Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/1-2s14McgV8as8XwC1wvCzRiuldU.roa
File: 1-2s14McgV8as8XwC1wvCzRiuldU.roa (raw, json)
Hash identifier: T4tEkClRRpgEm4FUGYl/M1HIMdsdgKQjzEhmKmOvtkQ=
Subject key identifier: FB:6B:35:E0:C7:20:57:C6:AC:F1:7C:02:D7:0B:C2:CD:18:AE:95:D5
Certificate issuer: /CN=4ed037d4ee3e5d27065ad80356582a2fdc2b488d
Certificate serial: 0185714C3CC19A3CDF162868D44EBA40497B
Authority key identifier: 4E:D0:37:D4:EE:3E:5D:27:06:5A:D8:03:56:58:2A:2F:DC:2B:48:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/1-2s14McgV8as8XwC1wvCzRiuldU.roa
Signing time: Mon 02 Jan 2023 07:04:59 +0000
ROA not before: Mon 02 Jan 2023 07:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35108
IP address blocks: 194.8.32.0/21 maxlen: 24
194.8.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:3c:c1:9a:3c:df:16:28:68:d4:4e:ba:40:49:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed037d4ee3e5d27065ad80356582a2fdc2b488d
Validity
Not Before: Jan 2 07:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb6b35e0c72057c6acf17c02d70bc2cd18ae95d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f5:c9:07:7b:63:6d:f1:05:d0:b6:a7:58:0d:
dd:7e:65:bf:41:80:1e:8d:cf:da:4d:c2:c6:c9:6a:
2b:0d:c6:c1:43:50:e5:61:46:66:82:11:f3:04:c3:
c0:a9:6c:95:f3:a6:fc:b2:5f:de:60:ca:63:6e:e3:
06:c4:21:81:08:79:16:1c:26:8e:31:07:58:9c:74:
4c:ab:1d:22:fc:60:96:20:a1:d5:fc:94:90:8e:0b:
9c:0e:78:6f:31:cc:4e:69:fc:3c:83:69:2c:e1:44:
43:23:53:68:9c:8b:d9:04:a2:3f:20:f3:b6:83:97:
f9:65:6b:97:f3:87:0a:71:c3:71:e1:9c:4c:f9:d0:
c6:15:c0:8f:d5:61:59:57:b6:d4:d3:60:46:f3:1a:
69:d1:64:09:89:11:40:a2:6a:b9:25:2f:6b:9a:2b:
1b:c2:ea:ae:de:db:ba:02:dc:59:ae:94:ba:c0:0c:
d5:25:71:1b:11:59:7e:6d:b8:3a:bc:f7:0d:68:da:
d7:3e:00:0a:03:02:fc:b9:d9:ec:59:18:67:d5:49:
a9:fc:b7:2b:37:e9:aa:74:a1:a5:1f:15:0e:66:a2:
1d:54:9d:a9:d0:6b:0a:04:e4:ca:2b:17:a6:89:50:
00:4f:b6:41:eb:c0:d1:3e:a6:44:f2:16:e6:ee:de:
9e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6B:35:E0:C7:20:57:C6:AC:F1:7C:02:D7:0B:C2:CD:18:AE:95:D5
X509v3 Authority Key Identifier:
keyid:4E:D0:37:D4:EE:3E:5D:27:06:5A:D8:03:56:58:2A:2F:DC:2B:48:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/1-2s14McgV8as8XwC1wvCzRiuldU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/TtA31O4-XScGWtgDVlgqL9wrSI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.32.0-194.8.43.255
Signature Algorithm: sha256WithRSAEncryption
98:79:c5:95:3d:23:71:a3:82:fd:79:f4:5e:fc:1c:21:7e:09:
