Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/RhA9BGfM7lFsLyHbF4qBaL1woio.roa
File: RhA9BGfM7lFsLyHbF4qBaL1woio.roa (raw, json)
Hash identifier: HmvWWTUlBwaNkd6Cfd53SjMYHwEplGxVfndR1yNoa9c=
Subject key identifier: 46:10:3D:04:67:CC:EE:51:6C:2F:21:DB:17:8A:81:68:BD:70:A2:2A
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 0188F19A3C0FC496A379E331006C572DA1FE
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/RhA9BGfM7lFsLyHbF4qBaL1woio.roa
Signing time: Sun 25 Jun 2023 08:09:56 +0000
ROA not before: Sun 25 Jun 2023 08:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.32.144.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f1:9a:3c:0f:c4:96:a3:79:e3:31:00:6c:57:2d:a1:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jun 25 08:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46103d0467ccee516c2f21db178a8168bd70a22a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:7f:c5:c8:86:29:c5:92:c2:42:68:26:79:
35:53:3f:19:ac:a0:0d:38:15:db:85:8a:31:b0:d6:
34:1a:16:06:60:cc:6e:22:87:32:fe:17:41:09:84:
2a:d5:08:26:01:b5:c9:80:e5:f2:0a:7b:7d:40:0c:
ea:39:d6:ef:49:53:e0:97:a2:23:f7:13:5c:66:86:
7b:49:c9:f2:b3:30:f5:11:9f:62:f4:21:84:9a:1e:
4a:5b:df:de:db:89:3b:fb:8e:f7:4f:2d:d9:c2:49:
67:0e:10:11:f3:f7:04:94:55:0f:e6:90:8b:7d:b1:
fc:12:e5:92:0d:79:17:fb:02:45:cd:ea:e4:5a:05:
28:28:80:64:b4:72:45:64:24:e5:da:54:7f:82:9e:
03:2e:d9:f9:0a:a5:43:d6:3e:6f:35:25:8b:e0:ea:
0d:d6:dd:24:e4:1b:b3:0f:e2:c2:9c:e4:c5:2b:a6:
2d:31:a7:80:0b:f1:a8:5d:0d:de:b2:62:a8:b9:68:
c5:78:cd:fc:0f:9b:d6:0b:bd:d8:ed:9a:a3:54:75:
bf:2c:69:17:bf:3e:2b:4c:5f:5a:5c:82:4e:25:93:
5b:70:d9:14:67:a7:1e:3d:d9:cb:e6:ba:96:bc:d1:
7b:16:44:6f:18:e9:84:af:ee:cf:78:f7:f9:91:32:
aa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:10:3D:04:67:CC:EE:51:6C:2F:21:DB:17:8A:81:68:BD:70:A2:2A
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/RhA9BGfM7lFsLyHbF4qBaL1woio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/23
Signature Algorithm: sha256WithRSAEncryption
21:8f:f4:b4:3f:25:fe:dc:08:4e:58:d9:7d:95:66:95:7b:12:
87:65:b3:f3:0c:0a:2d:19:e4:1f:46:d4:fa:74:a9:15:c8:cd:
49:62:a0:5c:86:72:d5:d1:77:42:a4:da:a6:89:1a:7f:77:b3:
6f:8f:07:eb:3d:28:f4:98:db:a0:41:37:4b:02:b5:c6:d9:39:
8e:1a:d1:41:33:cb:c0:86:61:01:cd:63:21:a0:93:ab:a0:59:
a7:10:dc:e6:cf:97:66:de:31:f3:b6:67:e7:9c:b2:c7:7d:af:
c0:97:81:56:22:b6:46:c9:81:16:d8:27:fd:01:64:39:47:26:
f6:e1:c2:13:66:45:a9:01:c1:7c:3f:36:8c:13:62:ad:51:d2:
d5:84:1c:02:9a:8c:be:a0:5b:0e:ec:5f:35:cc:c8:3b:b7:a6:
f8:12:2a:ee:57:52:1c:24:fb:40:65:1a:d2:98:8d:ce:d5:48:
04:f2:8f:24:1c:4b:81:c6:dd:a5:58:ae:b4:39:5b:e5:aa:df:
84:7e:a1:5f:4e:d1:c2:98:00:ed:c7:fb:4f:dd:d1:6c:0e:0d:
fe:43:c1:4f:07:60:0a:11:d1:20:8d:b2:24:91:26:a8:38:d2:
a9:0f:24:50:bf:05:36:b2:cc:81:66:32:35:fa:a8:36:51:af:
d5:82:74:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjxmjwPxJajeeMxAGxXLaH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwNjI1MDgwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjEwM2QwNDY3Y2NlZTUxNmMyZjIxZGIxNzhhODE2OGJkNzBhMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhd/xciGKcWSwkJoJnk1Uz8ZrKAN
OBXbhYoxsNY0GhYGYMxuIocy/hdBCYQq1QgmAbXJgOXyCnt9QAzqOdbvSVPgl6Ij
9xNcZoZ7ScnyszD1EZ9i9CGEmh5KW9/e24k7+473Ty3ZwklnDhAR8/cElFUP5pCL
fbH8EuWSDXkX+wJFzerkWgUoKIBktHJFZCTl2lR/gp4DLtn5CqVD1j5vNSWL4OoN
1t0k5BuzD+LCnOTFK6YtMaeAC/GoXQ3esmKouWjFeM38D5vWC73Y7ZqjVHW/LGkX
vz4rTF9aXIJOJZNbcNkUZ6cePdnL5rqWvNF7FkRvGOmEr+7PePf5kTKqLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYQPQRnzO5RbC8h2xeKgWi9cKIqMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvUmhBOUJHZk03bEZzTHlIYkY0cUJhTDF3b2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQAhj/S0PyX+3AhOWNl9lWaVexKHZbPzDAotGeQfRtT6
dKkVyM1JYqBchnLV0XdCpNqmiRp/d7NvjwfrPSj0mNugQTdLArXG2TmOGtFBM8vA
hmEBzWMhoJOroFmnENzmz5dm3jHztmfnnLLHfa/Al4FWIrZGyYEW2Cf9AWQ5Ryb2
4cITZkWpAcF8PzaME2KtUdLVhBwCmoy+oFsO7F81zMg7t6b4EiruV1IcJPtAZRrS
mI3O1UgE8o8kHEuBxt2lWK60OVvlqt+EfqFfTtHCmADtx/tP3dFsDg3+Q8FPB2AK
EdEgjbIkkSaoONKpDyRQvwU2ssyBZjI1+qg2Ua/VgnSo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:33 2025 by rpki-client