Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e9360c-d73e-430b-b72e-d6cf837b0efa/1/pDgjlfObXGa8b0HVEXwlW2yoCcQ.roa
File: pDgjlfObXGa8b0HVEXwlW2yoCcQ.roa (raw, json)
Hash identifier: sGfC5zmSy4Bfnkkc14BUpU3csT1InHTRzWCLJ4b7Jrg=
Subject key identifier: A4:38:23:95:F3:9B:5C:66:BC:6F:41:D5:11:7C:25:5B:6C:A8:09:C4
Certificate issuer: /CN=67f84e74691c3b7fd2d518e562f9ea87de5d3f50
Certificate serial: 0185718C1879E6EA2868202E823C17BFA4C3
Authority key identifier: 67:F8:4E:74:69:1C:3B:7F:D2:D5:18:E5:62:F9:EA:87:DE:5D:3F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_hOdGkcO3_S1RjlYvnqh95dP1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e9360c-d73e-430b-b72e-d6cf837b0efa/1/pDgjlfObXGa8b0HVEXwlW2yoCcQ.roa
Signing time: Mon 02 Jan 2023 08:14:44 +0000
ROA not before: Mon 02 Jan 2023 08:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35442
IP address blocks: 193.239.254.0/23 maxlen: 23
91.195.96.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:18:79:e6:ea:28:68:20:2e:82:3c:17:bf:a4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f84e74691c3b7fd2d518e562f9ea87de5d3f50
Validity
Not Before: Jan 2 08:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4382395f39b5c66bc6f41d5117c255b6ca809c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:f8:58:81:0f:8c:10:7d:2d:97:80:61:42:
09:ac:fd:cb:69:6e:e7:d9:3f:a9:ea:73:23:45:45:
2a:aa:63:63:94:b9:84:56:48:6f:c6:79:da:8d:8f:
04:9f:48:a4:b6:e1:99:d5:99:6d:4d:8e:3a:15:77:
c9:3b:8f:ae:ec:03:ac:10:cf:9c:33:98:a3:03:28:
dd:8e:45:18:32:68:d6:78:da:c4:85:70:13:47:05:
91:38:90:2d:de:c5:41:ee:63:4a:7d:0b:10:60:4b:
e2:91:7d:6e:6c:d7:c3:d6:1b:91:46:df:5f:35:17:
c3:91:10:f8:a5:0d:9b:98:b5:b3:00:60:a3:6d:1c:
0c:68:34:bb:33:d5:bc:35:5a:fd:3e:d6:51:e5:bb:
40:53:3e:38:bc:bd:f8:ff:6c:d8:4b:aa:c3:e7:96:
68:22:fc:86:47:bf:5f:17:d8:35:75:83:9c:3c:71:
32:96:9f:7d:a4:be:bf:fe:71:6c:2d:3b:fd:3e:6a:
74:a0:7f:ef:f8:9b:a4:e1:1f:ce:88:73:97:e7:44:
60:12:a8:04:de:f5:1f:71:2a:ad:9c:0c:fb:12:bd:
79:c7:f0:39:c7:18:f0:43:64:51:58:28:6c:a9:46:
2a:07:c5:c1:68:5d:71:7e:30:7a:92:1e:7f:78:29:
02:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:38:23:95:F3:9B:5C:66:BC:6F:41:D5:11:7C:25:5B:6C:A8:09:C4
X509v3 Authority Key Identifier:
keyid:67:F8:4E:74:69:1C:3B:7F:D2:D5:18:E5:62:F9:EA:87:DE:5D:3F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_hOdGkcO3_S1RjlYvnqh95dP1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e9360c-d73e-430b-b72e-d6cf837b0efa/1/pDgjlfObXGa8b0HVEXwlW2yoCcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e9360c-d73e-430b-b72e-d6cf837b0efa/1/Z_hOdGkcO3_S1RjlYvnqh95dP1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.96.0/23
