Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/2nOCgl0ABGMxtK3mc65Nfm9DBvM.roa
File: 2nOCgl0ABGMxtK3mc65Nfm9DBvM.roa (raw, json)
Hash identifier: h4aM0Vx+6ofNuqvmUdcAUEiI49Pqy/l1TFC6M42po/I=
Subject key identifier: DA:73:82:82:5D:00:04:63:31:B4:AD:E6:73:AE:4D:7E:6F:43:06:F3
Certificate issuer: /CN=1ddd15ef2f59abb95f2d9be5cee3303888623b97
Certificate serial: 01856F8B953321F5D451B68EBC534726AF8F
Authority key identifier: 1D:DD:15:EF:2F:59:AB:B9:5F:2D:9B:E5:CE:E3:30:38:88:62:3B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd0V7y9Zq7lfLZvlzuMwOIhiO5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/2nOCgl0ABGMxtK3mc65Nfm9DBvM.roa
Signing time: Sun 01 Jan 2023 22:54:56 +0000
ROA not before: Sun 01 Jan 2023 22:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50876
IP address blocks: 193.202.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:95:33:21:f5:d4:51:b6:8e:bc:53:47:26:af:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddd15ef2f59abb95f2d9be5cee3303888623b97
Validity
Not Before: Jan 1 22:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da7382825d00046331b4ade673ae4d7e6f4306f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:02:b7:2f:66:b3:b9:c9:90:5d:e0:5e:4c:b7:
72:98:82:20:11:b3:d6:fd:ad:a3:75:0d:ab:0d:77:
31:30:86:1d:b6:8a:50:ef:0f:6f:2a:db:91:e6:7c:
0c:7f:e8:4a:68:ed:40:e0:6e:21:e7:17:d4:39:6a:
b2:23:5a:65:bd:a1:01:77:9c:ef:a5:57:a9:e9:b0:
0d:be:7f:f1:84:87:29:75:c2:7b:1a:7d:e2:7f:ac:
ae:00:8a:53:87:b7:2d:13:c3:5f:61:95:6e:d0:0f:
d9:5c:03:39:d8:b5:12:b0:46:ee:c6:b3:bf:c2:8f:
8f:b1:f9:75:e7:e1:ad:9f:ac:57:51:6e:bf:19:4e:
5a:09:ef:62:16:d7:5a:08:14:03:85:7d:9f:6a:02:
10:6c:76:7d:26:6b:5a:4d:31:b5:70:98:99:28:35:
c7:8c:0e:92:7e:79:e5:81:ea:d6:cd:4d:3f:e9:8e:
a6:53:f0:cf:82:17:1f:60:20:53:63:42:b7:cb:6c:
4c:c1:9c:4d:da:20:f6:29:3a:ec:e5:03:6c:75:fd:
2c:2f:bf:e2:23:e5:af:b9:53:6c:f2:c0:d0:ef:17:
4b:c3:3e:e6:49:7e:90:ff:49:2a:fd:dc:1f:c1:db:
7c:49:69:fd:1e:f3:f2:76:1d:ee:dc:36:8a:82:7e:
41:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:73:82:82:5D:00:04:63:31:B4:AD:E6:73:AE:4D:7E:6F:43:06:F3
X509v3 Authority Key Identifier:
keyid:1D:DD:15:EF:2F:59:AB:B9:5F:2D:9B:E5:CE:E3:30:38:88:62:3B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd0V7y9Zq7lfLZvlzuMwOIhiO5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/2nOCgl0ABGMxtK3mc65Nfm9DBvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/Hd0V7y9Zq7lfLZvlzuMwOIhiO5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.123.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2a:38:80:2c:5d:0c:bc:38:cd:49:16:a9:81:0c:24:91:33:
