Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/U2EnXNl80mc0bn94hOzWR8plKMk.roa
File: U2EnXNl80mc0bn94hOzWR8plKMk.roa (raw, json)
Hash identifier: rhodvyIF3Ewf2KzrkwRg3IyF4fD+VoE/470hN6RKwHU=
Subject key identifier: 53:61:27:5C:D9:7C:D2:67:34:6E:7F:78:84:EC:D6:47:CA:65:28:C9
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01856DDD7206B1B447684BFE18569642C0F6
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/U2EnXNl80mc0bn94hOzWR8plKMk.roa
Signing time: Sun 01 Jan 2023 15:05:07 +0000
ROA not before: Sun 01 Jan 2023 15:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62119
IP address blocks: 194.147.97.0/24 maxlen: 24
194.147.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:72:06:b1:b4:47:68:4b:fe:18:56:96:42:c0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 15:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5361275cd97cd267346e7f7884ecd647ca6528c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fe:5d:4a:ce:f3:29:fb:4d:45:70:07:10:d7:
f8:b1:95:a1:be:82:98:50:e3:ed:93:99:3f:1b:67:
52:cb:90:9e:c3:ed:0f:44:6d:70:ef:b1:ef:e0:f8:
38:d4:8e:60:7c:ce:53:f7:19:db:34:9d:ed:89:81:
94:85:69:a0:a3:d7:06:72:a2:c0:59:73:45:c8:03:
36:1e:2f:97:7a:71:33:54:fe:b1:56:63:03:52:02:
c2:4c:52:3e:d1:c7:74:5f:a0:9e:74:32:7c:57:7a:
ae:d6:85:64:9d:7c:2f:b8:49:af:e7:fd:e4:84:70:
5b:41:10:46:17:9a:a4:16:56:1f:80:f1:f4:aa:7c:
de:cf:9e:d4:0f:27:1c:89:46:82:34:21:80:0f:f7:
a0:b5:9a:78:32:09:dc:5b:10:dc:4a:94:93:c3:7e:
63:68:18:e8:46:7e:8d:7c:4f:61:63:bd:20:3d:d0:
0b:be:4d:3d:a1:6a:a8:fe:26:c3:b5:dc:ff:83:45:
1a:c4:19:0e:04:9d:2a:a1:8f:a2:96:0d:27:fa:16:
44:21:00:c2:fc:42:01:f5:a2:9b:2c:9d:4f:f7:bf:
b3:f1:ff:e6:09:45:d9:80:e9:82:04:04:a1:37:97:
c4:76:91:a5:10:00:30:ec:db:c6:aa:64:50:66:03:
95:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:61:27:5C:D9:7C:D2:67:34:6E:7F:78:84:EC:D6:47:CA:65:28:C9
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/U2EnXNl80mc0bn94hOzWR8plKMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.97.0/24
194.147.109.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:54:4f:13:4d:b9:db:be:80:d2:f6:81:37:c9:88:26:57:d0:
83:01:85:c8:12:6b:cc:b0:46:c0:f0:f9:ee:f5:08:b4:de:a4:
ff:39:64:98:bb:1f:11:aa:9c:15:f6:2f:76:f3:38:47:86:0a:
29:6b:d0:77:7c:82:24:34:05:79:1b:76:b5:6c:25:ad:ac:e7:
1f:10:60:8b:2d:41:2a:0a:36:cb:51:e2:0e:fc:70:2b:40:fb:
7b:ff:a3:57:90:d5:dd:bf:24:e9:ee:9d:ca:fe:18:7a:30:a4:
26:a5:7d:00:c3:2b:fa:d3:6f:66:1b:79:b3:f9:0d:11:cd:d9:
ab:2c:c1:70:8d:d6:c5:dd:a9:55:e2:96:71:74:06:d0:c5:59:
b8:6a:34:ba:34:6e:a6:a4:f0:2f:f4:5a:7d:fc:05:10:bf:b5:
a2:51:38:de:81:a9:22:32:d9:fe:e0:84:0c:9f:06:69:ab:ff:
3c:59:cc:d2:14:db:e1:04:fe:a4:2b:3b:84:99:fd:df:ea:d3:
ae:33:d8:17:ee:a2:8e:91:21:47:8e:48:bb:bc:42:4e:91:eb:
b2:02:60:fc:d1:fb:b1:83:35:17:9c:c2:0e:7f:6e:3d:73:26:
22:56:bb:45:4c:43:f9:95:8d:ae:60:14:22:9a:1b:0f:5f:91:
aa:79:46:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt3XIGsbRHaEv+GFaWQsD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMTAxMTUwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzYxMjc1Y2Q5N2NkMjY3MzQ2ZTdmNzg4NGVjZDY0N2NhNjUyOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv5dSs7zKftNRXAHENf4sZWhvoKY
UOPtk5k/G2dSy5Cew+0PRG1w77Hv4Pg41I5gfM5T9xnbNJ3tiYGUhWmgo9cGcqLA
WXNFyAM2Hi+XenEzVP6xVmMDUgLCTFI+0cd0X6CedDJ8V3qu1oVknXwvuEmv5/3k
hHBbQRBGF5qkFlYfgPH0qnzez57UDycciUaCNCGAD/egtZp4MgncWxDcSpSTw35j
aBjoRn6NfE9hY70gPdALvk09oWqo/ibDtdz/g0UaxBkOBJ0qoY+ilg0n+hZEIQDC
/EIB9aKbLJ1P97+z8f/mCUXZgOmCBAShN5fEdpGlEAAw7NvGqmRQZgOVFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNhJ1zZfNJnNG5/eITs1kfKZSjJMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvVTJFblhObDgwbWMwYm45NGhPeldSOHBsS01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwpNhAwQA
wpNtMA0GCSqGSIb3DQEBCwUAA4IBAQBdVE8TTbnbvoDS9oE3yYgmV9CDAYXIEmvM
sEbA8Pnu9Qi03qT/OWSYux8RqpwV9i928zhHhgopa9B3fIIkNAV5G3a1bCWtrOcf
EGCLLUEqCjbLUeIO/HArQPt7/6NXkNXdvyTp7p3K/hh6MKQmpX0Awyv6029mG3mz
+Q0RzdmrLMFwjdbF3alV4pZxdAbQxVm4ajS6NG6mpPAv9Fp9/AUQv7WiUTjegaki
Mtn+4IQMnwZpq/88WczSFNvhBP6kKzuEmf3f6tOuM9gX7qKOkSFHjki7vEJOkeuy
AmD80fuxgzUXnMIOf249cyYiVrtFTEP5lY2uYBQimhsPX5GqeUbG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:58 2025 by rpki-client