Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/4Sjeq6LPHo5CYSQmb84z72NB260.roa
File: 4Sjeq6LPHo5CYSQmb84z72NB260.roa (raw, json)
Hash identifier: x0/As8p9CclCDyTY5qVQmKiFBSdlazJYtCMlKOZimxI=
Subject key identifier: E1:28:DE:AB:A2:CF:1E:8E:42:61:24:26:6F:CE:33:EF:63:41:DB:AD
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 0182ADAEF31FFC637DE66CCA7046F2E00CDA
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/4Sjeq6LPHo5CYSQmb84z72NB260.roa
Signing time: Wed 17 Aug 2022 21:21:40 +0000
ROA not before: Wed 17 Aug 2022 21:21:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42675
IP address blocks: 194.32.144.0/22 maxlen: 22
194.32.147.0/24 maxlen: 24
194.32.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ad:ae:f3:1f:fc:63:7d:e6:6c:ca:70:46:f2:e0:0c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Aug 17 21:21:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e128deaba2cf1e8e426124266fce33ef6341dbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4b:b9:05:1d:b6:6a:5b:19:1e:e2:0b:7c:6a:
7f:10:bb:51:c1:91:c8:3a:fd:a4:da:6c:b2:4d:79:
17:94:34:69:4d:2f:e4:ab:5b:36:5b:52:30:23:2a:
00:73:04:ef:19:83:20:ad:28:43:81:bd:28:dd:bc:
a7:a9:29:66:32:09:37:2f:53:45:e7:7e:04:e7:d1:
06:52:35:d2:58:71:4e:aa:2a:ee:8b:a0:66:41:31:
cc:d8:8e:69:71:98:2b:68:8c:39:a7:fa:1f:ee:c6:
0b:67:ad:2c:9d:34:92:11:21:76:a2:00:b3:83:7d:
f9:d1:3f:f5:ba:c4:8e:e4:4e:f5:fe:a3:83:d8:0e:
ea:4a:d1:7b:c8:9c:07:db:ad:a1:91:93:3e:ce:f4:
56:93:4e:2b:fb:bc:12:1a:e0:7f:2e:25:07:59:27:
bc:a8:c9:bb:f8:57:36:43:23:f3:92:a5:67:a5:d2:
85:31:d0:67:b3:34:6d:55:2e:24:04:80:2f:53:19:
4e:31:7c:6f:6c:39:2b:a2:38:b5:0c:48:c6:48:f0:
ca:33:07:b6:7c:18:b3:2e:0c:a1:20:df:1b:fd:7c:
e7:28:31:0c:1d:05:20:42:fc:62:c3:9c:fe:92:ec:
1a:b8:9b:ed:25:2b:5e:44:7b:51:8e:f8:d1:41:7c:
d4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:28:DE:AB:A2:CF:1E:8E:42:61:24:26:6F:CE:33:EF:63:41:DB:AD
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/4Sjeq6LPHo5CYSQmb84z72NB260.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/22
Signature Algorithm: sha256WithRSAEncryption
83:ef:bd:ac:64:1d:3f:c9:ec:07:d2:30:1f:c5:bb:71:ed:fa:
1a:ae:ad:e3:15:20:89:77:76:dd:d5:30:0d:3c:55:2a:9b:4e:
6c:74:a4:2d:3d:8e:7e:86:a4:ae:87:f0:a5:71:8c:d5:4e:c2:
cf:d8:40:5f:61:7b:df:19:cf:97:b0:26:f5:1a:58:40:0a:46:
1d:69:d6:3e:a6:64:76:1b:58:4a:6f:56:61:30:26:e4:e2:9b:
67:44:35:11:7b:52:07:ff:b0:35:1c:2a:76:89:63:74:43:30:
98:5a:3a:84:f1:e1:6e:97:c4:12:be:a9:79:3f:83:d5:2e:e5:
43:ee:10:06:3d:98:3c:d7:6b:ba:a8:3c:60:3d:4d:3a:40:b9:
d9:0f:58:e6:08:17:f3:2e:ec:17:0d:ee:34:e4:fd:53:ae:33:
82:36:0f:ee:11:20:87:62:76:59:a8:d3:0b:f5:aa:38:d0:0d:
73:eb:5e:0a:47:17:f1:e9:b0:85:6c:67:2a:1c:47:9f:cd:c8:
a9:cb:a5:dc:f2:61:71:9a:e9:aa:5d:9b:79:ca:9f:7f:26:c9:
55:14:01:5f:8d:93:cd:2e:e9:d9:e5:b1:44:12:01:4a:a7:af:
e6:b0:ab:5c:70:a3:73:32:1d:f7:2d:93:c7:15:6d:51:66:9d:
fa:a5:a6:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKtrvMf/GN95mzKcEby4AzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIwODE3MjEyMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI4ZGVhYmEyY2YxZThlNDI2MTI0MjY2ZmNlMzNlZjYzNDFkYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0u5BR22alsZHuILfGp/ELtRwZHI
Ov2k2myyTXkXlDRpTS/kq1s2W1IwIyoAcwTvGYMgrShDgb0o3bynqSlmMgk3L1NF
534E59EGUjXSWHFOqirui6BmQTHM2I5pcZgraIw5p/of7sYLZ60snTSSESF2ogCz
g3350T/1usSO5E71/qOD2A7qStF7yJwH262hkZM+zvRWk04r+7wSGuB/LiUHWSe8
qMm7+Fc2QyPzkqVnpdKFMdBnszRtVS4kBIAvUxlOMXxvbDkroji1DEjGSPDKMwe2
fBizLgyhIN8b/XznKDEMHQUgQvxiw5z+kuwauJvtJSteRHtRjvjRQXzU6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEo3quizx6OQmEkJm/OM+9jQdutMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvNFNqZXE2TFBIbzVDWVNRbWI4NHo3Mk5CMjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQCD772sZB0/yewH0jAfxbtx7foarq3jFSCJd3bd1TAN
PFUqm05sdKQtPY5+hqSuh/ClcYzVTsLP2EBfYXvfGc+XsCb1GlhACkYdadY+pmR2
G1hKb1ZhMCbk4ptnRDURe1IH/7A1HCp2iWN0QzCYWjqE8eFul8QSvql5P4PVLuVD
7hAGPZg812u6qDxgPU06QLnZD1jmCBfzLuwXDe405P1TrjOCNg/uESCHYnZZqNML
9ao40A1z614KRxfx6bCFbGcqHEefzcipy6Xc8mFxmumqXZt5yp9/JslVFAFfjZPN
LunZ5bFEEgFKp6/msKtccKNzMh33LZPHFW1RZp36pabB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:37 2025 by rpki-client