Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/25GSmb8H0AN71rEWIksJsvqII5k.roa
File: 25GSmb8H0AN71rEWIksJsvqII5k.roa (raw, json)
Hash identifier: Aq6vcqAVqXjDXEJyqd7j2bCA4W03UjbtVvTlOBFcelM=
Subject key identifier: DB:91:92:99:BF:07:D0:03:7B:D6:B1:16:22:4B:09:B2:FA:88:23:99
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018649558F3A4391FD247CA5A531C1D96A89
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/25GSmb8H0AN71rEWIksJsvqII5k.roa
Signing time: Mon 13 Feb 2023 05:53:09 +0000
ROA not before: Mon 13 Feb 2023 05:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213055
IP address blocks: 94.188.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:55:8f:3a:43:91:fd:24:7c:a5:a5:31:c1:d9:6a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 13 05:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db919299bf07d0037bd6b116224b09b2fa882399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:6d:ba:85:7f:18:fa:09:54:47:30:cd:b0:
92:68:2e:fa:90:17:77:5e:41:67:f1:c9:52:15:58:
92:fa:ce:52:25:be:e2:4d:c2:9d:6a:f5:5b:10:00:
d0:1f:38:42:f5:bc:06:0f:01:4e:3e:60:00:15:08:
a2:c7:76:07:0e:45:45:bc:ff:13:aa:ae:d6:2f:84:
62:8e:e4:87:dc:ad:8d:9a:fa:48:1d:0c:0d:38:f6:
be:9f:1d:d9:45:26:eb:76:13:91:99:0f:c4:3f:48:
4b:ce:80:5a:d5:67:b9:82:d7:10:e6:16:05:fc:65:
d1:48:99:24:af:81:08:a4:9f:a7:ec:77:76:d0:7d:
39:da:c7:73:b9:d5:03:a3:04:c9:b7:83:c1:90:0e:
17:1f:52:a1:42:5a:fb:c8:80:56:84:c9:e1:23:a2:
fc:aa:cd:bd:65:89:60:03:7f:5a:11:ea:09:ff:04:
4e:41:e2:9e:9a:83:53:fb:9a:f4:e6:be:d0:67:db:
67:2d:8f:ca:77:d5:0a:af:e0:67:f7:9e:47:83:17:
19:64:6b:c8:49:49:51:d8:bf:af:25:31:a9:67:4c:
43:54:2d:99:86:ce:2a:00:78:bc:1a:c1:ef:fb:38:
69:f1:61:b0:71:4c:09:e8:7b:ef:1e:d3:c5:f9:5f:
7a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:91:92:99:BF:07:D0:03:7B:D6:B1:16:22:4B:09:B2:FA:88:23:99
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/25GSmb8H0AN71rEWIksJsvqII5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.238.0/24
Signature Algorithm: sha256WithRSAEncryption
33:32:17:aa:58:7d:fa:ee:c7:34:ba:92:4d:5f:66:3c:ff:f8:
f8:a1:47:dc:d2:81:d9:c3:a3:c3:c6:92:01:8c:78:1d:d3:a8:
4e:00:2b:eb:e5:9f:95:d6:0a:7e:70:8f:20:2b:dd:a4:65:b1:
d5:c1:f1:50:85:8a:6a:97:ac:f2:ef:7b:a0:19:57:f8:dc:e3:
51:81:ee:c6:3d:2d:06:5e:30:4c:40:dd:9c:07:b3:36:4a:4a:
2c:a8:b0:b1:0a:67:0c:33:3c:cc:04:55:8b:ec:da:0a:30:2a:
17:12:4a:be:a6:e9:82:78:e9:25:65:27:c7:68:48:b5:05:25:
2e:2d:47:4f:95:3a:2e:21:4d:58:0d:0f:87:4b:c1:99:05:97:
2e:fc:c8:ef:32:9e:15:ee:0e:72:fb:f8:91:2d:dd:21:dd:14:
9d:19:1b:1b:e4:ad:2d:78:a5:c1:24:a7:c3:95:6c:c2:4c:5e:
bc:4d:39:d8:07:33:af:3d:f3:8e:23:fe:6a:27:33:eb:05:b2:
53:79:a0:dc:dc:62:34:3f:3a:13:ae:30:75:84:45:59:6a:5b:
37:c1:b7:1d:05:5e:14:52:fa:db:c8:7b:66:cc:ee:49:3e:9a:
91:d5:ce:4b:db:51:60:0b:ae:4f:98:67:d9:b8:30:2b:5b:4a:
3d:96:b2:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZJVY86Q5H9JHylpTHB2WqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMjEzMDU1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjkxOTI5OWJmMDdkMDAzN2JkNmIxMTYyMjRiMDliMmZhODgyMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEFtuoV/GPoJVEcwzbCSaC76kBd3
XkFn8clSFViS+s5SJb7iTcKdavVbEADQHzhC9bwGDwFOPmAAFQiix3YHDkVFvP8T
qq7WL4RijuSH3K2NmvpIHQwNOPa+nx3ZRSbrdhORmQ/EP0hLzoBa1We5gtcQ5hYF
/GXRSJkkr4EIpJ+n7Hd20H052sdzudUDowTJt4PBkA4XH1KhQlr7yIBWhMnhI6L8
qs29ZYlgA39aEeoJ/wROQeKemoNT+5r05r7QZ9tnLY/Kd9UKr+Bn955HgxcZZGvI
SUlR2L+vJTGpZ0xDVC2Zhs4qAHi8GsHv+zhp8WGwcUwJ6HvvHtPF+V96XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuRkpm/B9ADe9axFiJLCbL6iCOZMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvMjVHU21iOEgwQU43MXJFV0lrc0pzdnFJSTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrzuMA0G
CSqGSIb3DQEBCwUAA4IBAQAzMheqWH367sc0upJNX2Y8//j4oUfc0oHZw6PDxpIB
jHgd06hOACvr5Z+V1gp+cI8gK92kZbHVwfFQhYpql6zy73ugGVf43ONRge7GPS0G
XjBMQN2cB7M2SkosqLCxCmcMMzzMBFWL7NoKMCoXEkq+pumCeOklZSfHaEi1BSUu
LUdPlTouIU1YDQ+HS8GZBZcu/MjvMp4V7g5y+/iRLd0h3RSdGRsb5K0teKXBJKfD
lWzCTF68TTnYBzOvPfOOI/5qJzPrBbJTeaDc3GI0PzoTrjB1hEVZals3wbcdBV4U
UvrbyHtmzO5JPpqR1c5L21FgC65PmGfZuDArW0o9lrI1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:36 2025 by rpki-client