Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/C210obg6b8wiGH1LmtJ8vtIGRog.roa
File: C210obg6b8wiGH1LmtJ8vtIGRog.roa (raw, json)
Hash identifier: R/ayfW5BCy52CT3ygALPioghjNdQGYrRYgmywM3WsGk=
Subject key identifier: 0B:6D:74:A1:B8:3A:6F:CC:22:18:7D:4B:9A:D2:7C:BE:D2:06:46:88
Certificate issuer: /CN=34919204b7ac47424baabfb291bd3fc8fa9e05f6
Certificate serial: 01856C25BEDA1FA9CB6D657B17CF87576F5C
Authority key identifier: 34:91:92:04:B7:AC:47:42:4B:AA:BF:B2:91:BD:3F:C8:FA:9E:05:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/C210obg6b8wiGH1LmtJ8vtIGRog.roa
Signing time: Sun 01 Jan 2023 07:04:51 +0000
ROA not before: Sun 01 Jan 2023 07:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 194.49.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:be:da:1f:a9:cb:6d:65:7b:17:cf:87:57:6f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34919204b7ac47424baabfb291bd3fc8fa9e05f6
Validity
Not Before: Jan 1 07:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b6d74a1b83a6fcc22187d4b9ad27cbed2064688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bf:2e:d1:13:18:5f:27:32:2c:b9:9c:78:61:
d5:7a:59:16:f8:86:e4:ef:4f:9f:f3:d6:0b:ac:8d:
52:23:3c:f9:79:0d:15:54:c8:e4:3c:2d:89:0f:ae:
3e:87:08:68:56:a4:f9:15:74:bc:a9:2a:44:18:bd:
d9:db:8f:2f:89:92:79:4c:5b:35:7c:d5:95:d8:45:
01:fe:8a:8a:13:ec:3a:ce:0e:c9:7f:bf:66:cf:16:
ad:e9:c3:1f:6b:87:39:1d:53:83:27:1f:09:a8:e7:
4e:44:d7:4a:70:3d:1c:8c:0a:4f:63:7f:a2:8a:35:
0c:10:24:71:fe:10:6e:b4:41:2c:da:39:30:b3:c1:
05:fc:86:be:57:38:48:66:42:84:5b:02:91:ad:df:
9d:9d:ef:29:d2:ea:29:13:ac:2e:dd:e1:15:70:93:
d5:22:06:f6:72:a1:3b:46:ac:eb:d7:0e:50:81:d8:
7c:bd:8c:11:0b:08:0c:77:c2:3d:17:09:f8:b2:7d:
91:fb:61:17:ac:8d:c1:e6:fd:dc:6b:72:cb:d8:14:
8d:1a:c0:73:f9:d4:75:61:b0:dd:ea:14:af:e7:68:
f1:e6:12:1a:6a:df:0a:2c:00:25:5f:85:c4:9a:ae:
1b:4c:37:33:69:8a:29:8a:f0:cf:56:81:01:90:50:
2b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6D:74:A1:B8:3A:6F:CC:22:18:7D:4B:9A:D2:7C:BE:D2:06:46:88
X509v3 Authority Key Identifier:
keyid:34:91:92:04:B7:AC:47:42:4B:AA:BF:B2:91:BD:3F:C8:FA:9E:05:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/C210obg6b8wiGH1LmtJ8vtIGRog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/NJGSBLesR0JLqr-ykb0_yPqeBfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.61.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:e5:23:01:54:a9:21:9f:30:b7:2c:c8:37:e9:c1:26:bc:31:
