Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/AZyx2vaAfQRChIsUcRmNzQ_lyFU.roa
File: AZyx2vaAfQRChIsUcRmNzQ_lyFU.roa (raw, json)
Hash identifier: 0zP8zcLJtzJ1BLVMfN0SrfHhlKrlmhZ2WfB4R02xVTI=
Subject key identifier: 01:9C:B1:DA:F6:80:7D:04:42:84:8B:14:71:19:8D:CD:0F:E5:C8:55
Certificate issuer: /CN=5740040e1b7a532dd2aec22e93a622b2e1b3bdef
Certificate serial: 018571A7B62829A841FBC52633BFAFC5FC6B
Authority key identifier: 57:40:04:0E:1B:7A:53:2D:D2:AE:C2:2E:93:A6:22:B2:E1:B3:BD:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0AEDht6Uy3SrsIuk6YisuGzve8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/AZyx2vaAfQRChIsUcRmNzQ_lyFU.roa
Signing time: Mon 02 Jan 2023 08:44:54 +0000
ROA not before: Mon 02 Jan 2023 08:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 194.76.232.0/22 maxlen: 22
194.76.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b6:28:29:a8:41:fb:c5:26:33:bf:af:c5:fc:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5740040e1b7a532dd2aec22e93a622b2e1b3bdef
Validity
Not Before: Jan 2 08:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=019cb1daf6807d0442848b1471198dcd0fe5c855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a2:d9:6d:44:78:e5:bb:95:a1:dd:46:f7:4e:
10:91:b7:2f:bc:90:3d:e1:c4:96:c9:74:c3:a6:74:
3e:53:73:02:9c:fa:6f:80:18:c6:c1:87:ce:eb:f5:
ee:b5:7e:8e:cb:cc:e9:01:11:ac:7f:28:aa:78:23:
a3:97:d8:9f:58:f6:41:24:9b:7e:14:61:08:74:8a:
41:34:b8:fa:eb:a3:d8:a3:83:1a:21:ad:d7:d8:27:
0a:a2:ce:af:aa:1f:76:92:62:c4:b9:7e:27:38:33:
b3:13:c3:37:0e:90:7b:ad:d9:61:da:c0:61:25:66:
8c:60:c1:e5:26:5d:07:a4:4f:c8:14:a7:70:c4:f4:
52:ad:d8:99:d6:5c:62:15:2f:1a:d0:57:a4:df:13:
a2:fc:ed:31:b3:70:3a:6d:74:f4:ee:2c:45:67:9c:
b6:91:4a:b8:f4:bb:40:01:ea:da:bd:c2:43:4f:7a:
29:06:f9:b5:bd:0e:d3:5f:f3:48:75:94:aa:fd:9b:
81:b9:24:db:b3:c0:7d:96:3f:90:6d:16:c5:87:48:
c2:ae:4c:2f:b1:e4:f0:1d:c6:e0:88:f2:de:32:f8:
1a:59:8c:72:95:0f:8d:14:98:c1:40:ef:7c:36:55:
73:9c:d9:5a:d0:7f:f1:c7:25:2d:fc:d3:71:97:85:
3e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9C:B1:DA:F6:80:7D:04:42:84:8B:14:71:19:8D:CD:0F:E5:C8:55
X509v3 Authority Key Identifier:
keyid:57:40:04:0E:1B:7A:53:2D:D2:AE:C2:2E:93:A6:22:B2:E1:B3:BD:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0AEDht6Uy3SrsIuk6YisuGzve8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/AZyx2vaAfQRChIsUcRmNzQ_lyFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1c0205-5c65-47cd-b1b3-27c26b23b845/1/V0AEDht6Uy3SrsIuk6YisuGzve8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:8e:0c:1a:78:76:b8:a3:26:33:07:e5:9c:a2:7f:15:d1:2b:
