Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/dNRaiqZUr75Vw7TKjdSNNMYQBAs.roa
File: dNRaiqZUr75Vw7TKjdSNNMYQBAs.roa (raw, json)
Hash identifier: gthVfSJhjJhxdq6RIauqHj5Ok+oBXimzWuQrlq3OWn0=
Subject key identifier: 74:D4:5A:8A:A6:54:AF:BE:55:C3:B4:CA:8D:D4:8D:34:C6:10:04:0B
Certificate issuer: /CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Certificate serial: 0185704BDC028050F7121EBE5C093986F09A
Authority key identifier: 1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/dNRaiqZUr75Vw7TKjdSNNMYQBAs.roa
Signing time: Mon 02 Jan 2023 02:24:57 +0000
ROA not before: Mon 02 Jan 2023 02:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48769
IP address blocks: 194.153.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:dc:02:80:50:f7:12:1e:be:5c:09:39:86:f0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Validity
Not Before: Jan 2 02:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74d45a8aa654afbe55c3b4ca8dd48d34c610040b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d3:a7:05:cb:27:41:8b:e3:80:cd:d7:7f:d3:
6e:1e:fa:e3:8c:20:29:2c:af:19:0b:b1:1a:67:18:
f0:ca:94:8b:25:b2:b6:dc:a6:b9:cb:bd:87:42:d0:
bd:18:16:6d:b3:c0:40:5b:7d:3e:18:78:97:7d:e2:
14:9f:98:be:4b:ca:a5:6e:9d:d5:97:8a:d0:46:86:
24:1d:a2:0f:e7:81:bc:65:6e:f3:9e:8f:4b:68:31:
7e:19:84:54:e0:42:9b:a0:37:08:a0:9c:cf:a0:1d:
ca:2e:1b:9e:5a:4e:4b:36:b2:7a:7f:cb:59:6f:52:
e7:fc:f5:de:65:14:5f:4b:16:99:5e:c8:1f:30:00:
2c:cd:1d:26:eb:36:9e:ba:8a:39:3e:d5:70:93:97:
ec:85:dd:c9:e1:55:62:f2:93:d8:b8:f1:d5:c0:55:
bd:ed:27:f7:05:02:6a:fa:16:b0:9f:3c:ea:a4:03:
69:c8:97:6c:20:e5:fc:3b:98:5a:a6:f7:1e:bb:a9:
e8:dd:25:48:55:d9:84:43:d1:f1:d2:f3:1e:a5:9d:
c2:ff:7a:e4:3b:58:76:04:b9:f5:4c:bf:f9:48:0c:
91:c8:19:05:9f:cf:ae:9d:77:7c:da:3a:0c:b9:c4:
5e:94:f1:e5:13:d2:30:c9:f9:4a:69:8d:ea:ab:dd:
30:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D4:5A:8A:A6:54:AF:BE:55:C3:B4:CA:8D:D4:8D:34:C6:10:04:0B
X509v3 Authority Key Identifier:
keyid:1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/dNRaiqZUr75Vw7TKjdSNNMYQBAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.187.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:91:60:79:2e:0d:a0:88:08:2d:b9:b3:9e:1a:88:93:38:ae:
27:2c:f6:21:60:a0:75:e0:88:a0:21:03:3c:6e:73:bc:af:c2:
4a:c4:5d:3a:dd:58:b9:fe:38:90:5e:f5:a2:bd:02:13:49:03:
f9:4e:92:c8:2e:fc:3d:47:63:6e:26:1f:9e:02:ed:26:cb:c6:
a9:aa:d1:56:0a:be:f8:02:3e:f1:97:e6:d7:18:38:19:d0:6a:
f6:02:bd:04:63:85:5f:68:8c:47:13:9c:a3:ed:ba:b6:c1:64:
54:f6:be:18:08:7c:b9:8b:87:7d:19:0e:c0:89:7e:9c:90:5c:
f4:4c:f1:b1:23:ad:47:47:29:ff:1a:63:e9:bf:70:d2:3d:28:
3b:1b:56:f9:99:81:d5:46:76:6b:f3:77:53:24:16:a4:7e:16:
9d:6e:fb:b9:25:a6:3d:2b:76:e8:21:bc:a2:ab:01:37:3d:9d:
06:88:a8:b9:5b:00:3d:bc:4f:e9:43:b3:ed:c3:7a:0d:1c:07:
4c:97:f9:96:da:db:f4:89:88:81:38:1a:fe:33:ae:cc:68:13:
b5:7a:d0:93:7d:40:24:cb:96:5c:2f:db:ec:2a:c8:0f:b6:0f:
64:ea:f6:65:5c:7f:ee:46:66:cb:ea:6f:b6:15:d5:ee:d9:98:
2b:3b:e7:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS9wCgFD3Eh6+XAk5hvCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmFjMTI0NmEyZTBlYTk3YTBjMjI5NWI3M2RkYmUwMDZk
MGVkMmMwHhcNMjMwMTAyMDIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGQ0NWE4YWE2NTRhZmJlNTVjM2I0Y2E4ZGQ0OGQzNGM2MTAwNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtOnBcsnQYvjgM3Xf9NuHvrjjCAp
LK8ZC7EaZxjwypSLJbK23Ka5y72HQtC9GBZts8BAW30+GHiXfeIUn5i+S8qlbp3V
l4rQRoYkHaIP54G8ZW7zno9LaDF+GYRU4EKboDcIoJzPoB3KLhueWk5LNrJ6f8tZ
b1Ln/PXeZRRfSxaZXsgfMAAszR0m6zaeuoo5PtVwk5fshd3J4VVi8pPYuPHVwFW9
7Sf3BQJq+hawnzzqpANpyJdsIOX8O5hapvceu6no3SVIVdmEQ9Hx0vMepZ3C/3rk
O1h2BLn1TL/5SAyRyBkFn8+unXd82joMucRelPHlE9IwyflKaY3qq90wBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTUWoqmVK++VcO0yo3UjTTGEAQLMB8GA1UdIwQY
MBaAFBwqwSRqLg6pegwilbc92+AG0O0sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEt
OGQ0NmUwOWRmOWYzLzEvZE5SYWlxWlVyNzVWdzdUS2pkU05OTVlRQkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEtOGQ0NmUwOWRmOWYz
LzEvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpm7MA0G
CSqGSIb3DQEBCwUAA4IBAQDYkWB5Lg2giAgtubOeGoiTOK4nLPYhYKB14IigIQM8
bnO8r8JKxF063Vi5/jiQXvWivQITSQP5TpLILvw9R2NuJh+eAu0my8apqtFWCr74
Aj7xl+bXGDgZ0Gr2Ar0EY4VfaIxHE5yj7bq2wWRU9r4YCHy5i4d9GQ7AiX6ckFz0
TPGxI61HRyn/GmPpv3DSPSg7G1b5mYHVRnZr83dTJBakfhadbvu5JaY9K3boIbyi
qwE3PZ0GiKi5WwA9vE/pQ7Ptw3oNHAdMl/mW2tv0iYiBOBr+M67MaBO1etCTfUAk
y5ZcL9vsKsgPtg9k6vZlXH/uRmbL6m+2FdXu2ZgrO+e/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:10 2025 by rpki-client