Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/0mK-IBSTDFGGp8wRnzEjpGj9rB0.roa
File: 0mK-IBSTDFGGp8wRnzEjpGj9rB0.roa (raw, json)
Hash identifier: Sx3HdtyhbWdhzD4ZWQEuNRfUwg95NbJI5rft7+g8S8o=
Subject key identifier: D2:62:BE:20:14:93:0C:51:86:A7:CC:11:9F:31:23:A4:68:FD:AC:1D
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 01856F02473771BCA75C7804EF589FE4F759
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/0mK-IBSTDFGGp8wRnzEjpGj9rB0.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35038
IP address blocks: 194.117.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:47:37:71:bc:a7:5c:78:04:ef:58:9f:e4:f7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d262be2014930c5186a7cc119f3123a468fdac1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:22:49:c1:22:87:64:b4:ae:2d:77:5e:8b:61:
12:d6:ab:30:ce:44:e0:fe:43:99:de:b0:cf:07:ff:
b3:dd:d3:97:15:e5:e4:ed:5c:05:29:df:08:a9:c4:
93:1f:38:f6:29:8b:1b:c2:03:2b:9a:1a:9f:4a:10:
0e:ed:b8:94:bd:e3:7d:b5:88:ae:74:e7:16:f6:d9:
b7:9c:78:e0:ee:e1:0d:c9:d3:bd:be:a8:4a:7f:23:
39:fe:78:29:13:d8:2a:17:06:83:77:88:fa:89:d1:
12:ce:0c:c1:bc:81:f4:cd:5d:04:98:9b:2f:a2:70:
74:da:78:28:e6:5a:70:ae:df:59:78:32:02:02:80:
31:a1:42:ce:06:1f:a1:30:4f:64:ba:e3:0e:5b:c9:
73:c1:fa:40:f9:66:b9:ae:e8:a8:b3:7b:c7:83:9e:
77:e8:6a:7e:40:5b:d9:46:2d:20:7c:40:80:bc:73:
ea:16:0b:e5:0e:64:54:ef:a2:83:78:32:d9:c8:6d:
b2:82:37:95:7a:4e:65:0c:2f:5f:30:8f:7b:a8:ee:
e1:a9:bd:75:b7:dc:2f:8e:5b:9b:be:11:af:8c:4a:
e3:91:89:54:c9:2d:ab:16:97:e9:4a:bb:54:38:2a:
6c:2a:e7:f0:47:e0:0e:b0:48:d0:ac:b4:2d:04:1c:
70:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:62:BE:20:14:93:0C:51:86:A7:CC:11:9F:31:23:A4:68:FD:AC:1D
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/0mK-IBSTDFGGp8wRnzEjpGj9rB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.24.0/21
Signature Algorithm: sha256WithRSAEncryption
25:08:47:15:e2:24:47:5d:f0:59:8d:b0:0a:e1:71:e1:b9:3c:
d0:75:bd:44:3c:80:2b:b0:c2:5a:f4:44:d7:6a:b6:7b:1e:4a:
fc:94:0a:e1:63:52:ef:58:b1:81:39:e5:52:4c:6f:b9:a4:c6:
ef:68:e8:96:76:30:5f:fb:b6:1c:8a:34:97:cd:55:f5:bf:66:
55:48:d2:71:07:86:53:1b:88:c7:e4:65:9e:da:fc:01:a7:b9:
3c:8b:02:5b:2e:2b:34:f0:23:70:e1:8a:a8:64:fc:f4:1c:c3:
02:37:65:fb:76:9c:4e:a9:de:e5:d6:a3:cb:76:30:33:0b:59:
29:9c:c3:bb:df:39:1e:91:43:c3:f3:08:09:bf:40:87:4d:c0:
e4:bd:ba:43:48:7c:a5:f0:f4:3b:b8:37:c7:cd:cf:2b:62:52:
ca:13:86:0e:8e:7f:3d:bb:00:ff:a4:2a:11:71:82:be:3b:da:
ea:d7:b9:2f:2b:c8:9f:9a:df:f4:dc:d6:23:a6:7e:bf:69:de:
4d:82:2c:a1:f2:32:43:10:02:5e:61:35:e8:9d:c9:2d:98:ed:
0d:cc:48:71:ea:09:10:25:12:a8:de:05:e4:6a:1b:da:41:c4:
8e:66:c2:4c:c7:7a:d5:82:7b:dd:f5:40:fd:de:4f:6d:c2:ef:
1a:e4:e8:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkc3cbynXHgE71if5PdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlMTkzYjMwMTY2NWI1NmY2NzgwZjIyNWZkNDRkMTQ0
MDkzYWYwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjYyYmUyMDE0OTMwYzUxODZhN2NjMTE5ZjMxMjNhNDY4ZmRhYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCJJwSKHZLSuLXdei2ES1qswzkTg
/kOZ3rDPB/+z3dOXFeXk7VwFKd8IqcSTHzj2KYsbwgMrmhqfShAO7biUveN9tYiu
dOcW9tm3nHjg7uENydO9vqhKfyM5/ngpE9gqFwaDd4j6idESzgzBvIH0zV0EmJsv
onB02ngo5lpwrt9ZeDICAoAxoULOBh+hME9kuuMOW8lzwfpA+Wa5ruios3vHg553
6Gp+QFvZRi0gfECAvHPqFgvlDmRU76KDeDLZyG2ygjeVek5lDC9fMI97qO7hqb11
t9wvjlubvhGvjErjkYlUyS2rFpfpSrtUOCpsKufwR+AOsEjQrLQtBBxwQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJiviAUkwxRhqfMEZ8xI6Ro/awdMB8GA1UdIwQY
MBaAFA1O4ZOzAWZbVvZ4DyJf1E0UQJOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYt
OWY3ZTBmODYyZjFlLzEvMG1LLUlCU1RERkdHcDh3Um56RWpwR2o5ckIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYtOWY3ZTBmODYyZjFl
LzEvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwnUYMA0G
CSqGSIb3DQEBCwUAA4IBAQAlCEcV4iRHXfBZjbAK4XHhuTzQdb1EPIArsMJa9ETX
arZ7Hkr8lArhY1LvWLGBOeVSTG+5pMbvaOiWdjBf+7YcijSXzVX1v2ZVSNJxB4ZT
G4jH5GWe2vwBp7k8iwJbLis08CNw4YqoZPz0HMMCN2X7dpxOqd7l1qPLdjAzC1kp
nMO73zkekUPD8wgJv0CHTcDkvbpDSHyl8PQ7uDfHzc8rYlLKE4YOjn89uwD/pCoR
cYK+O9rq17kvK8ifmt/03NYjpn6/ad5Ngiyh8jJDEAJeYTXoncktmO0NzEhx6gkQ
JRKo3gXkahvaQcSOZsJMx3rVgnvd9UD93k9twu8a5OjJ
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:28:37 2025 by rpki-client