Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/T_iRBj3KIGBhqkyGgGlCcFmpahc.roa
File: T_iRBj3KIGBhqkyGgGlCcFmpahc.roa (raw, json)
Hash identifier: tABqPSbDlbdRtYs7DTjJ93SfYt5Yx0LATN4VaEGUjMg=
Subject key identifier: 4F:F8:91:06:3D:CA:20:60:61:AA:4C:86:80:69:42:70:59:A9:6A:17
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 01849A291CEDF0EB151DC646D88EFBB02DA3
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/T_iRBj3KIGBhqkyGgGlCcFmpahc.roa
Signing time: Mon 21 Nov 2022 12:28:16 +0000
ROA not before: Mon 21 Nov 2022 12:28:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212335
IP address blocks: 194.165.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:29:1c:ed:f0:eb:15:1d:c6:46:d8:8e:fb:b0:2d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Nov 21 12:28:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ff891063dca206061aa4c868069427059a96a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1c:d0:1c:2d:c7:28:14:50:1d:d1:f2:77:97:
10:5e:08:8f:f9:e7:0b:1a:da:ff:5b:b8:2f:8f:e7:
4a:c9:45:21:71:e4:ef:1a:cb:5b:ff:6e:e4:dc:35:
9d:41:ac:14:3c:35:c2:19:f1:96:0b:ec:ee:00:5d:
ad:54:bb:33:9b:fa:09:4d:12:36:02:36:84:07:3f:
5e:b0:81:88:43:38:cb:79:e1:f8:0e:f9:a9:db:91:
82:f6:6b:18:c4:49:b6:6e:a1:bf:1a:31:f9:1a:9f:
5f:14:91:ce:89:0f:33:6b:74:8f:f0:c7:a0:83:b4:
8a:90:3b:4a:11:29:b4:96:49:6c:a7:f2:87:57:29:
de:d6:ae:9e:1c:04:1d:3c:a7:52:a7:d1:88:00:f3:
c0:33:04:79:3c:0d:b7:c7:26:3c:4b:a6:ac:d8:a3:
04:61:93:d7:95:31:e1:1e:c3:3d:be:b4:80:87:51:
21:c3:d1:38:2e:38:32:c9:90:d6:d3:2c:37:d6:66:
85:44:ce:7f:04:18:20:e9:c1:6d:c9:1a:9f:88:df:
87:d5:78:db:47:7e:7e:44:d1:ea:d2:da:85:32:5c:
28:25:84:00:8c:0e:8f:1a:41:6a:1a:ef:51:2d:bf:
5d:08:a3:09:20:0d:db:55:96:d7:1c:0e:a1:dd:e6:
4f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F8:91:06:3D:CA:20:60:61:AA:4C:86:80:69:42:70:59:A9:6A:17
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/T_iRBj3KIGBhqkyGgGlCcFmpahc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.27.0/24
Signature Algorithm: sha256WithRSAEncryption
48:df:1a:a9:01:89:7d:9e:ff:05:cc:a4:2b:c4:21:93:10:9f:
9e:1a:9f:9f:37:9d:e6:08:42:b5:8c:c6:19:ad:b4:ef:e6:c3:
2c:49:2d:38:f2:d7:68:5c:2f:1c:4c:bf:cc:ab:27:a0:81:d7:
46:7c:f4:57:78:42:72:4e:5a:05:69:7c:c9:30:c3:51:2b:6d:
b7:92:13:f1:e7:ea:ee:da:21:d2:fb:24:b1:71:58:b3:fb:88:
f3:66:af:95:25:5f:7b:01:c7:b0:59:46:d3:f8:a4:83:da:09:
88:89:9f:51:a9:1c:94:dc:4f:65:38:84:36:ad:3a:45:b7:97:
20:c7:93:a7:15:0e:da:b5:11:b4:cc:d1:06:d7:8c:1b:ec:73:
c1:4f:cf:d5:af:23:6c:6c:98:71:8e:89:fc:d8:be:45:07:58:
25:43:b0:c2:72:22:13:8e:64:d0:89:05:92:16:8f:b9:fe:f8:
2e:6c:b4:1a:88:29:fa:f6:8f:e4:f7:44:07:4d:75:d5:1f:4e:
e6:23:a9:fa:2f:ab:e2:fd:15:bf:09:29:8f:91:72:4f:af:f2:
17:95:9b:51:f6:fc:d0:dd:c6:88:af:78:e3:d8:1e:e9:dc:a9:
e4:72:8f:ea:32:42:43:0c:df:41:20:a6:45:4e:7d:88:8b:ba:
c5:f2:c5:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSaKRzt8OsVHcZG2I77sC2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjIxMTIxMTIyODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmY4OTEwNjNkY2EyMDYwNjFhYTRjODY4MDY5NDI3MDU5YTk2YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBzQHC3HKBRQHdHyd5cQXgiP+ecL
Gtr/W7gvj+dKyUUhceTvGstb/27k3DWdQawUPDXCGfGWC+zuAF2tVLszm/oJTRI2
AjaEBz9esIGIQzjLeeH4Dvmp25GC9msYxEm2bqG/GjH5Gp9fFJHOiQ8za3SP8Meg
g7SKkDtKESm0lklsp/KHVyne1q6eHAQdPKdSp9GIAPPAMwR5PA23xyY8S6as2KME
YZPXlTHhHsM9vrSAh1Ehw9E4LjgyyZDW0yw31maFRM5/BBgg6cFtyRqfiN+H1Xjb
R35+RNHq0tqFMlwoJYQAjA6PGkFqGu9RLb9dCKMJIA3bVZbXHA6h3eZPBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/4kQY9yiBgYapMhoBpQnBZqWoXMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvVF9pUkJqM0tJR0JocWt5R2dHbENjRm1wYWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqUbMA0G
CSqGSIb3DQEBCwUAA4IBAQBI3xqpAYl9nv8FzKQrxCGTEJ+eGp+fN53mCEK1jMYZ
rbTv5sMsSS048tdoXC8cTL/MqyeggddGfPRXeEJyTloFaXzJMMNRK223khPx5+ru
2iHS+ySxcViz+4jzZq+VJV97AcewWUbT+KSD2gmIiZ9RqRyU3E9lOIQ2rTpFt5cg
x5OnFQ7atRG0zNEG14wb7HPBT8/VryNsbJhxjon82L5FB1glQ7DCciITjmTQiQWS
Fo+5/vgubLQaiCn69o/k90QHTXXVH07mI6n6L6vi/RW/CSmPkXJPr/IXlZtR9vzQ
3caIr3jj2B7p3Knkco/qMkJDDN9BIKZFTn2Ii7rF8sXo
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:24 2025 by rpki-client