Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/3b2c00-94b6-434d-b362-96a34b022f89/1/aqdgbyGfkJhebNFmFePGnsZiOE4.roa
File: aqdgbyGfkJhebNFmFePGnsZiOE4.roa (raw, json)
Hash identifier: xi0AEDB/bKGbRVkOSI5lciZ+vjiiXZzQfTw6ni5owVM=
Subject key identifier: 6A:A7:60:6F:21:9F:90:98:5E:6C:D1:66:15:E3:C6:9E:C6:62:38:4E
Certificate issuer: /CN=d79f925e1738bc352bc6b5cf5ff951b3d813ae39
Certificate serial: 018BC364614266859D2F1CA5D6E24CAFD6F6
Authority key identifier: D7:9F:92:5E:17:38:BC:35:2B:C6:B5:CF:5F:F9:51:B3:D8:13:AE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15-SXhc4vDUrxrXPX_lRs9gTrjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/3b2c00-94b6-434d-b362-96a34b022f89/1/aqdgbyGfkJhebNFmFePGnsZiOE4.roa
Signing time: Sun 12 Nov 2023 11:56:57 +0000
ROA not before: Sun 12 Nov 2023 11:56:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60808
IP address blocks: 194.50.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:64:61:42:66:85:9d:2f:1c:a5:d6:e2:4c:af:d6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79f925e1738bc352bc6b5cf5ff951b3d813ae39
Validity
Not Before: Nov 12 11:56:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa7606f219f90985e6cd16615e3c69ec662384e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dd:8d:1a:25:32:77:08:75:cc:c7:c4:03:c4:
88:03:dc:30:ca:41:ce:c9:01:cf:f6:ee:02:36:be:
3d:c0:a1:d6:81:6a:7b:89:b6:02:fc:ff:4c:c1:2e:
02:03:a1:7f:cb:89:f7:cf:91:65:34:41:27:27:bd:
49:98:f2:f8:bd:95:3c:35:60:6c:a8:79:6e:c1:9c:
b9:d1:6a:83:0f:35:9d:78:0d:13:69:0b:c5:0f:54:
a3:e6:8b:15:5b:2a:96:c4:6a:92:12:e6:8c:35:19:
68:7d:6e:90:65:aa:c1:79:45:b4:55:b2:a2:a6:c7:
2d:4b:af:7e:99:98:d3:7a:76:48:f5:6d:cf:8c:2d:
86:ce:fd:b4:7a:eb:14:e2:a7:7c:0e:e8:87:4b:08:
a5:4e:f4:ba:ca:74:7d:e5:4e:e3:5e:b2:6e:cc:b3:
19:36:3b:e9:df:14:3c:3c:2d:ed:79:3d:28:30:1c:
96:57:59:e1:61:c2:28:00:cf:63:47:79:15:51:49:
05:95:fb:c6:74:0c:ae:1c:a9:e0:43:3b:7e:ca:61:
32:39:3e:17:fc:7b:f5:5d:7d:24:68:a7:b4:ff:5a:
39:ec:4e:4f:50:b6:68:a8:91:f2:8c:a8:a4:7c:5b:
43:84:51:97:7a:50:63:fa:87:cc:ce:7c:fb:46:ae:
0d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A7:60:6F:21:9F:90:98:5E:6C:D1:66:15:E3:C6:9E:C6:62:38:4E
X509v3 Authority Key Identifier:
keyid:D7:9F:92:5E:17:38:BC:35:2B:C6:B5:CF:5F:F9:51:B3:D8:13:AE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15-SXhc4vDUrxrXPX_lRs9gTrjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3b2c00-94b6-434d-b362-96a34b022f89/1/aqdgbyGfkJhebNFmFePGnsZiOE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3b2c00-94b6-434d-b362-96a34b022f89/1/15-SXhc4vDUrxrXPX_lRs9gTrjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.169.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8e:96:f0:a1:af:5d:e3:f4:04:e6:2b:e6:d4:41:89:41:91:
