Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/t7sKeR24l27dC_akMOpAksXcAFc.roa
File: t7sKeR24l27dC_akMOpAksXcAFc.roa (raw, json)
Hash identifier: AZhS3JOatmkbAfxIailsxLu4+6zr4QdwG7P6UlzOLT8=
Subject key identifier: B7:BB:0A:79:1D:B8:97:6E:DD:0B:F6:A4:30:EA:40:92:C5:DC:00:57
Certificate issuer: /CN=7a7ece94de5df6a1a34c98ec66d3d968e5b29b21
Certificate serial: 01856E5D6DD66F69765AD48DDC449B12F51A
Authority key identifier: 7A:7E:CE:94:DE:5D:F6:A1:A3:4C:98:EC:66:D3:D9:68:E5:B2:9B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/en7OlN5d9qGjTJjsZtPZaOWymyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/t7sKeR24l27dC_akMOpAksXcAFc.roa
Signing time: Sun 01 Jan 2023 17:24:54 +0000
ROA not before: Sun 01 Jan 2023 17:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 194.147.141.0/24 maxlen: 24
2001:67c:5dc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:6d:d6:6f:69:76:5a:d4:8d:dc:44:9b:12:f5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a7ece94de5df6a1a34c98ec66d3d968e5b29b21
Validity
Not Before: Jan 1 17:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7bb0a791db8976edd0bf6a430ea4092c5dc0057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6c:a2:cd:05:74:c7:1f:39:99:48:6f:d4:06:
ba:05:d5:3a:d6:3e:20:d6:e3:69:a5:60:4d:d0:78:
cb:71:3d:e3:45:1e:b5:54:dc:9c:98:03:80:c8:2a:
27:a1:a7:e2:b7:70:5b:04:92:4b:e1:a4:d6:fa:07:
75:e3:ac:c1:ef:00:2b:1c:6e:ca:a9:0a:27:ff:71:
d2:9e:23:b6:3d:15:7e:5a:50:18:63:fa:22:d6:2a:
5e:82:9c:7c:a2:7c:19:4e:f2:56:25:d1:58:3d:38:
e5:39:6f:8c:5b:19:b9:b8:9f:eb:d6:0f:36:b6:78:
bc:fe:b4:e3:46:6e:2b:93:8a:1e:6e:f3:a0:1d:0d:
9d:a5:f1:e8:8a:62:3c:42:5d:5b:71:43:77:cf:2f:
6f:2c:33:13:4c:81:ff:be:03:20:11:40:97:7e:92:
67:ef:e7:a7:ca:ab:ba:2a:57:ad:7e:85:17:62:9a:
c7:de:1d:78:66:59:64:60:56:37:63:b5:cd:05:89:
34:b9:05:f3:ff:76:5c:67:52:d7:22:83:6c:7d:73:
01:9b:48:34:54:78:de:f9:8b:90:0c:ed:d3:90:bf:
25:d4:97:59:a4:5d:47:dc:70:16:dd:9f:bf:f8:bd:
b4:14:ef:80:ec:ec:bb:46:cc:82:16:b3:12:23:c4:
3b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BB:0A:79:1D:B8:97:6E:DD:0B:F6:A4:30:EA:40:92:C5:DC:00:57
X509v3 Authority Key Identifier:
keyid:7A:7E:CE:94:DE:5D:F6:A1:A3:4C:98:EC:66:D3:D9:68:E5:B2:9B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/en7OlN5d9qGjTJjsZtPZaOWymyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/t7sKeR24l27dC_akMOpAksXcAFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/en7OlN5d9qGjTJjsZtPZaOWymyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.141.0/24
IPv6:
2001:67c:5dc::/48