193.239.254.0/23
Signature Algorithm: sha256WithRSAEncryption
d3:71:94:1a:5c:ba:a5:22:df:7f:a6:13:27:e4:2c:bf:f8:bf:
ad:64:20:fa:df:21:df:ee:67:74:5d:02:34:a1:37:b5:4f:aa:
53:3d:20:da:a1:4e:71:79:9e:16:fd:5f:40:40:c8:bb:6b:e4:
e8:62:75:0b:c9:96:a8:a2:c6:67:07:10:8c:52:50:c9:a8:47:
70:25:f8:75:26:a9:38:14:b3:9b:c0:74:86:0f:1c:82:9f:dd:
be:19:77:d0:ae:0e:52:cd:e4:09:52:16:a8:32:50:46:ea:07:
76:54:14:23:9a:47:06:1f:f0:1a:ea:43:b9:29:9b:72:f8:33:
39:78:21:1d:b6:15:f8:74:83:9d:2c:93:15:66:f2:3b:fc:34:
58:ee:74:9e:6c:ff:b5:ff:ea:9a:96:62:59:9a:e8:61:f0:58:
26:86:6d:ea:04:ea:b6:37:00:57:2b:45:eb:47:64:1b:6f:cc:
2c:c9:90:6d:7b:76:d8:27:c7:71:bd:cc:ac:0c:d0:aa:56:d6:
80:57:fd:62:65:90:19:af:38:c8:ba:87:1b:aa:2a:21:ac:de:
b2:dc:a5:b5:c7:1a:d8:f1:22:cd:c2:06:e8:b2:e7:07:42:98:
60:60:27:2a:52:18:4a:48:90:fc:24:0f:d4:fc:52:b5:a9:56:
97:08:75:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxjBh55uooaCAugjwXv6TDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Zjg0ZTc0NjkxYzNiN2ZkMmQ1MThlNTYyZjllYTg3ZGU1
ZDNmNTAwHhcNMjMwMTAyMDgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDM4MjM5NWYzOWI1YzY2YmM2ZjQxZDUxMTdjMjU1YjZjYTgwOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslv4WIEPjBB9LZeAYUIJrP3LaW7n
2T+p6nMjRUUqqmNjlLmEVkhvxnnajY8En0iktuGZ1ZltTY46FXfJO4+u7AOsEM+c
M5ijAyjdjkUYMmjWeNrEhXATRwWROJAt3sVB7mNKfQsQYEvikX1ubNfD1huRRt9f
NRfDkRD4pQ2bmLWzAGCjbRwMaDS7M9W8NVr9PtZR5btAUz44vL34/2zYS6rD55Zo
IvyGR79fF9g1dYOcPHEylp99pL6//nFsLTv9Pmp0oH/v+Juk4R/OiHOX50RgEqgE
3vUfcSqtnAz7Er15x/A5xxjwQ2RRWChsqUYqB8XBaF1xfjB6kh5/eCkCqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKQ4I5Xzm1xmvG9B1RF8JVtsqAnEMB8GA1UdIwQY
MBaAFGf4TnRpHDt/0tUY5WL56ofeXT9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9oT2RHa2NPM19TMVJqbFl2bnFoOTVkUDFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lOTM2MGMtZDczZS00MzBiLWI3MmUt
ZDZjZjgzN2IwZWZhLzEvcERnamxmT2JYR2E4YjBIVkVYd2xXMnlvQ2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lOTM2MGMtZDczZS00MzBiLWI3MmUtZDZjZjgzN2IwZWZh
LzEvWl9oT2RHa2NPM19TMVJqbFl2bnFoOTVkUDFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8NgAwQB
we/+MA0GCSqGSIb3DQEBCwUAA4IBAQDTcZQaXLqlIt9/phMn5Cy/+L+tZCD63yHf
7md0XQI0oTe1T6pTPSDaoU5xeZ4W/V9AQMi7a+ToYnULyZaoosZnBxCMUlDJqEdw
Jfh1Jqk4FLObwHSGDxyCn92+GXfQrg5SzeQJUhaoMlBG6gd2VBQjmkcGH/Aa6kO5
KZty+DM5eCEdthX4dIOdLJMVZvI7/DRY7nSebP+1/+qalmJZmuhh8Fgmhm3qBOq2
NwBXK0XrR2Qbb8wsyZBte3bYJ8dxvcysDNCqVtaAV/1iZZAZrzjIuocbqiohrN6y
3KW1xxrY8SLNwgbosucHQphgYCcqUhhKSJD8JA/U/FK1qVaXCHWx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:59 2025 by rpki-client