Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/miuizIdQKNLazDBWa6ylHfSfokw.roa
File: miuizIdQKNLazDBWa6ylHfSfokw.roa (raw, json)
Hash identifier: sFLGchjX6jEUw0jJLGwSiy6ObxZEhf/IdONWgCa138U=
Subject key identifier: 9A:2B:A2:CC:87:50:28:D2:DA:CC:30:56:6B:AC:A5:1D:F4:9F:A2:4C
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 01864952CAF4E1F757428F0E492FC3AFC2B9
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/miuizIdQKNLazDBWa6ylHfSfokw.roa
Signing time: Mon 13 Feb 2023 05:50:08 +0000
ROA not before: Mon 13 Feb 2023 05:50:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49771
IP address blocks: 94.188.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:52:ca:f4:e1:f7:57:42:8f:0e:49:2f:c3:af:c2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 13 05:50:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a2ba2cc875028d2dacc30566baca51df49fa24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d8:c1:0e:59:f5:ed:e0:78:10:5d:de:07:f9:
62:1c:74:3a:48:a2:cc:9e:76:66:46:a9:be:8a:fb:
e1:59:39:42:f1:69:a6:a4:bb:f9:f1:4a:8c:c8:ab:
3f:46:87:22:46:c0:43:02:b4:55:3a:f2:84:ad:d2:
90:df:ce:63:79:dc:15:c3:24:89:39:71:1c:0c:16:
1c:7d:27:43:ed:22:88:5a:fb:46:b5:85:7b:93:b8:
78:09:d6:ba:4a:d0:af:f0:72:07:81:04:cc:4b:8c:
c9:4b:f1:c3:a2:f0:f4:df:45:4e:8d:19:e4:aa:38:
38:c2:6c:f4:5c:cd:2c:7f:8b:54:e8:32:3d:e6:4a:
a5:f9:d4:2b:7a:22:37:c8:cd:ee:f1:8f:0a:01:0e:
b1:54:9d:0f:ee:59:46:4c:d0:ab:36:27:6b:05:91:
5d:56:9b:da:5b:3b:89:80:80:27:78:57:c7:02:06:
55:8e:22:9a:36:30:4b:9c:85:1a:6d:d8:71:77:bc:
a0:3a:1d:dd:7a:7b:f2:f3:4e:53:ba:a4:4a:0a:fb:
3b:16:e7:12:83:9f:88:08:a7:ad:d7:23:a9:a6:7c:
81:08:e4:6a:8b:ef:7c:de:88:c0:28:04:ff:b0:02:
d1:04:db:c7:86:d3:8e:70:79:24:e7:fb:0d:3f:4a:
1f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2B:A2:CC:87:50:28:D2:DA:CC:30:56:6B:AC:A5:1D:F4:9F:A2:4C
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/miuizIdQKNLazDBWa6ylHfSfokw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.144.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f9:c8:ed:bf:12:6f:2a:d2:d1:7e:31:94:46:2e:88:8f:2d:
09:8d:c4:e2:8d:95:f9:34:77:67:75:9a:65:1c:26:de:a6:c5:
81:5f:3c:51:26:69:3b:71:30:7c:4d:9a:13:9c:2d:11:28:58:
43:54:89:7f:2a:42:71:1a:82:36:f8:56:84:18:8d:3a:8d:b4:
97:42:65:25:1f:22:36:0f:58:6c:e9:27:47:ae:47:c7:1c:d9:
be:cf:1f:ff:3e:f3:f9:76:f0:48:04:bb:63:eb:93:1d:42:cb:
ac:45:82:d7:87:94:e1:7c:d1:9e:a5:67:b2:6b:69:4d:ca:ea:
53:40:89:30:00:29:28:fc:b1:d7:a1:20:9f:8a:4a:86:7a:c8:
f5:cf:2b:77:b4:4e:b9:d1:e2:95:9c:2c:9e:e7:db:51:ab:66:
d0:bb:f1:af:9c:a9:86:04:89:b6:39:4a:a8:ce:42:b5:76:bb:
85:65:08:1a:4a:4f:20:93:bd:69:8d:d4:95:7e:d8:bc:20:f1:
93:2b:b0:02:1d:b6:5e:de:bd:7b:f6:d3:f8:e8:c6:1c:a7:0d:
37:86:aa:e4:02:4d:dd:b8:b3:b3:20:99:95:ba:9e:86:52:a9:
4d:43:08:01:75:43:76:8e:37:5a:2c:8b:dd:6b:b2:07:cb:00:
7a:99:6b:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZJUsr04fdXQo8OSS/Dr8K5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMjEzMDU1MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJiYTJjYzg3NTAyOGQyZGFjYzMwNTY2YmFjYTUxZGY0OWZhMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntjBDln17eB4EF3eB/liHHQ6SKLM
nnZmRqm+ivvhWTlC8WmmpLv58UqMyKs/RociRsBDArRVOvKErdKQ385jedwVwySJ
OXEcDBYcfSdD7SKIWvtGtYV7k7h4Cda6StCv8HIHgQTMS4zJS/HDovD030VOjRnk
qjg4wmz0XM0sf4tU6DI95kql+dQreiI3yM3u8Y8KAQ6xVJ0P7llGTNCrNidrBZFd
VpvaWzuJgIAneFfHAgZVjiKaNjBLnIUabdhxd7ygOh3denvy805TuqRKCvs7FucS
g5+ICKet1yOppnyBCORqi+983ojAKAT/sALRBNvHhtOOcHkk5/sNP0ofvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJorosyHUCjS2swwVmuspR30n6JMMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvbWl1aXpJZFFLTkxhekRCV2E2eWxIZlNmb2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXryQMA0G
CSqGSIb3DQEBCwUAA4IBAQCA+cjtvxJvKtLRfjGURi6Ijy0JjcTijZX5NHdndZpl
HCbepsWBXzxRJmk7cTB8TZoTnC0RKFhDVIl/KkJxGoI2+FaEGI06jbSXQmUlHyI2
D1hs6SdHrkfHHNm+zx//PvP5dvBIBLtj65MdQsusRYLXh5ThfNGepWeya2lNyupT
QIkwACko/LHXoSCfikqGesj1zyt3tE650eKVnCye59tRq2bQu/GvnKmGBIm2OUqo
zkK1druFZQgaSk8gk71pjdSVfti8IPGTK7ACHbZe3r179tP46MYcpw03hqrkAk3d
uLOzIJmVup6GUqlNQwgBdUN2jjdaLIvda7IHywB6mWv2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:30 2025 by rpki-client