5c:b4:d5:92:ae:26:3a:2e:ea:98:a6:70:4e:0c:7c:cf:71:ca:
5f:7e:6c:80:bc:91:a0:ec:37:03:e1:0f:e3:49:f0:02:ce:ff:
af:18:1a:5b:e2:18:79:bc:b3:7a:19:31:d8:82:05:98:fa:27:
9b:13:dd:43:d2:82:05:89:04:26:9d:6c:83:82:1a:d1:45:33:
1a:1c:b1:ba:79:52:87:17:da:73:6f:97:9f:ec:9f:73:8c:5b:
52:ae:17:95:9c:92:c9:59:2a:a4:56:bf:09:7c:8c:74:16:c3:
4e:70:0b:58:c3:dc:7d:8c:19:54:64:b3:59:a4:e4:ac:f4:67:
bb:ab:f3:6d:8e:7b:de:e3:bb:7b:bf:c7:d8:67:ac:37:ea:17:
9f:59:85:70:ea:64:b5:09:49:81:99:f1:1c:03:2e:34:02:6e:
53:5d:84:3f:56:84:63:0d:a6:ca:32:ba:79:df:5c:37:90:7b:
54:f4:b7:cb:cb:e6:60:18:e2:64:d0:ea:26:ee:00:e9:92:39:
09:50:1f:0f:77:7e:6c:5a:f8:99:10:01:e0:18:8f:0b:10:a4:
11:27:55:35:20:c7:3b:12:fc:2c:3c:44:4a:49:37:d1:08:fe:
85:3b:db:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7YoKahB+8UmM7+vxfxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NDAwNDBlMWI3YTUzMmRkMmFlYzIyZTkzYTYyMmIyZTFi
M2JkZWYwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTljYjFkYWY2ODA3ZDA0NDI4NDhiMTQ3MTE5OGRjZDBmZTVjODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6LZbUR45buVod1G904QkbcvvJA9
4cSWyXTDpnQ+U3MCnPpvgBjGwYfO6/XutX6Oy8zpARGsfyiqeCOjl9ifWPZBJJt+
FGEIdIpBNLj666PYo4MaIa3X2CcKos6vqh92kmLEuX4nODOzE8M3DpB7rdlh2sBh
JWaMYMHlJl0HpE/IFKdwxPRSrdiZ1lxiFS8a0Fek3xOi/O0xs3A6bXT07ixFZ5y2
kUq49LtAAeravcJDT3opBvm1vQ7TX/NIdZSq/ZuBuSTbs8B9lj+QbRbFh0jCrkwv
seTwHcbgiPLeMvgaWYxylQ+NFJjBQO98NlVznNla0H/xxyUt/NNxl4U+nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGcsdr2gH0EQoSLFHEZjc0P5chVMB8GA1UdIwQY
MBaAFFdABA4belMt0q7CLpOmIrLhs73vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjBBRURodDZVeTNTcnNJdWs2WWlzdUd6dmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xYzAyMDUtNWM2NS00N2NkLWIxYjMt
MjdjMjZiMjNiODQ1LzEvQVp5eDJ2YUFmUVJDaElzVWNSbU56UV9seUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xYzAyMDUtNWM2NS00N2NkLWIxYjMtMjdjMjZiMjNiODQ1
LzEvVjBBRURodDZVeTNTcnNJdWs2WWlzdUd6dmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwkzoMA0G
CSqGSIb3DQEBCwUAA4IBAQAvjgwaeHa4oyYzB+Wcon8V0StctNWSriY6LuqYpnBO
DHzPccpffmyAvJGg7DcD4Q/jSfACzv+vGBpb4hh5vLN6GTHYggWY+iebE91D0oIF
iQQmnWyDghrRRTMaHLG6eVKHF9pzb5ef7J9zjFtSrheVnJLJWSqkVr8JfIx0FsNO
cAtYw9x9jBlUZLNZpOSs9Ge7q/Ntjnve47t7v8fYZ6w36hefWYVw6mS1CUmBmfEc
Ay40Am5TXYQ/VoRjDabKMrp531w3kHtU9LfLy+ZgGOJk0Oom7gDpkjkJUB8Pd35s
WviZEAHgGI8LEKQRJ1U1IMc7EvwsPERKSTfRCP6FO9tQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:38 2025 by rpki-client