Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/iOrh4e5_Snlhnbb_wkeSaz9lxjo.roa
File: iOrh4e5_Snlhnbb_wkeSaz9lxjo.roa (raw, json)
Hash identifier: vT72WZUcomy1iL7MeYZOhkEobaySRsB5mrHMpE0oQ9w=
Subject key identifier: 88:EA:E1:E1:EE:7F:4A:79:61:9D:B6:FF:C2:47:92:6B:3F:65:C6:3A
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 018AA8A4D8859D48F7D96391524C12891AA6
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/iOrh4e5_Snlhnbb_wkeSaz9lxjo.roa
Signing time: Mon 18 Sep 2023 14:14:50 +0000
ROA not before: Mon 18 Sep 2023 14:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6658
IP address blocks: 194.1.128.0/24 maxlen: 24
194.1.129.0/24 maxlen: 24
194.1.136.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:a4:d8:85:9d:48:f7:d9:63:91:52:4c:12:89:1a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Sep 18 14:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88eae1e1ee7f4a79619db6ffc247926b3f65c63a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ca:e2:9b:96:25:fa:19:3c:60:db:c1:69:37:
84:8c:78:1f:d0:c4:f8:2c:a7:c5:0e:00:89:6d:d6:
a4:35:30:7f:b4:13:94:4f:a2:38:51:53:1d:3a:e9:
8f:7c:eb:81:23:86:a6:a9:24:ff:d4:a0:ae:d7:12:
66:d8:d4:be:10:52:04:62:4d:ac:3f:b4:18:80:eb:
06:5e:22:0f:b6:08:ae:7a:bc:6e:ec:e9:ce:e3:4d:
87:47:9a:3d:b7:12:c9:83:47:10:f2:76:50:31:76:
ba:55:7d:34:ce:e5:b3:83:ca:e3:df:a4:97:bf:8b:
82:23:09:2b:9a:5f:c1:24:5f:2a:0d:88:e3:3f:19:
b3:16:d9:0b:bd:c9:80:b4:fe:55:b6:e9:9c:bc:8b:
aa:93:e9:9c:7b:40:1b:7f:ca:d1:0b:45:f1:7b:68:
72:a2:d6:f4:45:5f:77:0e:44:44:30:c0:21:cb:6c:
82:00:69:58:8e:fe:d6:04:d4:a6:e2:bd:ea:2f:7e:
57:43:8c:16:85:8a:68:fb:7c:e5:64:44:4f:c0:72:
35:a8:c9:39:5b:5c:32:43:e0:b4:43:db:50:dc:5a:
51:45:03:51:f0:29:1b:22:b1:fb:f8:63:e3:3c:96:
2f:04:47:b5:57:d5:3b:d9:07:94:26:ba:85:c5:03:
13:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EA:E1:E1:EE:7F:4A:79:61:9D:B6:FF:C2:47:92:6B:3F:65:C6:3A
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/iOrh4e5_Snlhnbb_wkeSaz9lxjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.128.0/23
194.1.136.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:4f:b0:b7:42:fd:af:e6:d6:52:a2:5b:58:77:f2:37:86:a9:
cb:58:36:95:29:bc:31:06:39:76:cc:84:c2:2a:c4:12:ea:6c:
8d:3c:93:65:1b:28:49:d9:19:65:53:16:07:7b:d7:3f:87:5f:
08:3d:25:76:b0:fb:cb:b5:05:18:dc:23:6b:8a:09:fc:47:98:
38:b1:d5:92:37:6c:aa:82:b4:89:a7:0e:e7:92:c2:56:23:10:
d3:90:47:1a:c4:d0:02:17:0f:0c:ac:0a:cc:9b:e2:12:57:ae:
23:62:91:77:7d:fc:ce:0e:fc:1b:52:eb:64:cb:47:cc:21:5a:
be:12:5d:64:5f:95:4f:a0:35:fe:40:37:2c:42:d5:1a:7e:13:
a3:85:20:fa:39:fd:c4:32:60:42:17:e7:19:bc:61:26:9c:62:
57:3d:b0:96:4f:99:c4:09:b2:14:54:64:09:f6:7b:77:e6:c8:
5d:c5:62:6f:4e:fe:e7:42:1b:f6:37:5b:ee:d1:b5:bf:8c:38:
65:e6:57:81:46:5b:7d:0a:3b:8c:3a:34:9f:1d:d5:39:ed:25:
99:a3:57:51:02:a7:64:93:77:6c:6f:f4:d9:03:9e:41:ab:9d:
33:2f:4c:d9:0b:36:79:5f:b4:5b:86:0c:f8:39:12:be:72:92:
e2:fe:2e:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqopNiFnUj32WORUkwSiRqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjMwOTE4MTQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGVhZTFlMWVlN2Y0YTc5NjE5ZGI2ZmZjMjQ3OTI2YjNmNjVjNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsrim5Yl+hk8YNvBaTeEjHgf0MT4
LKfFDgCJbdakNTB/tBOUT6I4UVMdOumPfOuBI4amqST/1KCu1xJm2NS+EFIEYk2s
P7QYgOsGXiIPtgiuerxu7OnO402HR5o9txLJg0cQ8nZQMXa6VX00zuWzg8rj36SX
v4uCIwkrml/BJF8qDYjjPxmzFtkLvcmAtP5VtumcvIuqk+mce0Abf8rRC0Xxe2hy
otb0RV93DkREMMAhy2yCAGlYjv7WBNSm4r3qL35XQ4wWhYpo+3zlZERPwHI1qMk5
W1wyQ+C0Q9tQ3FpRRQNR8CkbIrH7+GPjPJYvBEe1V9U72QeUJrqFxQMTeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIjq4eHuf0p5YZ22/8JHkms/ZcY6MB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvaU9yaDRlNV9TbmxobmJiX3drZVNhejlseGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwgGAAwQC
wgGIMA0GCSqGSIb3DQEBCwUAA4IBAQAuT7C3Qv2v5tZSoltYd/I3hqnLWDaVKbwx
Bjl2zITCKsQS6myNPJNlGyhJ2RllUxYHe9c/h18IPSV2sPvLtQUY3CNrign8R5g4
sdWSN2yqgrSJpw7nksJWIxDTkEcaxNACFw8MrArMm+ISV64jYpF3ffzODvwbUutk
y0fMIVq+El1kX5VPoDX+QDcsQtUafhOjhSD6Of3EMmBCF+cZvGEmnGJXPbCWT5nE
CbIUVGQJ9nt35shdxWJvTv7nQhv2N1vu0bW/jDhl5leBRlt9CjuMOjSfHdU57SWZ
o1dRAqdkk3dsb/TZA55Bq50zL0zZCzZ5X7Rbhgz4ORK+cpLi/i5F
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:39 2025 by rpki-client