8d:7e:a9:3d:5a:11:83:43:2d:a8:d3:d8:64:e2:5d:e6:4a:fe:
52:26:39:c6:7e:ae:8d:43:f3:a8:f6:da:6d:d1:39:c2:c8:69:
58:73:b4:c3:70:61:1c:f2:c6:83:ea:61:55:5b:a0:de:41:17:
0b:63:f3:19:9f:3e:7a:f4:cb:15:c3:c3:56:e6:10:b6:63:0b:
2d:a8:c7:37:4b:2c:ba:e7:0b:c2:c7:af:2c:f6:34:22:e7:29:
e7:ca:50:b0:c7:4d:1f:4e:63:26:d0:64:66:c4:55:dc:c2:85:
28:df:c4:2a:a8:a6:c6:ae:c5:31:3a:79:ab:c1:bb:24:5f:4c:
61:9a:d1:cf:00:09:c9:2b:7b:07:62:fa:10:3c:59:64:05:50:
7f:cb:a3:2f:aa:6a:2b:84:2f:54:e9:c4:30:33:c8:9c:5a:aa:
5c:fd:3a:19:a4:bb:da:46:cb:3a:d4:ff:1d:60:1c:f6:09:31:
d7:52:58:11:e4:9a:3d:a8:47:87:a6:69:a0:11:c4:ae:d2:1b:
8c:32:c6:ad:ec:c5:ec:05:f3:b7:13:bf:76:4e:ea:0f:2e:a0:
da:42:1c:36:a4:3d:15:09:66:83:59:a4:95:6f:db:67:7e:1e:
6c:92:22:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvDZGFCZoWdLxyl1uJMr9b2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWY5MjVlMTczOGJjMzUyYmM2YjVjZjVmZjk1MWIzZDgx
M2FlMzkwHhcNMjMxMTEyMTE1NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE3NjA2ZjIxOWY5MDk4NWU2Y2QxNjYxNWUzYzY5ZWM2NjIzODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn92NGiUydwh1zMfEA8SIA9wwykHO
yQHP9u4CNr49wKHWgWp7ibYC/P9MwS4CA6F/y4n3z5FlNEEnJ71JmPL4vZU8NWBs
qHluwZy50WqDDzWdeA0TaQvFD1Sj5osVWyqWxGqSEuaMNRlofW6QZarBeUW0VbKi
psctS69+mZjTenZI9W3PjC2Gzv20eusU4qd8DuiHSwilTvS6ynR95U7jXrJuzLMZ
Njvp3xQ8PC3teT0oMByWV1nhYcIoAM9jR3kVUUkFlfvGdAyuHKngQzt+ymEyOT4X
/Hv1XX0kaKe0/1o57E5PULZoqJHyjKikfFtDhFGXelBj+ofMznz7Rq4NJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqnYG8hn5CYXmzRZhXjxp7GYjhOMB8GA1UdIwQY
MBaAFNefkl4XOLw1K8a1z1/5UbPYE645MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUtU1hoYzR2RFVyeHJYUFhfbFJzOWdUcmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zYjJjMDAtOTRiNi00MzRkLWIzNjIt
OTZhMzRiMDIyZjg5LzEvYXFkZ2J5R2ZrSmhlYk5GbUZlUEduc1ppT0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zYjJjMDAtOTRiNi00MzRkLWIzNjItOTZhMzRiMDIyZjg5
LzEvMTUtU1hoYzR2RFVyeHJYUFhfbFJzOWdUcmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjKpMA0G
CSqGSIb3DQEBCwUAA4IBAQBqjpbwoa9d4/QE5ivm1EGJQZGNfqk9WhGDQy2o09hk
4l3mSv5SJjnGfq6NQ/Oo9tpt0TnCyGlYc7TDcGEc8saD6mFVW6DeQRcLY/MZnz56
9MsVw8NW5hC2YwstqMc3Syy65wvCx68s9jQi5ynnylCwx00fTmMm0GRmxFXcwoUo
38QqqKbGrsUxOnmrwbskX0xhmtHPAAnJK3sHYvoQPFlkBVB/y6MvqmorhC9U6cQw
M8icWqpc/ToZpLvaRss61P8dYBz2CTHXUlgR5Jo9qEeHpmmgEcSu0huMMsat7MXs
BfO3E792TuoPLqDaQhw2pD0VCWaDWaSVb9tnfh5skiKU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:52 2025 by rpki-client