Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/_H2pyKiU9g_7QBe3qLfSzu1T7eQ.roa
File: _H2pyKiU9g_7QBe3qLfSzu1T7eQ.roa (raw, json)
Hash identifier: kCFomY4D1Kde0T36UCp1P/yfpTW8AU4IJTRaeRiHAUU=
Subject key identifier: FC:7D:A9:C8:A8:94:F6:0F:FB:40:17:B7:A8:B7:D2:CE:ED:53:ED:E4
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0A6156E3E9AA54ED34BE1D0B45698
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/_H2pyKiU9g_7QBe3qLfSzu1T7eQ.roa
Signing time: Mon 02 Jan 2023 05:24:57 +0000
ROA not before: Mon 02 Jan 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43073
IP address blocks: 195.136.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a6:15:6e:3e:9a:a5:4e:d3:4b:e1:d0:b4:56:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc7da9c8a894f60ffb4017b7a8b7d2ceed53ede4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:fc:e0:63:db:3f:57:a4:72:57:a1:7a:0a:
a0:80:6c:56:19:fb:0c:14:d3:78:36:91:3f:08:c6:
d5:59:0f:c4:74:c1:40:d4:55:c2:d4:f1:f3:ae:14:
2b:62:7b:4b:9b:1a:b9:2f:96:bc:f6:03:a5:52:6e:
62:0d:89:8c:24:59:48:7e:10:53:21:54:df:94:7a:
17:3b:15:0f:32:b9:b2:87:74:d3:52:f2:d5:a5:ca:
a5:7e:b5:39:e4:e7:87:9d:d8:4b:cd:6f:08:d9:b8:
ac:e9:b8:9d:43:46:3f:27:f7:bb:a1:d0:00:36:4b:
58:05:3f:3c:04:2e:a2:5f:9e:71:a4:3d:38:bf:f3:
a1:eb:94:fd:08:cd:b7:85:00:ad:70:ec:87:85:d1:
b7:98:69:a0:f8:9a:c5:bc:44:19:bb:59:54:52:25:
de:bd:59:24:66:fa:4f:fb:9d:55:31:d1:2b:cc:e8:
b9:d6:68:e7:3a:47:cb:54:47:fd:10:79:a3:75:3c:
fb:bb:ba:93:c4:6e:c0:9e:55:c5:d6:0d:8d:41:cc:
86:44:47:4a:9b:e6:32:e8:bc:bc:96:9b:aa:1d:5b:
c9:47:69:f8:8e:0f:d4:d1:97:65:95:08:02:31:86:
7c:c8:cd:b1:2a:37:7e:71:ba:db:a1:e7:61:3e:d0:
f3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7D:A9:C8:A8:94:F6:0F:FB:40:17:B7:A8:B7:D2:CE:ED:53:ED:E4
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/_H2pyKiU9g_7QBe3qLfSzu1T7eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.104.0/24
Signature Algorithm: sha256WithRSAEncryption
09:09:25:37:ac:ee:7f:86:fe:c5:ac:84:6b:9a:6a:8c:ee:6d:
25:1b:7a:51:8e:a0:6d:40:80:ee:f5:4d:2b:0a:81:77:b1:55:
f4:95:50:9b:09:8d:3d:71:a1:cf:d0:d0:e3:8d:79:79:35:6f:
22:8a:35:bc:e4:5a:7f:3a:ab:14:99:da:87:ae:b4:d6:a4:4b:
e6:d6:e8:0d:a6:2c:b0:d4:5b:4b:44:98:ae:61:1a:aa:39:b1:
bd:ce:00:28:99:aa:24:cf:c8:f7:66:a4:35:2a:b3:1d:96:80:
6c:b0:14:93:8d:f2:8c:f1:4c:d8:bd:8b:bb:24:53:dc:33:57:
17:cb:e8:8e:56:82:31:ad:4e:35:31:31:a1:68:b3:96:98:af:
5e:2c:1a:1c:09:48:93:04:d5:5b:4d:ba:dd:20:b2:b8:fb:45:
66:49:f9:e5:0f:89:09:e4:b9:d9:e5:cf:f4:52:40:32:5a:aa:
dd:4c:1f:61:fe:a0:7f:fa:15:8e:2a:89:e7:3d:c6:97:66:e3:
34:3f:3a:13:fb:3d:b0:b6:af:1e:2e:64:35:e9:b9:98:4c:a0:
6e:a3:60:4a:26:b3:71:58:f3:75:73:bc:ba:0b:50:49:e5:aa:
16:cf:c3:37:63:e9:f9:5e:32:52:c8:04:48:5e:28:eb:7c:48:
a4:0c:4f:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KYVbj6apU7TS+HQtFaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzdkYTljOGE4OTRmNjBmZmI0MDE3YjdhOGI3ZDJjZWVkNTNlZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyf84GPbP1ekclehegqggGxWGfsM
FNN4NpE/CMbVWQ/EdMFA1FXC1PHzrhQrYntLmxq5L5a89gOlUm5iDYmMJFlIfhBT
IVTflHoXOxUPMrmyh3TTUvLVpcqlfrU55OeHndhLzW8I2bis6bidQ0Y/J/e7odAA
NktYBT88BC6iX55xpD04v/Oh65T9CM23hQCtcOyHhdG3mGmg+JrFvEQZu1lUUiXe
vVkkZvpP+51VMdErzOi51mjnOkfLVEf9EHmjdTz7u7qTxG7AnlXF1g2NQcyGREdK
m+Yy6Ly8lpuqHVvJR2n4jg/U0ZdllQgCMYZ8yM2xKjd+cbrboedhPtDzfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPx9qciolPYP+0AXt6i30s7tU+3kMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvX0gycHlLaVU5Z183UUJlM3FMZlN6dTFUN2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4hoMA0G
CSqGSIb3DQEBCwUAA4IBAQAJCSU3rO5/hv7FrIRrmmqM7m0lG3pRjqBtQIDu9U0r
CoF3sVX0lVCbCY09caHP0NDjjXl5NW8iijW85Fp/OqsUmdqHrrTWpEvm1ugNpiyw
1FtLRJiuYRqqObG9zgAomaokz8j3ZqQ1KrMdloBssBSTjfKM8UzYvYu7JFPcM1cX
y+iOVoIxrU41MTGhaLOWmK9eLBocCUiTBNVbTbrdILK4+0VmSfnlD4kJ5LnZ5c/0
UkAyWqrdTB9h/qB/+hWOKonnPcaXZuM0PzoT+z2wtq8eLmQ16bmYTKBuo2BKJrNx
WPN1c7y6C1BJ5aoWz8M3Y+n5XjJSyARIXijrfEikDE+k
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:18 2025 by rpki-client