd-b023-bedcbc5a0174/1/X4m1VOwicVdr3wMqIGqeoEHrrnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/de64f7-39d9-4bbd-b023-bedcbc5a0174/1/gNHAtO8JDETXi3zLC_cvCdCDHzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.157.0/24
Signature Algorithm: sha256WithRSAEncryption
65:59:be:b0:43:55:21:c2:24:0b:c1:5a:11:94:c7:71:c9:fc:
ca:a1:25:73:50:5c:86:46:cf:38:6a:6f:c0:c2:a9:07:e9:72:
fb:73:e2:93:e3:b5:e4:fb:4d:89:44:0e:d1:63:a1:da:07:66:
f5:ac:fc:2a:f5:ef:b6:8e:18:8b:93:12:07:3b:d3:a9:90:21:
56:5a:d0:4a:a9:eb:77:35:38:f5:a5:00:5c:91:8f:78:74:3f:
d8:b3:aa:4c:15:f1:93:c2:6a:44:3e:89:ca:2d:56:7e:53:8c:
a9:41:fd:f6:f8:a9:73:87:fc:c2:1b:55:0d:48:8c:d5:2e:f8:
e4:1e:7d:24:1e:c5:cf:48:2a:27:42:9f:e1:46:e0:14:2c:b2:
26:b8:f6:56:57:79:3d:04:e4:85:ad:19:a8:7b:54:fa:ca:64:
83:f9:d2:71:68:7a:af:50:a4:08:10:00:fe:73:40:04:84:cf:
f6:e9:67:4b:12:25:e2:9c:af:e7:a8:72:0b:74:10:d3:5f:04:
04:82:00:29:1c:31:c8:18:86:6b:b5:60:10:31:f6:5a:9e:91:
b6:59:b5:76:85:25:e3:1c:63:d7:65:30:0c:01:75:5a:5d:ff:
b9:15:f5:e2:23:a5:9f:6b:85:f0:6c:4e:c2:75:b0:0d:43:af:
64:34:59:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KttOjaCn5KBwuoCqJjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZDFjMGI0ZWYwOTBjNDRkNzhiN2NjYjBiZjcyZjA5ZDA4
MzFmMzQwHhcNMjMwMTAyMDUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg5YjU1NGVjMjI3MTU3NmJkZjAzMmEyMDZhOWVhMDQxZWJhZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+1rlWUpV8gn4N7nz6cSCz6PVkft
8XiaLy07w3zp8G6A5v6BERI2UlA+HuvlekU3l/pYlK6VKr2e9XMFy3A6r3IPI/o+
/k9zefMGNhTGzgQ/LB06R5LNMCMIulw1NMUXRejqyRmq/QBtiZF7oURrBIy6fqju
6ckSeXY7aKecrVuFHBC/0b5kgefPURrz+jcjcEIQ9cS1LgHLsT2+4VcWjAiE9lSR
W1n1IxQyuSBhzqEFyOgE0e9HWChr8qPLUB5C//DOPnNBxk2RtuhwZd696ulgHUrU
aEBNnzmwvQV8GkHp73lWEk1eo6bnLSAbc7r68UHP9An14W85lBUrToXqcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+JtVTsInFXa98DKiBqnqBB665zMB8GA1UdIwQY
MBaAFIDRwLTvCQxE14t8ywv3LwnQgx80MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ05IQXRPOEpERVRYaTN6TENfY3ZDZENESHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9kZTY0ZjctMzlkOS00YmJkLWIwMjMt
YmVkY2JjNWEwMTc0LzEvWDRtMVZPd2ljVmRyM3dNcUlHcWVvRUhycm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9kZTY0ZjctMzlkOS00YmJkLWIwMjMtYmVkY2JjNWEwMTc0
LzEvZ05IQXRPOEpERVRYaTN6TENfY3ZDZENESHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCdMA0G
CSqGSIb3DQEBCwUAA4IBAQBlWb6wQ1UhwiQLwVoRlMdxyfzKoSVzUFyGRs84am/A
wqkH6XL7c+KT47Xk+02JRA7RY6HaB2b1rPwq9e+2jhiLkxIHO9OpkCFWWtBKqet3
NTj1pQBckY94dD/Ys6pMFfGTwmpEPonKLVZ+U4ypQf32+Klzh/zCG1UNSIzVLvjk
Hn0kHsXPSConQp/hRuAULLImuPZWV3k9BOSFrRmoe1T6ymSD+dJxaHqvUKQIEAD+
c0AEhM/26WdLEiXinK/nqHILdBDTXwQEggApHDHIGIZrtWAQMfZanpG2WbV2hSXj
HGPXZTAMAXVaXf+5FfXiI6Wfa4XwbE7CdbANQ69kNFkV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:49 2025 by rpki-client