Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/Raz9600LQLdV6DIyEJSlj7ghvK4.roa
File: Raz9600LQLdV6DIyEJSlj7ghvK4.roa (raw, json)
Hash identifier: DifbZDMUK+1XjVVv9p1dgjokufcfJpi3Im+1NEENuxk=
Subject key identifier: 45:AC:FD:EB:4D:0B:40:B7:55:E8:32:32:10:94:A5:8F:B8:21:BC:AE
Certificate issuer: /CN=5543437ee9c5a8c84f8d3483dc5e0fa4ba89cc3d
Certificate serial: 01887C0C29CE9669E6B44125080B0EDC9D5A
Authority key identifier: 55:43:43:7E:E9:C5:A8:C8:4F:8D:34:83:DC:5E:0F:A4:BA:89:CC:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VUNDfunFqMhPjTSD3F4PpLqJzD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/Raz9600LQLdV6DIyEJSlj7ghvK4.roa
Signing time: Fri 02 Jun 2023 12:19:11 +0000
ROA not before: Fri 02 Jun 2023 12:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210125
IP address blocks: 79.174.24.0/22 maxlen: 24
2a0d:ab40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:0c:29:ce:96:69:e6:b4:41:25:08:0b:0e:dc:9d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5543437ee9c5a8c84f8d3483dc5e0fa4ba89cc3d
Validity
Not Before: Jun 2 12:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45acfdeb4d0b40b755e832321094a58fb821bcae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:7a:ff:ef:a2:23:4a:24:21:d7:ee:35:f7:
7b:e0:f1:12:34:17:9d:97:dd:ff:d0:32:36:8f:67:
34:6d:fb:9f:3d:88:87:f3:5e:6d:56:b7:fa:cb:09:
3a:24:06:04:3d:6b:a8:29:18:14:a5:d1:d7:92:80:
be:81:49:8d:de:9a:f4:20:20:b5:3f:2d:34:46:93:
f8:05:1e:cf:85:1f:f4:8a:62:a5:d7:af:3a:c8:f5:
51:d8:b3:b8:51:9a:d8:16:a0:0a:5b:37:5e:9e:cc:
a7:c4:a1:12:90:df:7a:97:12:41:74:54:91:0b:46:
15:88:a8:e2:0c:e2:8f:44:d7:e1:ca:06:0f:a2:c8:
eb:c8:14:f7:d7:27:ad:2b:fb:32:f2:09:da:0e:70:
2e:61:38:25:21:00:98:7b:8c:e8:11:26:d9:1a:aa:
1e:79:31:5c:cc:be:62:29:7d:03:f4:2c:a3:0a:f8:
6c:7b:d5:cb:b8:cc:7d:0c:0e:fd:65:fd:b8:82:ce:
7b:e7:27:2c:86:8c:b8:11:9c:56:0d:10:88:34:b8:
ea:8c:81:8e:6b:07:cb:27:34:95:5b:f4:9c:55:5a:
68:4d:d1:15:80:cb:82:c6:9c:62:39:a8:1f:3f:d8:
2f:65:0e:fa:09:95:9b:eb:0a:0c:59:de:68:19:fc:
0f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AC:FD:EB:4D:0B:40:B7:55:E8:32:32:10:94:A5:8F:B8:21:BC:AE
X509v3 Authority Key Identifier:
keyid:55:43:43:7E:E9:C5:A8:C8:4F:8D:34:83:DC:5E:0F:A4:BA:89:CC:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUNDfunFqMhPjTSD3F4PpLqJzD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/Raz9600LQLdV6DIyEJSlj7ghvK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/VUNDfunFqMhPjTSD3F4PpLqJzD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.24.0/22
IPv6:
