Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/aXuFu6Vl-peLrVbOlPiEjzlZ444.roa
File: aXuFu6Vl-peLrVbOlPiEjzlZ444.roa (raw, json)
Hash identifier: 8gBIM7MfGoZqUdJNyNUIPojzw16u7ixpQZzTsL73a3A=
Subject key identifier: 69:7B:85:BB:A5:65:FA:97:8B:AD:56:CE:94:F8:84:8F:39:59:E3:8E
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 0186979CE480DA70192EB3BA210140E1FCD0
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/aXuFu6Vl-peLrVbOlPiEjzlZ444.roa
Signing time: Tue 28 Feb 2023 10:41:26 +0000
ROA not before: Tue 28 Feb 2023 10:41:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204019
IP address blocks: 194.1.253.0/24 maxlen: 24
185.107.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:9c:e4:80:da:70:19:2e:b3:ba:21:01:40:e1:fc:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Feb 28 10:41:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=697b85bba565fa978bad56ce94f8848f3959e38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d9:65:e0:12:0a:a9:e8:07:58:5f:ff:2c:c6:
8f:5f:3c:f5:1c:7b:ef:06:23:43:1c:30:03:bd:f5:
6e:06:6d:4c:fe:9a:0a:95:23:bb:94:5e:01:dc:bf:
56:98:23:4d:47:8a:82:81:cb:bc:02:d5:ce:a0:a2:
c6:3a:3a:95:97:b6:44:8b:19:d8:f9:de:7b:6c:fe:
00:de:24:c9:91:14:1f:5e:13:0e:30:21:a7:83:12:
bf:f1:f7:e2:6d:90:08:ed:82:20:db:f9:8a:73:b3:
1c:d3:36:98:b3:31:71:6a:ab:4c:d8:89:9f:da:e4:
d1:8b:f3:1b:5a:3b:c8:f3:d5:71:a9:8a:87:a1:dd:
9d:83:d2:e4:f7:b0:1f:e3:a9:07:64:4e:a1:ca:16:
18:11:42:50:33:47:0d:84:6c:0e:8f:09:2b:d6:0c:
1d:46:52:dd:43:3c:28:b5:a7:17:90:7f:26:b3:db:
73:3b:43:e1:72:c0:44:e2:19:0b:9d:b7:93:82:4d:
6a:ab:8f:fa:8c:c9:27:3f:36:76:9b:1b:7e:1e:68:
be:0c:e4:ac:5e:85:99:15:43:f4:dc:25:75:01:6b:
ad:fe:64:82:55:3b:e4:8c:78:fe:44:b8:72:bc:09:
ad:c7:07:01:9f:b9:8a:75:65:dd:87:b1:e7:05:d9:
3a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7B:85:BB:A5:65:FA:97:8B:AD:56:CE:94:F8:84:8F:39:59:E3:8E
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/aXuFu6Vl-peLrVbOlPiEjzlZ444.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.66.0/24
194.1.253.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d4:11:7d:75:bc:63:9c:26:74:ff:da:6f:a6:48:e3:6b:2a:
7f:8f:dc:92:65:23:7e:f2:ae:82:eb:e9:d7:00:c8:0b:a4:b7:
6e:c1:c2:2d:a6:9e:e2:3a:4a:2b:d8:b3:8b:7c:ec:c7:3b:83:
d2:4c:4c:55:58:39:f8:3d:9c:65:d0:c9:2d:e7:7e:98:3a:cb:
fb:89:ad:f1:32:00:78:d8:29:28:7c:34:45:c4:01:09:bb:38:
d4:c1:13:f5:c3:b4:95:83:19:7a:10:fb:ad:f3:38:58:1c:81:
7d:99:90:14:ed:8c:89:57:46:9c:54:2d:bd:05:0d:80:1a:25:
7d:ed:c7:c7:1f:01:9a:85:13:ac:87:48:f7:75:13:4a:95:19:
bb:f2:34:f7:7e:c4:fb:32:4c:95:62:08:c3:b0:f6:d1:db:ed:
25:d5:c0:f3:c0:1f:ff:d3:2f:d7:65:64:d6:de:29:ac:8f:f1:
e2:c5:09:76:c2:24:e9:11:de:b0:f2:9b:3e:8d:3a:55:71:60:
79:5d:7c:3f:37:f6:d5:6f:37:a5:68:dc:1a:1f:c7:a9:27:f7:
b2:47:02:87:78:64:1e:b3:f8:2f:53:0b:5d:c4:fc:1c:93:4a:
4f:8d:8b:ac:24:61:91:79:80:88:53:26:b7:4d:fe:cb:15:54:
10:c9:64:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaXnOSA2nAZLrO6IQFA4fzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjMwMjI4MTA0MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdiODViYmE1NjVmYTk3OGJhZDU2Y2U5NGY4ODQ4ZjM5NTllMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdll4BIKqegHWF//LMaPXzz1HHvv
BiNDHDADvfVuBm1M/poKlSO7lF4B3L9WmCNNR4qCgcu8AtXOoKLGOjqVl7ZEixnY
+d57bP4A3iTJkRQfXhMOMCGngxK/8ffibZAI7YIg2/mKc7Mc0zaYszFxaqtM2Imf
2uTRi/MbWjvI89VxqYqHod2dg9Lk97Af46kHZE6hyhYYEUJQM0cNhGwOjwkr1gwd
RlLdQzwotacXkH8ms9tzO0PhcsBE4hkLnbeTgk1qq4/6jMknPzZ2mxt+Hmi+DOSs
XoWZFUP03CV1AWut/mSCVTvkjHj+RLhyvAmtxwcBn7mKdWXdh7HnBdk6rQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGl7hbulZfqXi61WzpT4hI85WeOOMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvYVh1RnU2VmwtcGVMclZiT2xQaUVqemxaNDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWtCAwQA
wgH9MA0GCSqGSIb3DQEBCwUAA4IBAQBY1BF9dbxjnCZ0/9pvpkjjayp/j9ySZSN+
8q6C6+nXAMgLpLduwcItpp7iOkor2LOLfOzHO4PSTExVWDn4PZxl0Mkt536YOsv7
ia3xMgB42CkofDRFxAEJuzjUwRP1w7SVgxl6EPut8zhYHIF9mZAU7YyJV0acVC29
BQ2AGiV97cfHHwGahROsh0j3dRNKlRm78jT3fsT7MkyVYgjDsPbR2+0l1cDzwB//
0y/XZWTW3imsj/HixQl2wiTpEd6w8ps+jTpVcWB5XXw/N/bVbzelaNwaH8epJ/ey
RwKHeGQes/gvUwtdxPwck0pPjYusJGGReYCIUya3Tf7LFVQQyWQs
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:34:01 2025 by rpki-client