Signature Algorithm: sha256WithRSAEncryption
bf:29:0c:74:a2:d6:13:76:05:56:6e:2f:21:a3:d3:38:d8:0e:
f9:18:ac:6d:53:98:6e:06:eb:63:41:88:e2:fc:28:4d:35:f8:
4b:ed:99:4b:a0:ba:1d:3d:d4:a7:2e:61:ad:d9:db:e3:74:c9:
56:d3:ec:91:ad:b0:94:ef:2d:77:6e:38:ee:1f:8b:78:d5:d0:
6a:af:bc:4b:7e:0a:80:eb:33:2e:cd:20:23:e6:d9:e5:d2:10:
1c:82:0b:3b:46:76:4b:4a:81:18:f6:e4:96:58:92:7c:df:cd:
a5:ca:85:23:36:68:0a:dd:70:62:e9:ba:be:f9:63:68:31:42:
8e:a0:bd:27:2e:70:20:67:5f:2f:67:b1:91:7c:7a:af:6f:8e:
5d:97:bd:f1:78:b3:a7:2c:a9:a4:0f:f6:db:31:89:5d:8f:23:
d6:34:08:78:b3:49:80:8c:ab:73:d5:f5:6b:a8:75:43:70:6a:
1c:1e:5a:e6:2f:8e:31:60:e2:d1:e3:78:41:e8:93:75:59:c7:
83:24:4f:e5:58:90:e1:77:d6:48:32:fc:f7:51:4b:20:17:28:
2d:0f:39:57:78:46:54:6d:81:0d:39:b1:7c:75:1f:0b:52:52:
46:2c:ca:5c:17:0f:d6:93:b3:dc:a4:6c:90:f0:ab:82:3f:9e:
66:54:45:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuXW3Wb2l2WtSN3ESbEvUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhN2VjZTk0ZGU1ZGY2YTFhMzRjOThlYzY2ZDNkOTY4ZTVi
MjliMjEwHhcNMjMwMTAxMTcyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2JiMGE3OTFkYjg5NzZlZGQwYmY2YTQzMGVhNDA5MmM1ZGMwMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWyizQV0xx85mUhv1Aa6BdU61j4g
1uNppWBN0HjLcT3jRR61VNycmAOAyConoafit3BbBJJL4aTW+gd146zB7wArHG7K
qQon/3HSniO2PRV+WlAYY/oi1ipegpx8onwZTvJWJdFYPTjlOW+MWxm5uJ/r1g82
tni8/rTjRm4rk4oebvOgHQ2dpfHoimI8Ql1bcUN3zy9vLDMTTIH/vgMgEUCXfpJn
7+enyqu6KletfoUXYprH3h14ZllkYFY3Y7XNBYk0uQXz/3ZcZ1LXIoNsfXMBm0g0
VHje+YuQDO3TkL8l1JdZpF1H3HAW3Z+/+L20FO+A7Oy7RsyCFrMSI8Q7ewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLe7CnkduJdu3Qv2pDDqQJLF3ABXMB8GA1UdIwQY
MBaAFHp+zpTeXfaho0yY7GbT2WjlspshMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW43T2xONWQ5cUdqVEpqc1p0UFphT1d5bXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iZjRlODgtMDA1OC00ZGY4LTk5OWEt
ZmFlNWZlOTAwY2JkLzEvdDdzS2VSMjRsMjdkQ19ha01PcEFrc1hjQUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iZjRlODgtMDA1OC00ZGY4LTk5OWEtZmFlNWZlOTAwY2Jk
LzEvZW43T2xONWQ5cUdqVEpqc1p0UFphT1d5bXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwpONMA8E
AgACMAkDBwAgAQZ8BdwwDQYJKoZIhvcNAQELBQADggEBAL8pDHSi1hN2BVZuLyGj
0zjYDvkYrG1TmG4G62NBiOL8KE01+EvtmUuguh091KcuYa3Z2+N0yVbT7JGtsJTv
LXduOO4fi3jV0GqvvEt+CoDrMy7NICPm2eXSEByCCztGdktKgRj25JZYknzfzaXK
hSM2aArdcGLpur75Y2gxQo6gvScucCBnXy9nsZF8eq9vjl2XvfF4s6csqaQP9tsx
iV2PI9Y0CHizSYCMq3PV9WuodUNwahweWuYvjjFg4tHjeEHok3VZx4MkT+VYkOF3
1kgy/PdRSyAXKC0POVd4RlRtgQ05sXx1HwtSUkYsylwXD9aTs9ykbJDwq4I/nmZU
RZE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:28 2025 by rpki-client