Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/DNDgHJXmMTAEPEVGW1oVVTud3kk.roa
File: DNDgHJXmMTAEPEVGW1oVVTud3kk.roa (raw, json)
Hash identifier: 4FH3vS8/KMsFXhNinnASLbYusevfyBrTRyM48/DqBVY=
Subject key identifier: 0C:D0:E0:1C:95:E6:31:30:04:3C:45:46:5B:5A:15:55:3B:9D:DE:49
Certificate issuer: /CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Certificate serial: 01856C78445F559AAD3EA691F577D06BD621
Authority key identifier: 65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/DNDgHJXmMTAEPEVGW1oVVTud3kk.roa
Signing time: Sun 01 Jan 2023 08:34:59 +0000
ROA not before: Sun 01 Jan 2023 08:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209525
IP address blocks: 194.147.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:44:5f:55:9a:ad:3e:a6:91:f5:77:d0:6b:d6:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Validity
Not Before: Jan 1 08:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cd0e01c95e63130043c45465b5a15553b9dde49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6f:ca:f2:04:11:da:e1:20:b7:75:32:04:e0:
50:34:e1:9a:42:2f:1d:30:1f:68:26:5a:0e:e0:30:
9e:dc:a6:94:84:1e:00:75:61:2b:98:19:a9:90:bd:
55:21:59:2e:e3:2e:f1:ae:ef:a7:8f:19:88:37:dd:
1b:f1:65:cd:fd:4d:e0:ee:3f:c9:da:ff:5b:fa:7e:
29:49:5e:1d:2c:e3:2a:bd:b2:65:44:27:51:5e:10:
e6:20:1f:ab:ed:7f:20:9c:53:60:da:a0:65:c6:0a:
06:09:cb:2f:76:a5:c0:b3:e9:89:4c:de:9c:40:af:
48:f8:21:57:b5:b9:fd:47:68:83:c3:b2:ce:9a:27:
3a:98:d8:bf:eb:59:fc:cc:da:ce:e7:c8:84:76:67:
88:76:d2:8f:2d:b2:33:ff:67:13:de:93:67:bd:5d:
18:f5:d0:28:78:14:d8:f0:8a:d0:1c:ac:4d:c3:fe:
1f:8e:cb:00:c7:10:87:3c:d0:f1:e5:40:4c:13:01:
dd:27:15:4b:8c:fa:e5:f4:fc:e1:99:cf:0b:10:50:
e1:a6:ff:a6:c1:fe:0a:31:f2:27:40:66:0e:37:79:
f5:5f:c4:84:87:ef:25:68:49:ba:71:ea:87:6a:41:
80:ff:cb:2f:be:85:19:10:84:94:9d:82:d3:93:46:
17:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D0:E0:1C:95:E6:31:30:04:3C:45:46:5B:5A:15:55:3B:9D:DE:49
X509v3 Authority Key Identifier:
keyid:65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/DNDgHJXmMTAEPEVGW1oVVTud3kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/ZYwMSZqOadl5X0vQtb8WgrHwD5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.248.0/24
Signature Algorithm: sha256WithRSAEncryption
52:13:06:f7:0b:91:f0:16:9c:9f:2c:d9:47:ea:9d:0f:34:f8:
19:85:7f:f6:e5:b8:83:3b:e1:6e:3d:af:f6:64:3e:1a:09:d1:
c7:c0:43:09:3f:6a:45:9a:b1:b7:19:4c:58:81:52:ff:3a:4a:
a7:24:b3:88:f0:1b:b9:f3:ea:bc:95:cc:37:26:58:bc:2d:f3:
98:d5:4e:79:c3:76:01:36:92:a4:6e:73:bd:0d:aa:81:6f:d6:
37:20:1b:e9:55:c6:2a:44:2e:17:f7:ea:2f:9e:ab:81:63:b2:
b7:a9:b3:40:b8:33:34:a0:53:85:9b:68:7b:1e:01:14:5c:3b:
6e:43:6c:04:1c:0e:be:09:47:44:e4:6c:0a:c7:b5:da:67:96:
51:53:38:85:b7:6a:c2:38:6b:0a:9f:fe:0e:a3:5f:70:d1:37:
59:c9:86:7c:50:90:7f:6a:d6:8f:f0:31:d1:ee:ff:09:53:82:
b4:b6:8f:64:0f:9c:53:3f:2b:d0:88:17:a8:ac:0d:3d:d4:00:
01:60:e0:6b:3b:23:65:4e:62:3b:d8:cf:e9:2d:8c:9d:85:0d:
51:7a:93:5d:9f:19:c7:ae:98:c8:2c:53:b5:fa:b2:ea:09:a6:
76:dc:4a:39:e9:ec:bb:1e:46:23:a8:a8:9b:f5:39:cf:50:eb:
85:1b:53:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseERfVZqtPqaR9XfQa9YhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGMwYzQ5OWE4ZTY5ZDk3OTVmNGJkMGI1YmYxNjgyYjFm
MDBmOWEwHhcNMjMwMTAxMDgzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2QwZTAxYzk1ZTYzMTMwMDQzYzQ1NDY1YjVhMTU1NTNiOWRkZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm/K8gQR2uEgt3UyBOBQNOGaQi8d
MB9oJloO4DCe3KaUhB4AdWErmBmpkL1VIVku4y7xru+njxmIN90b8WXN/U3g7j/J
2v9b+n4pSV4dLOMqvbJlRCdRXhDmIB+r7X8gnFNg2qBlxgoGCcsvdqXAs+mJTN6c
QK9I+CFXtbn9R2iDw7LOmic6mNi/61n8zNrO58iEdmeIdtKPLbIz/2cT3pNnvV0Y
9dAoeBTY8IrQHKxNw/4fjssAxxCHPNDx5UBMEwHdJxVLjPrl9Pzhmc8LEFDhpv+m
wf4KMfInQGYON3n1X8SEh+8laEm6ceqHakGA/8svvoUZEISUnYLTk0YXpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzQ4ByV5jEwBDxFRltaFVU7nd5JMB8GA1UdIwQY
MBaAFGWMDEmajmnZeV9L0LW/FoKx8A+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAt
MzJjMWIyY2VlNTkzLzEvRE5EZ0hKWG1NVEFFUEVWR1cxb1ZWVHVkM2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAtMzJjMWIyY2VlNTkz
LzEvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpP4MA0G
CSqGSIb3DQEBCwUAA4IBAQBSEwb3C5HwFpyfLNlH6p0PNPgZhX/25biDO+FuPa/2
ZD4aCdHHwEMJP2pFmrG3GUxYgVL/OkqnJLOI8Bu58+q8lcw3Jli8LfOY1U55w3YB
NpKkbnO9DaqBb9Y3IBvpVcYqRC4X9+ovnquBY7K3qbNAuDM0oFOFm2h7HgEUXDtu
Q2wEHA6+CUdE5GwKx7XaZ5ZRUziFt2rCOGsKn/4Oo19w0TdZyYZ8UJB/ataP8DHR
7v8JU4K0to9kD5xTPyvQiBeorA091AABYOBrOyNlTmI72M/pLYydhQ1RepNdnxnH
rpjILFO1+rLqCaZ23Eo56ey7HkYjqKib9TnPUOuFG1PR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:35 2025 by rpki-client