Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/I_2zT-rfD0mLqrY4Y_Q-y44EHkg.roa
File: I_2zT-rfD0mLqrY4Y_Q-y44EHkg.roa (raw, json)
Hash identifier: bKjrDJk7qMLbbMnylAzIH12wtr4kfmxPnBaLWqJJfoY=
Subject key identifier: 23:FD:B3:4F:EA:DF:0F:49:8B:AA:B6:38:63:F4:3E:CB:8E:04:1E:48
Certificate issuer: /CN=86efb49df2474a6042b9f210bfea861b1b2886ed
Certificate serial: 01856C65E3799E648E49EF1114095F3111BD
Authority key identifier: 86:EF:B4:9D:F2:47:4A:60:42:B9:F2:10:BF:EA:86:1B:1B:28:86:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu-0nfJHSmBCufIQv-qGGxsohu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/I_2zT-rfD0mLqrY4Y_Q-y44EHkg.roa
Signing time: Sun 01 Jan 2023 08:14:54 +0000
ROA not before: Sun 01 Jan 2023 08:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29533
IP address blocks: 194.146.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e3:79:9e:64:8e:49:ef:11:14:09:5f:31:11:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86efb49df2474a6042b9f210bfea861b1b2886ed
Validity
Not Before: Jan 1 08:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23fdb34feadf0f498baab63863f43ecb8e041e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a7:b9:94:0b:ae:fa:17:c9:8a:0e:54:ed:06:
85:09:84:ae:6c:d6:5a:0e:96:c5:67:c3:92:c7:82:
c5:7b:d4:be:c4:a5:79:45:38:0e:36:43:61:98:ac:
f4:ea:5e:a4:9e:bd:49:3b:8d:4b:95:86:17:f0:b6:
ab:39:eb:10:2c:33:4a:45:11:90:d5:b8:8c:8c:b4:
2f:f2:ab:6b:a5:16:82:14:dd:c0:dc:dd:a4:3b:99:
a9:18:c9:2b:8e:16:fb:70:2d:24:d9:0a:44:26:8d:
de:9e:2c:cc:91:09:ad:fe:39:6e:4f:0d:9e:7c:a0:
5d:65:69:0a:31:ff:6c:da:1a:60:34:04:ef:54:57:
a0:c4:aa:a3:63:39:87:27:85:07:fd:37:09:be:46:
80:44:63:32:22:6a:86:df:38:f9:1f:bd:81:e7:71:
73:05:4b:37:e8:a1:4b:2e:0b:92:8c:2c:16:c1:9a:
0f:99:a3:1d:a4:11:b6:16:f7:53:87:cc:e4:90:10:
6e:f7:6d:e8:74:a4:25:9b:c0:3b:1b:35:2b:b8:d1:
63:d4:27:14:71:50:a8:a4:5a:37:05:50:44:95:1d:
ba:c9:45:76:aa:5d:16:17:1a:a0:1e:0f:a2:f6:15:
53:a4:20:95:f8:60:b7:34:23:bb:44:aa:38:f8:c8:
7d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:FD:B3:4F:EA:DF:0F:49:8B:AA:B6:38:63:F4:3E:CB:8E:04:1E:48
X509v3 Authority Key Identifier:
keyid:86:EF:B4:9D:F2:47:4A:60:42:B9:F2:10:BF:EA:86:1B:1B:28:86:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu-0nfJHSmBCufIQv-qGGxsohu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/I_2zT-rfD0mLqrY4Y_Q-y44EHkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/hu-0nfJHSmBCufIQv-qGGxsohu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.121.0/24