f6:cb:b6:b3:7f:87:05:2e:b6:42:97:6a:44:9a:c8:cf:e7:91:
ef:5c:ec:c6:4e:58:4c:45:b4:38:5b:13:d8:2c:4a:b5:e2:46:
b6:66:94:61:1f:5e:b9:d5:ed:1a:89:af:40:fb:c9:39:f1:e4:
6f:9a:d1:0b:7e:6e:ce:88:62:f3:8c:80:7a:8a:d5:ae:2d:bb:
89:50:6e:af:8e:6d:7e:37:b5:ac:76:7b:3c:96:a1:0a:e3:4b:
d6:8a:19:c5:a6:03:73:96:8b:9e:99:23:73:f4:80:cc:dd:eb:
40:9c:83:4d:88:55:17:2f:3e:3f:ca:54:56:89:a1:db:57:ba:
ae:2f:a4:03:13:b3:8d:01:56:00:50:1a:ca:26:61:1d:98:f1:
f5:2b:db:bb:88:49:73:79:48:b9:f8:7e:b9:c3:53:49:a8:4b:
2b:e3:f6:a4:6b:22:da:83:16:47:fb:dd:6b:af:39:5a:82:23:
e9:be:cc:14:7e:cd:66:5f:ce:82:63:54:98:70:86:3d:e4:e0:
98:6f:8d:ae:42:40:fe:6b:a0:77:04:d2:f8:b1:1c:f3:c4:a1:
3d:47:e1:87:94:73:df:5c:85:fe:1c:35:a0:22:9d:6e:f1:1c:
cb:68:d3:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi5UzIfXUUbaOvFNHJq+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGQxNWVmMmY1OWFiYjk1ZjJkOWJlNWNlZTMzMDM4ODg2
MjNiOTcwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTczODI4MjVkMDAwNDYzMzFiNGFkZTY3M2FlNGQ3ZTZmNDMwNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwK3L2azucmQXeBeTLdymIIgEbPW
/a2jdQ2rDXcxMIYdtopQ7w9vKtuR5nwMf+hKaO1A4G4h5xfUOWqyI1plvaEBd5zv
pVep6bANvn/xhIcpdcJ7Gn3if6yuAIpTh7ctE8NfYZVu0A/ZXAM52LUSsEbuxrO/
wo+Psfl15+Gtn6xXUW6/GU5aCe9iFtdaCBQDhX2fagIQbHZ9JmtaTTG1cJiZKDXH
jA6SfnnlgerWzU0/6Y6mU/DPghcfYCBTY0K3y2xMwZxN2iD2KTrs5QNsdf0sL7/i
I+WvuVNs8sDQ7xdLwz7mSX6Q/0kq/dwfwdt8SWn9HvPydh3u3DaKgn5B2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpzgoJdAARjMbSt5nOuTX5vQwbzMB8GA1UdIwQY
MBaAFB3dFe8vWau5Xy2b5c7jMDiIYjuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQwVjd5OVpxN2xmTFp2bHp1TXdPSWhpTzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wYWZhODgtYjUyNi00NzYzLTk1Mjgt
OGI2MGU0Yjk0YmNmLzEvMm5PQ2dsMEFCR014dEszbWM2NU5mbTlEQnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wYWZhODgtYjUyNi00NzYzLTk1MjgtOGI2MGU0Yjk0YmNm
LzEvSGQwVjd5OVpxN2xmTFp2bHp1TXdPSWhpTzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcp7MA0G
CSqGSIb3DQEBCwUAA4IBAQA+KjiALF0MvDjNSRapgQwkkTP2y7azf4cFLrZCl2pE
msjP55HvXOzGTlhMRbQ4WxPYLEq14ka2ZpRhH1651e0aia9A+8k58eRvmtELfm7O
iGLzjIB6itWuLbuJUG6vjm1+N7Wsdns8lqEK40vWihnFpgNzlouemSNz9IDM3etA
nINNiFUXLz4/ylRWiaHbV7quL6QDE7ONAVYAUBrKJmEdmPH1K9u7iElzeUi5+H65
w1NJqEsr4/akayLagxZH+91rrzlagiPpvswUfs1mX86CY1SYcIY95OCYb42uQkD+
a6B3BNL4sRzzxKE9R+GHlHPfXIX+HDWgIp1u8RzLaNOH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:22 2025 by rpki-client