2a0d:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
ac:5d:72:46:43:61:df:a1:5a:2c:db:e0:9d:30:54:2a:f4:a6:
e4:98:49:cb:3c:f8:79:b3:e9:5d:19:d0:35:72:2c:11:92:4a:
b9:ea:3c:da:ae:1b:75:10:47:2c:95:e9:26:bf:6d:4c:24:c5:
fd:66:e1:d5:f4:5d:5b:46:59:70:a9:5d:1e:75:47:45:6a:0d:
02:aa:76:58:93:f0:69:91:08:97:fa:6e:49:c3:a9:02:70:23:
d1:7a:b8:2b:0c:c1:64:47:ac:f5:ba:d2:29:06:a5:69:31:26:
b9:b6:a0:dc:74:0a:19:17:9d:21:b3:18:dd:d0:f7:af:1d:d3:
a4:56:2e:7c:6b:69:19:ef:4a:db:99:93:aa:30:7b:24:ff:5a:
42:78:4b:1f:f1:94:ca:80:65:b5:eb:55:ec:5b:9c:84:cf:45:
f2:69:ac:c6:07:25:a2:3d:e0:a6:a4:fc:c7:b8:1b:8f:90:34:
e7:4f:6a:08:25:3d:de:98:a8:f3:c4:3c:49:fb:b8:0b:9b:d4:
14:b6:b6:a0:1e:2e:44:d2:16:59:40:1a:22:36:d1:13:b6:e0:
28:0f:a1:1d:67:61:87:c2:23:e5:f9:02:99:3b:01:c8:ca:1f:
f1:c0:e1:46:f5:2f:66:ad:9b:9f:f9:71:d3:23:5f:7f:76:e6:
7d:22:40:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYh8DCnOlmnmtEElCAsO3J1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NDM0MzdlZTljNWE4Yzg0ZjhkMzQ4M2RjNWUwZmE0YmE4
OWNjM2QwHhcNMjMwNjAyMTIxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWFjZmRlYjRkMGI0MGI3NTVlODMyMzIxMDk0YTU4ZmI4MjFiY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr296/++iI0okIdfuNfd74PESNBed
l93/0DI2j2c0bfufPYiH815tVrf6ywk6JAYEPWuoKRgUpdHXkoC+gUmN3pr0ICC1
Py00RpP4BR7PhR/0imKl1686yPVR2LO4UZrYFqAKWzdensynxKESkN96lxJBdFSR
C0YViKjiDOKPRNfhygYPosjryBT31yetK/sy8gnaDnAuYTglIQCYe4zoESbZGqoe
eTFczL5iKX0D9CyjCvhse9XLuMx9DA79Zf24gs575ycshoy4EZxWDRCINLjqjIGO
awfLJzSVW/ScVVpoTdEVgMuCxpxiOagfP9gvZQ76CZWb6woMWd5oGfwPJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEWs/etNC0C3VegyMhCUpY+4IbyuMB8GA1UdIwQY
MBaAFFVDQ37pxajIT400g9xeD6S6icw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlVORGZ1bkZxTWhQalRTRDNGNFBwTHFKekQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wYjI1MjQtZmM3Yi00ZWNmLWE4MTMt
NGE1ZjkyZTViZGUyLzEvUmF6OTYwMExRTGRWNkRJeUVKU2xqN2dodks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wYjI1MjQtZmM3Yi00ZWNmLWE4MTMtNGE1ZjkyZTViZGUy
LzEvVlVORGZ1bkZxTWhQalRTRDNGNFBwTHFKekQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCT64YMA0E
AgACMAcDBQAqDatAMA0GCSqGSIb3DQEBCwUAA4IBAQCsXXJGQ2HfoVos2+CdMFQq
9KbkmEnLPPh5s+ldGdA1ciwRkkq56jzarht1EEcslekmv21MJMX9ZuHV9F1bRllw
qV0edUdFag0CqnZYk/BpkQiX+m5Jw6kCcCPRergrDMFkR6z1utIpBqVpMSa5tqDc
dAoZF50hsxjd0PevHdOkVi58a2kZ70rbmZOqMHsk/1pCeEsf8ZTKgGW161XsW5yE
z0XyaazGByWiPeCmpPzHuBuPkDTnT2oIJT3emKjzxDxJ+7gLm9QUtragHi5E0hZZ
QBoiNtETtuAoD6EdZ2GHwiPl+QKZOwHIyh/xwOFG9S9mrZuf+XHTI19/duZ9IkBe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:57 2025 by rpki-client