Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/_D0M6ceOMisNHqvRbTMJCoqQczQ.roa
File: _D0M6ceOMisNHqvRbTMJCoqQczQ.roa (raw, json)
Hash identifier: cjWu2SqNdOOzGcqWI3ApQQ8gt0M9YFH3RyI5CIbFrfA=
Subject key identifier: FC:3D:0C:E9:C7:8E:32:2B:0D:1E:AB:D1:6D:33:09:0A:8A:90:73:34
Certificate issuer: /CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Certificate serial: 01856F0B548926BB24F9BBB58CE596683F88
Authority key identifier: C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/_D0M6ceOMisNHqvRbTMJCoqQczQ.roa
Signing time: Sun 01 Jan 2023 20:34:51 +0000
ROA not before: Sun 01 Jan 2023 20:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208101
IP address blocks: 194.5.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:54:89:26:bb:24:f9:bb:b5:8c:e5:96:68:3f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Validity
Not Before: Jan 1 20:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc3d0ce9c78e322b0d1eabd16d33090a8a907334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:63:3a:df:e7:ba:e7:67:dc:dd:85:6f:24:f3:
09:d5:e4:86:02:71:bf:9d:a9:f3:4e:21:98:94:6a:
2a:45:61:36:6d:f5:bc:ab:a3:49:f7:b1:0a:0d:ad:
2d:64:97:ff:ed:e5:cc:69:28:67:b8:e8:ea:43:1b:
f5:13:91:af:8f:52:66:9f:b4:3f:19:95:44:a9:27:
ab:23:5e:d2:89:e9:e9:f8:d7:ca:19:70:1a:43:57:
47:db:39:ed:bf:2c:d3:3a:11:03:12:ef:03:d5:f1:
18:55:b8:1d:cc:46:4b:f7:7b:08:93:c5:3b:dc:a6:
18:23:6a:6f:24:30:83:69:9a:d9:d8:e5:8a:26:91:
54:19:d9:59:39:72:ae:1f:38:da:78:4f:12:7b:35:
4f:29:5d:e8:13:0f:2e:ee:71:20:83:a9:a7:d9:9e:
41:10:b9:63:28:fb:67:e1:11:05:68:64:0f:43:44:
6e:f5:1a:ce:c6:b4:3e:e8:e5:e2:ed:07:7a:0a:93:
af:1f:ea:42:b2:70:5f:fc:5a:e8:97:cc:5e:25:cf:
04:1d:d3:25:1d:9b:1c:ca:72:22:ef:5a:ef:04:d8:
b9:73:5f:5a:32:4a:8b:60:23:34:e1:8b:12:8b:1b:
c2:b7:3d:3e:d2:ac:8a:6c:7f:b4:b5:37:a2:e6:d2:
86:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3D:0C:E9:C7:8E:32:2B:0D:1E:AB:D1:6D:33:09:0A:8A:90:73:34
X509v3 Authority Key Identifier:
keyid:C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/_D0M6ceOMisNHqvRbTMJCoqQczQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.101.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:5c:0a:95:f6:7a:98:a5:f1:7c:57:5e:10:b5:90:70:fa:c0:
58:4a:ba:00:68:68:5a:55:03:a3:3b:17:85:2f:29:1e:75:d4:
ca:43:30:4a:36:61:7a:d6:e5:e9:04:bb:99:9b:e2:f7:89:fa:
f0:c6:25:01:66:e0:78:ac:46:68:95:8b:cb:85:e9:47:31:39:
55:45:b8:3d:e8:08:44:e7:4c:25:bb:10:b0:cb:4e:22:ba:85:
87:30:38:16:fc:b9:92:94:64:60:3c:65:a3:9e:31:8f:70:8d:
dc:ca:65:7e:82:f5:05:13:bd:89:d5:0e:18:3c:f3:aa:5a:5f:
87:30:6e:f6:1e:10:b8:26:17:6a:45:bf:f5:e3:61:f1:a1:64:
08:62:68:b9:e6:4b:e1:22:0a:59:4e:f4:9c:d3:62:9e:f0:ea:
f4:cf:ae:c8:1c:7b:80:46:9b:51:61:3b:2a:b1:45:f0:5b:8d:
93:dc:9d:7b:ed:1a:f9:c5:9d:a8:45:e1:1b:4b:a2:be:80:f6:
13:5a:fb:48:b4:52:ca:0a:b7:e2:9a:fa:2b:a6:2f:6b:e2:cd:
1b:e5:2a:a3:59:7f:fd:52:f7:ae:2a:bd:1b:63:60:de:1a:43:
96:a6:64:e2:34:9d:6b:60:28:9a:77:1d:63:72:cb:f4:5b:22:
5b:f1:de:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC1SJJrsk+bu1jOWWaD+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjI1OGNlMjAzZTA0YTMzZjRlOTA2NTExNTNiMjU5Y2Zm
YTNlODgwHhcNMjMwMTAxMjAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzNkMGNlOWM3OGUzMjJiMGQxZWFiZDE2ZDMzMDkwYThhOTA3MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2M63+e652fc3YVvJPMJ1eSGAnG/
nanzTiGYlGoqRWE2bfW8q6NJ97EKDa0tZJf/7eXMaShnuOjqQxv1E5Gvj1Jmn7Q/
GZVEqSerI17Sienp+NfKGXAaQ1dH2zntvyzTOhEDEu8D1fEYVbgdzEZL93sIk8U7
3KYYI2pvJDCDaZrZ2OWKJpFUGdlZOXKuHzjaeE8SezVPKV3oEw8u7nEgg6mn2Z5B
ELljKPtn4REFaGQPQ0Ru9RrOxrQ+6OXi7Qd6CpOvH+pCsnBf/Frol8xeJc8EHdMl
HZscynIi71rvBNi5c19aMkqLYCM04YsSixvCtz0+0qyKbH+0tTei5tKGHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPw9DOnHjjIrDR6r0W0zCQqKkHM0MB8GA1UdIwQY
MBaAFMjyWM4gPgSjP06QZRFTslnP+j6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQt
NmM4OGJmYTdiNTVjLzEvX0QwTTZjZU9NaXNOSHF2UmJUTUpDb3FRY3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQtNmM4OGJmYTdiNTVj
LzEveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgVlMA0G
CSqGSIb3DQEBCwUAA4IBAQAtXAqV9nqYpfF8V14QtZBw+sBYSroAaGhaVQOjOxeF
LykeddTKQzBKNmF61uXpBLuZm+L3ifrwxiUBZuB4rEZolYvLhelHMTlVRbg96AhE
50wluxCwy04iuoWHMDgW/LmSlGRgPGWjnjGPcI3cymV+gvUFE72J1Q4YPPOqWl+H
MG72HhC4JhdqRb/142HxoWQIYmi55kvhIgpZTvSc02Ke8Or0z67IHHuARptRYTsq
sUXwW42T3J177Rr5xZ2oReEbS6K+gPYTWvtItFLKCrfimvorpi9r4s0b5SqjWX/9
UveuKr0bY2DeGkOWpmTiNJ1rYCiadx1jcsv0WyJb8d4w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:24 2025 by rpki-client