Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/F7SN3rgYb0uYx65g59gnNneyPKo.roa
File: F7SN3rgYb0uYx65g59gnNneyPKo.roa (raw, json)
Hash identifier: CUYR1d+aWgFwRC6tVhC8M+aDaYdeYg0NeBsYftq+g/8=
Subject key identifier: 17:B4:8D:DE:B8:18:6F:4B:98:C7:AE:60:E7:D8:27:36:77:B2:3C:AA
Certificate issuer: /CN=6d2d574092ba939a2fff71aa1f8e8ed961530b30
Certificate serial: 018571B0DECEA7BA4D6091E5F5717280EEB7
Authority key identifier: 6D:2D:57:40:92:BA:93:9A:2F:FF:71:AA:1F:8E:8E:D9:61:53:0B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bS1XQJK6k5ov_3GqH46O2WFTCzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/F7SN3rgYb0uYx65g59gnNneyPKo.roa
Signing time: Mon 02 Jan 2023 08:54:54 +0000
ROA not before: Mon 02 Jan 2023 08:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210220
IP address blocks: 194.169.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:de:ce:a7:ba:4d:60:91:e5:f5:71:72:80:ee:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d2d574092ba939a2fff71aa1f8e8ed961530b30
Validity
Not Before: Jan 2 08:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17b48ddeb8186f4b98c7ae60e7d8273677b23caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2f:63:74:76:63:1a:42:06:bc:37:c3:1e:8e:
76:b3:76:cb:82:22:12:dc:7a:ab:b2:c0:1f:99:ef:
e1:77:d5:ea:3b:1f:de:2c:b4:3c:10:ad:8a:99:cb:
d7:09:b8:38:c4:11:43:c2:86:58:f0:f9:9f:fe:04:
c7:b1:2d:40:b5:d6:cc:fd:71:c2:bb:b0:5b:41:14:
60:2b:24:1f:0e:e5:21:79:f3:4a:f2:64:57:59:cb:
a6:00:36:ac:fb:fa:42:b2:ca:42:ae:7a:69:da:a4:
4e:a6:39:65:cf:9f:44:66:79:02:cb:7a:6d:4c:75:
d5:ea:c5:2d:ea:42:14:83:bf:a3:4d:66:99:b3:d0:
41:5c:cf:d5:d4:af:0f:32:64:80:f2:a2:0e:4e:fb:
c1:bc:26:d9:ad:18:ed:05:82:95:97:b0:4b:a4:c0:
b4:96:0f:c0:65:f1:25:ce:85:32:c7:e8:10:f2:60:
e7:98:d7:bc:b9:45:9f:fb:dd:b5:4a:88:a4:52:d2:
e2:9d:05:46:5a:0d:ed:90:9e:59:8c:e3:76:84:f5:
9d:9e:c5:55:27:30:0a:85:13:a6:98:d3:2e:e0:9c:
48:af:5c:77:e5:ad:f7:1f:83:c2:2d:b3:72:dc:53:
3a:49:7b:74:cc:53:5c:0f:85:02:f0:4c:03:21:5d:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B4:8D:DE:B8:18:6F:4B:98:C7:AE:60:E7:D8:27:36:77:B2:3C:AA
X509v3 Authority Key Identifier:
keyid:6D:2D:57:40:92:BA:93:9A:2F:FF:71:AA:1F:8E:8E:D9:61:53:0B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bS1XQJK6k5ov_3GqH46O2WFTCzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/F7SN3rgYb0uYx65g59gnNneyPKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/bS1XQJK6k5ov_3GqH46O2WFTCzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
