Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/jPfZCrZTlYnMN1_M-Fe43vi7_gg.roa
File: jPfZCrZTlYnMN1_M-Fe43vi7_gg.roa (raw, json)
Hash identifier: AcbMnY1uhlmPywwE9jmRC4rB5gO1LS/4W5k+C+wrEbo=
Subject key identifier: 8C:F7:D9:0A:B6:53:95:89:CC:37:5F:CC:F8:57:B8:DE:F8:BB:FE:08
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 018699210E622BDCDA62D7B1B358024E3829
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/jPfZCrZTlYnMN1_M-Fe43vi7_gg.roa
Signing time: Tue 28 Feb 2023 17:45:25 +0000
ROA not before: Tue 28 Feb 2023 17:45:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 194.113.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:21:0e:62:2b:dc:da:62:d7:b1:b3:58:02:4e:38:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Feb 28 17:45:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cf7d90ab6539589cc375fccf857b8def8bbfe08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d9:ea:29:78:20:27:ae:5f:38:9d:e2:0a:af:
b6:28:0d:47:ba:d8:12:ed:9c:3f:2b:f8:b1:e6:ee:
4f:49:1c:c6:98:44:7a:22:21:17:71:79:c7:60:38:
0d:ef:2f:64:00:7e:a7:f0:6f:a3:fe:6a:d7:8f:79:
ec:10:89:f2:9e:66:52:45:29:32:0b:72:a7:cd:c1:
d5:c2:e7:4c:96:5d:b9:61:f3:7d:88:b4:e9:49:56:
82:c0:b6:48:6b:7b:13:0e:76:b1:07:4a:aa:d0:83:
9a:93:9b:cb:19:3c:c5:3b:11:3b:72:f3:62:d4:77:
bb:60:8f:d0:68:b2:dd:94:9f:43:79:bd:00:31:c4:
ab:43:d3:2f:74:9d:88:cf:ed:78:97:20:c9:35:2a:
ff:ba:dc:fd:8f:66:b1:10:4d:eb:e7:09:bc:6c:29:
d8:c6:67:da:82:4c:c3:0f:fc:e1:36:55:db:e7:10:
3b:54:43:69:42:66:10:73:2a:e0:54:63:c0:14:b4:
d0:d0:60:b3:a8:7d:dc:31:1a:88:02:12:31:75:c9:
c1:2d:8e:e7:23:76:0d:1d:0f:93:fc:d7:c9:0d:9e:
47:87:f7:c4:0a:cf:35:fa:26:de:10:4f:3e:9c:36:
57:13:55:a0:b8:78:81:bb:7c:e5:0b:4c:49:5f:ea:
36:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F7:D9:0A:B6:53:95:89:CC:37:5F:CC:F8:57:B8:DE:F8:BB:FE:08
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/jPfZCrZTlYnMN1_M-Fe43vi7_gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.238.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:72:db:6f:8a:c7:56:5a:8a:d2:89:8f:09:a5:ca:87:68:dc:
01:3f:1c:88:21:07:65:4f:ff:c3:51:19:f8:25:cb:33:67:7c:
c4:05:31:fa:3a:6d:d8:bc:90:7a:ae:58:89:7a:6d:b6:57:da:
83:de:27:d6:1c:dd:da:6e:7b:d3:fe:35:78:47:15:49:68:b3:
f0:5a:f5:c3:82:85:f9:cd:45:1b:d6:24:07:aa:36:43:b2:e8:
0a:d3:9b:f5:09:9e:1e:53:14:a9:79:3a:4e:e9:98:45:7f:a9:
6e:9c:c4:25:05:75:f9:0a:6d:31:86:e9:93:65:da:32:66:3a:
0d:c6:63:d5:7e:e0:2a:82:82:44:00:60:d5:3a:e5:2e:07:7a:
3c:7e:22:40:26:f2:2b:77:1a:40:e3:cc:95:36:25:7e:6e:ac:
bb:90:60:c4:d1:08:42:d2:c6:a3:73:d9:cb:d8:f5:5b:25:1d:
a1:7b:7c:b3:5c:6d:32:7f:05:58:ae:16:49:d5:72:9a:8e:62:
2e:b9:18:ed:40:b2:31:ea:ea:90:8e:69:44:59:b7:4f:65:c5:
d6:34:d1:06:f8:86:25:29:89:7f:0d:d8:e7:b6:9e:50:fc:f9:
a7:a9:e3:c7:ff:10:f5:0a:b5:5e:1c:8f:2b:dc:24:6a:07:1b:
b8:da:7c:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaZIQ5iK9zaYtexs1gCTjgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMwMjI4MTc0NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Y3ZDkwYWI2NTM5NTg5Y2MzNzVmY2NmODU3YjhkZWY4YmJmZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdnqKXggJ65fOJ3iCq+2KA1HutgS
7Zw/K/ix5u5PSRzGmER6IiEXcXnHYDgN7y9kAH6n8G+j/mrXj3nsEInynmZSRSky
C3KnzcHVwudMll25YfN9iLTpSVaCwLZIa3sTDnaxB0qq0IOak5vLGTzFOxE7cvNi
1He7YI/QaLLdlJ9Deb0AMcSrQ9MvdJ2Iz+14lyDJNSr/utz9j2axEE3r5wm8bCnY
xmfagkzDD/zhNlXb5xA7VENpQmYQcyrgVGPAFLTQ0GCzqH3cMRqIAhIxdcnBLY7n
I3YNHQ+T/NfJDZ5Hh/fECs81+ibeEE8+nDZXE1WguHiBu3zlC0xJX+o2TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIz32Qq2U5WJzDdfzPhXuN74u/4IMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvalBmWkNyWlRsWW5NTjFfTS1GZTQzdmk3X2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnHuMA0G
CSqGSIb3DQEBCwUAA4IBAQCxcttvisdWWorSiY8JpcqHaNwBPxyIIQdlT//DURn4
JcszZ3zEBTH6Om3YvJB6rliJem22V9qD3ifWHN3abnvT/jV4RxVJaLPwWvXDgoX5
zUUb1iQHqjZDsugK05v1CZ4eUxSpeTpO6ZhFf6lunMQlBXX5Cm0xhumTZdoyZjoN
xmPVfuAqgoJEAGDVOuUuB3o8fiJAJvIrdxpA48yVNiV+bqy7kGDE0QhC0sajc9nL
2PVbJR2he3yzXG0yfwVYrhZJ1XKajmIuuRjtQLIx6uqQjmlEWbdPZcXWNNEG+IYl
KYl/Ddjntp5Q/PmnqePH/xD1CrVeHI8r3CRqBxu42nws
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:41 2025 by rpki-client