Signature Algorithm: sha256WithRSAEncryption
79:21:31:e9:99:fb:23:05:fc:7d:e7:ff:ac:d1:2b:a5:25:52:
3b:8d:3d:ae:1d:da:c9:3d:2b:76:bc:4d:3e:d1:a6:e1:4f:ae:
58:ad:18:42:86:12:ba:a1:12:a6:3f:e5:ac:2c:18:45:72:f7:
6e:bc:66:dc:3a:b5:c9:ed:09:0d:e9:c4:f3:1d:d4:ae:66:aa:
b7:da:3f:48:0c:42:88:52:35:0f:ed:14:8f:ce:c8:c6:a1:b5:
4d:a2:ee:92:23:84:b6:76:07:0f:12:d4:7a:1c:3e:88:95:89:
45:3d:bd:fb:7d:02:82:1a:3f:da:ca:1e:96:74:81:83:21:7d:
4c:a9:83:02:bb:0f:1b:19:dc:55:01:4d:85:21:0c:dc:37:ee:
31:8d:83:46:3a:a6:45:a9:81:d9:d5:49:4b:e8:30:c2:f5:68:
af:e2:36:af:92:0e:78:82:a4:90:ec:cc:e5:2f:cc:34:d2:31:
54:b4:81:9c:5d:82:88:ab:db:b6:54:58:b1:36:19:23:be:4f:
9a:a8:1f:32:90:17:d4:8b:93:4f:1f:b2:64:7a:4b:3f:b1:34:
cc:a7:bd:da:0f:fe:fc:36:6e:ed:50:d9:93:3b:bc:6c:04:a1:
3f:01:ca:2b:ca:cb:ff:ad:c9:03:26:86:fb:5a:0f:57:be:49:
d7:a0:e4:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZeN5nmSOSe8RFAlfMRG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWZiNDlkZjI0NzRhNjA0MmI5ZjIxMGJmZWE4NjFiMWIy
ODg2ZWQwHhcNMjMwMTAxMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2ZkYjM0ZmVhZGYwZjQ5OGJhYWI2Mzg2M2Y0M2VjYjhlMDQxZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxae5lAuu+hfJig5U7QaFCYSubNZa
DpbFZ8OSx4LFe9S+xKV5RTgONkNhmKz06l6knr1JO41LlYYX8LarOesQLDNKRRGQ
1biMjLQv8qtrpRaCFN3A3N2kO5mpGMkrjhb7cC0k2QpEJo3enizMkQmt/jluTw2e
fKBdZWkKMf9s2hpgNATvVFegxKqjYzmHJ4UH/TcJvkaARGMyImqG3zj5H72B53Fz
BUs36KFLLguSjCwWwZoPmaMdpBG2FvdTh8zkkBBu923odKQlm8A7GzUruNFj1CcU
cVCopFo3BVBElR26yUV2ql0WFxqgHg+i9hVTpCCV+GC3NCO7RKo4+Mh9SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCP9s0/q3w9Ji6q2OGP0PsuOBB5IMB8GA1UdIwQY
MBaAFIbvtJ3yR0pgQrnyEL/qhhsbKIbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHUtMG5mSkhTbUJDdWZJUXYtcUdHeHNvaHUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80MzUxODQtNzc5MS00YjU0LWI5Yjgt
OTViMjcxZjJlMjBiLzEvSV8yelQtcmZEMG1McXJZNFlfUS15NDRFSGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80MzUxODQtNzc5MS00YjU0LWI5YjgtOTViMjcxZjJlMjBi
LzEvaHUtMG5mSkhTbUJDdWZJUXYtcUdHeHNvaHUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpJ5MA0G
CSqGSIb3DQEBCwUAA4IBAQB5ITHpmfsjBfx95/+s0SulJVI7jT2uHdrJPSt2vE0+
0abhT65YrRhChhK6oRKmP+WsLBhFcvduvGbcOrXJ7QkN6cTzHdSuZqq32j9IDEKI
UjUP7RSPzsjGobVNou6SI4S2dgcPEtR6HD6IlYlFPb37fQKCGj/ayh6WdIGDIX1M
qYMCuw8bGdxVAU2FIQzcN+4xjYNGOqZFqYHZ1UlL6DDC9Wiv4javkg54gqSQ7Mzl
L8w00jFUtIGcXYKIq9u2VFixNhkjvk+aqB8ykBfUi5NPH7Jkeks/sTTMp73aD/78
Nm7tUNmTO7xsBKE/Acorysv/rckDJob7Wg9XvknXoORV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:30 2025 by rpki-client