23:03:20:6c:85:df:06:2e:ef:94:ce:f9:b3:87:19:8d:79:0b:
06:4b:86:b6:16:24:34:ae:ff:2e:6c:d0:e6:25:24:be:b7:5c:
38:4b:2e:e7:da:d4:1f:68:59:f2:c7:6a:75:8c:ac:8d:aa:6a:
b7:5f:98:90:ad:a8:19:ca:c5:7f:cb:c1:af:de:08:fb:4d:6c:
a2:3d:d4:d9:a4:16:b6:05:96:5e:78:6d:d9:4f:c8:ea:02:3a:
17:19:63:25:63:14:c7:10:41:b3:eb:23:1d:93:90:36:6f:f9:
cb:ad:bc:4d:94:84:84:83:09:f9:12:ef:63:1d:36:67:30:f5:
85:6d:36:12:d9:1e:64:17:45:e6:74:07:bb:67:56:a3:80:9f:
c0:0b:bc:23:76:ea:b9:c0:03:0e:f5:2c:e1:b7:07:95:39:55:
34:29:39:c1:72:7d:cc:9d:fb:17:14:be:53:74:b2:aa:f4:e4:
03:64:82:4a:10:40:23:66:ac:c7:4c:1a:e6:54:39:ea:31:67:
ee:72:fe:32:5d:a9:48:f9:80:91:03:64:a9:ac:80:3d:41:46:
a9:5d:e9:3b:7b:cf:96:60:d5:a0:56:bd:34:1b:03:c9:1f:d8:
c1:77:7b:ef
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYVxTDzBmjzfFiho1E66QEl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDAzN2Q0ZWUzZTVkMjcwNjVhZDgwMzU2NTgyYTJmZGMy
YjQ4OGQwHhcNMjMwMTAyMDcwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZiMzVlMGM3MjA1N2M2YWNmMTdjMDJkNzBiYzJjZDE4YWU5NWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PXJB3tjbfEF0LanWA3dfmW/QYAe
jc/aTcLGyWorDcbBQ1DlYUZmghHzBMPAqWyV86b8sl/eYMpjbuMGxCGBCHkWHCaO
MQdYnHRMqx0i/GCWIKHV/JSQjgucDnhvMcxOafw8g2ks4URDI1NonIvZBKI/IPO2
g5f5ZWuX84cKccNx4ZxM+dDGFcCP1WFZV7bU02BG8xpp0WQJiRFAomq5JS9rmisb
wuqu3tu6AtxZrpS6wAzVJXEbEVl+bbg6vPcNaNrXPgAKAwL8udnsWRhn1Ump/Lcr
N+mqdKGlHxUOZqIdVJ2p0GsKBOTKKxemiVAAT7ZB68DRPqZE8hbm7t6eBwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPtrNeDHIFfGrPF8AtcLws0YrpXVMB8GA1UdIwQY
MBaAFE7QN9TuPl0nBlrYA1ZYKi/cK0iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRBMzFPNC1YU2NHV3RnRFZsZ3FMOXdyU0kwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83NGI5OTYtODBlZS00YzM5LThlNzQt
MzUwZTY4MWI5OWQxLzEvMS0yczE0TWNnVjhhczhYd0Mxd3ZDelJpdWxkVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNzRiOTk2LTgwZWUtNGMzOS04ZTc0LTM1MGU2ODFiOTlk
MS8xL1R0QTMxTzQtWFNjR1d0Z0RWbGdxTDl3clNJMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQFwggg
AwQCwggoMA0GCSqGSIb3DQEBCwUAA4IBAQCYecWVPSNxo4L9efRe/BwhfgkjAyBs
hd8GLu+UzvmzhxmNeQsGS4a2FiQ0rv8ubNDmJSS+t1w4Sy7n2tQfaFnyx2p1jKyN
qmq3X5iQragZysV/y8Gv3gj7TWyiPdTZpBa2BZZeeG3ZT8jqAjoXGWMlYxTHEEGz
6yMdk5A2b/nLrbxNlISEgwn5Eu9jHTZnMPWFbTYS2R5kF0XmdAe7Z1ajgJ/AC7wj
duq5wAMO9SzhtweVOVU0KTnBcn3MnfsXFL5TdLKq9OQDZIJKEEAjZqzHTBrmVDnq
MWfucv4yXalI+YCRA2SprIA9QUapXek7e8+WYNWgVr00GwPJH9jBd3vv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:18 2025 by rpki-client