91:27:e8:fe:75:50:62:53:0d:32:35:85:0d:9a:d7:6d:d9:9f:
26:7b:bf:22:0f:9c:d6:fe:4f:48:19:eb:4f:e9:b4:94:17:69:
25:7b:e1:bb:36:69:f1:58:c8:1f:4a:98:9e:53:36:25:5c:8c:
1f:0f:17:5e:94:6a:c7:d6:5f:75:59:f5:41:35:58:1f:75:8c:
51:d9:d8:5a:28:43:72:ec:0d:d3:57:b4:3f:28:e6:9d:66:ba:
d4:41:2b:6a:5a:bb:bf:07:14:fd:b3:21:06:63:30:71:c4:82:
7e:cc:0c:9a:68:eb:cf:c7:1c:7e:7c:78:d7:a2:69:55:46:21:
38:9f:7c:1a:70:12:ba:c1:33:ec:60:e4:a9:47:8a:60:32:20:
57:7b:3f:bf:e0:a7:76:5b:02:25:83:3b:00:f4:44:b6:69:b0:
e4:33:85:76:68:f7:f5:2c:23:51:30:99:f5:83:2c:6b:1c:62:
49:26:c7:21:b3:c4:16:65:c3:74:09:5b:f6:58:1f:0a:c4:64:
40:2d:aa:6a:38:77:f1:03:80:b7:df:4e:1e:7e:f4:ad:67:f0:
17:23:29:5e:f6:09:d5:bc:fb:51:08:cb:28:86:cc:77:f8:22:
5e:33:25:7b:5e:7c:52:ab:94:a9:73:c5:61:5f:36:ba:77:93:
42:8c:51:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsN7Op7pNYJHl9XFygO63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMmQ1NzQwOTJiYTkzOWEyZmZmNzFhYTFmOGU4ZWQ5NjE1
MzBiMzAwHhcNMjMwMTAyMDg1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I0OGRkZWI4MTg2ZjRiOThjN2FlNjBlN2Q4MjczNjc3YjIzY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS9jdHZjGkIGvDfDHo52s3bLgiIS
3HqrssAfme/hd9XqOx/eLLQ8EK2KmcvXCbg4xBFDwoZY8Pmf/gTHsS1AtdbM/XHC
u7BbQRRgKyQfDuUhefNK8mRXWcumADas+/pCsspCrnpp2qROpjllz59EZnkCy3pt
THXV6sUt6kIUg7+jTWaZs9BBXM/V1K8PMmSA8qIOTvvBvCbZrRjtBYKVl7BLpMC0
lg/AZfElzoUyx+gQ8mDnmNe8uUWf+921SoikUtLinQVGWg3tkJ5ZjON2hPWdnsVV
JzAKhROmmNMu4JxIr1x35a33H4PCLbNy3FM6SXt0zFNcD4UC8EwDIV0RywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBe0jd64GG9LmMeuYOfYJzZ3sjyqMB8GA1UdIwQY
MBaAFG0tV0CSupOaL/9xqh+OjtlhUwswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlMxWFFKSzZrNW92XzNHcUg0Nk8yV0ZUQ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS81OTdjYzMtMzYxMS00NjI4LWJkN2Mt
ZGJhZDFmNGE0MTIzLzEvRjdTTjNyZ1liMHVZeDY1ZzU5Z25ObmV5UEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS81OTdjYzMtMzYxMS00NjI4LWJkN2MtZGJhZDFmNGE0MTIz
LzEvYlMxWFFKSzZrNW92XzNHcUg0Nk8yV0ZUQ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqncMA0G
CSqGSIb3DQEBCwUAA4IBAQCRJ+j+dVBiUw0yNYUNmtdt2Z8me78iD5zW/k9IGetP
6bSUF2kle+G7NmnxWMgfSpieUzYlXIwfDxdelGrH1l91WfVBNVgfdYxR2dhaKENy
7A3TV7Q/KOadZrrUQStqWru/BxT9syEGYzBxxIJ+zAyaaOvPxxx+fHjXomlVRiE4
n3wacBK6wTPsYOSpR4pgMiBXez+/4Kd2WwIlgzsA9ES2abDkM4V2aPf1LCNRMJn1
gyxrHGJJJschs8QWZcN0CVv2WB8KxGRALapqOHfxA4C3304efvStZ/AXIyle9gnV
vPtRCMsohsx3+CJeMyV7XnxSq5Spc8VhXza6d5NCjFG0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:22 2025 by rpki-client