b5:30:c1:6e:fa:ed:9b:12:cc:97:d3:2e:9c:4b:98:e8:e2:2f:
8d:e9:8d:f9:61:77:13:4c:61:5a:69:20:4e:e2:61:26:83:46:
56:c1:25:71:70:0e:22:b6:7e:43:61:d6:0f:b0:87:a9:f1:e2:
67:d3:73:c7:b4:d6:1c:75:dd:a8:0f:3a:3f:dd:89:62:91:57:
7e:fd:cb:3d:04:b9:89:54:af:a2:31:21:06:1c:e5:e1:8c:75:
17:a4:97:05:62:cb:67:7d:46:2b:61:5d:b4:3a:37:58:70:a6:
10:47:8c:86:bf:58:cc:63:20:ad:1f:1f:9a:f1:c3:af:ec:64:
25:35:f7:45:e7:3f:84:49:7f:60:90:d6:3c:5f:13:f3:5a:b6:
87:1d:08:e4:1e:48:fc:66:68:f6:39:d9:58:02:b3:ad:55:43:
8a:08:03:98:69:23:70:fc:ef:a7:38:79:be:b9:0e:3d:b8:5b:
7b:f7:8f:ea:c7:33:39:ac:7f:11:e7:32:d0:df:05:63:3b:d0:
cd:90:07:9d:04:80:8a:54:65:13:3d:3c:d2:bf:5f:e7:44:80:
56:fe:fc:63:d2:db:6f:b1:fc:15:8f:29:f9:ba:6a:95:cd:3d:
d3:f3:e1:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsJb7aH6nLbWV7F8+HV29cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTE5MjA0YjdhYzQ3NDI0YmFhYmZiMjkxYmQzZmM4ZmE5
ZTA1ZjYwHhcNMjMwMTAxMDcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjZkNzRhMWI4M2E2ZmNjMjIxODdkNGI5YWQyN2NiZWQyMDY0Njg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr8u0RMYXycyLLmceGHVelkW+Ibk
70+f89YLrI1SIzz5eQ0VVMjkPC2JD64+hwhoVqT5FXS8qSpEGL3Z248viZJ5TFs1
fNWV2EUB/oqKE+w6zg7Jf79mzxat6cMfa4c5HVODJx8JqOdORNdKcD0cjApPY3+i
ijUMECRx/hButEEs2jkws8EF/Ia+VzhIZkKEWwKRrd+dne8p0uopE6wu3eEVcJPV
Igb2cqE7Rqzr1w5Qgdh8vYwRCwgMd8I9Fwn4sn2R+2EXrI3B5v3ca3LL2BSNGsBz
+dR1YbDd6hSv52jx5hIaat8KLAAlX4XEmq4bTDczaYopivDPVoEBkFArLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAttdKG4Om/MIhh9S5rSfL7SBkaIMB8GA1UdIwQY
MBaAFDSRkgS3rEdCS6q/spG9P8j6ngX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpHU0JMZXNSMEpMcXIteWtiMF95UHFlQmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hOGVmZGYtNWNlZS00OTRiLWJlNDgt
YTM3MWYyODg5MTM4LzEvQzIxMG9iZzZiOHdpR0gxTG10Sjh2dElHUm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hOGVmZGYtNWNlZS00OTRiLWJlNDgtYTM3MWYyODg5MTM4
LzEvTkpHU0JMZXNSMEpMcXIteWtiMF95UHFlQmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjE9MA0G
CSqGSIb3DQEBCwUAA4IBAQCs5SMBVKkhnzC3LMg36cEmvDG1MMFu+u2bEsyX0y6c
S5jo4i+N6Y35YXcTTGFaaSBO4mEmg0ZWwSVxcA4itn5DYdYPsIep8eJn03PHtNYc
dd2oDzo/3YlikVd+/cs9BLmJVK+iMSEGHOXhjHUXpJcFYstnfUYrYV20OjdYcKYQ
R4yGv1jMYyCtHx+a8cOv7GQlNfdF5z+ESX9gkNY8XxPzWraHHQjkHkj8Zmj2OdlY
ArOtVUOKCAOYaSNw/O+nOHm+uQ49uFt794/qxzM5rH8R5zLQ3wVjO9DNkAedBICK
VGUTPTzSv1/nRIBW/vxj0ttvsfwVjyn5umqVzT3T8+EF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:53 2025 by rpki-client