Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/qIVT7psNCwiuwnTNvJ7zbNOBE0g.roa
File: qIVT7psNCwiuwnTNvJ7zbNOBE0g.roa (raw, json)
Hash identifier: RSL0gnDAtXJdBp3GYx7nfyR7OgoD29Xx/jGZVETgdRk=
Subject key identifier: A8:85:53:EE:9B:0D:0B:08:AE:C2:74:CD:BC:9E:F3:6C:D3:81:13:48
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139CA8DB1BF00EF18CAD024166F7309
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/qIVT7psNCwiuwnTNvJ7zbNOBE0g.roa
Signing time: Mon 02 Jan 2023 06:44:50 +0000
ROA not before: Mon 02 Jan 2023 06:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41620
IP address blocks: 194.225.224.0/20 maxlen: 24
2001:14e8:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ca:8d:b1:bf:00:ef:18:ca:d0:24:16:6f:73:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a88553ee9b0d0b08aec274cdbc9ef36cd3811348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:af:d9:91:cc:01:3e:36:c8:55:db:dc:63:6d:
81:6e:00:cb:47:8d:2a:9c:ed:8c:64:97:3d:b2:2e:
c2:73:2d:76:7e:55:00:91:82:e3:a9:aa:c8:2c:8c:
33:16:06:8e:48:98:12:b3:95:28:be:30:29:c3:b4:
30:e8:07:14:78:87:5f:d6:62:99:02:ba:2b:5d:07:
3b:10:34:bf:92:2f:36:42:26:c9:01:8f:21:0b:86:
6c:80:bb:44:59:f0:b9:74:0f:09:69:a0:b4:93:e9:
fd:66:81:1e:81:b7:c9:a6:9e:20:9a:09:b4:b2:76:
32:45:a1:6f:65:77:ce:bf:c7:7f:88:65:3e:73:10:
73:0e:81:5c:b9:62:83:c6:c6:12:12:c2:15:d3:16:
ca:69:6a:fd:e3:00:c8:70:5a:86:ff:02:05:80:ac:
30:eb:a0:7b:27:17:b2:9e:a4:5d:cc:9e:b2:16:7f:
a5:0d:1b:fb:4f:fd:7c:79:3d:e1:d6:9f:d3:d6:ad:
83:de:21:fa:f3:b3:83:0b:c4:a0:16:50:2b:04:19:
77:36:a6:70:45:39:d0:0b:9a:ce:cc:cf:bf:b5:3e:
ed:c2:75:13:b6:67:ff:6a:ca:9c:a0:fd:fe:71:05:
4e:37:e8:f2:c6:4f:b3:d5:28:33:f0:24:29:54:e6:
29:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:85:53:EE:9B:0D:0B:08:AE:C2:74:CD:BC:9E:F3:6C:D3:81:13:48
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/qIVT7psNCwiuwnTNvJ7zbNOBE0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.225.224.0/20
IPv6:
2001:14e8:4::/48
Signature Algorithm: sha256WithRSAEncryption
2b:03:a4:67:c3:c7:7f:0c:0d:3e:52:ac:37:7b:e6:7b:c8:42:
c8:84:b7:2a:e1:48:a9:50:82:9a:e0:0b:25:63:29:a0:ab:cc:
df:e6:71:cb:ff:4b:cb:4d:86:3b:d9:7a:19:8f:53:4a:00:ff:
98:24:98:68:4e:da:79:ab:ad:43:87:7e:ac:f9:63:fa:a6:04:
61:dc:93:9e:c5:a7:85:e2:63:f7:05:26:23:88:e7:cb:d6:e7:
8c:0c:71:a6:da:79:a6:f9:05:18:f1:00:e0:75:3f:83:0a:4f:
56:70:ce:90:4e:09:85:13:1a:0b:a9:08:60:fc:ac:61:b3:5b:
6a:d2:01:51:1d:27:1c:f1:c9:c3:d4:f7:b6:9a:e8:0c:ec:e7:
08:72:9b:d5:50:bd:4a:ac:a3:e8:68:06:0d:0a:fc:73:07:ac:
69:82:4a:e6:ea:ca:c1:05:af:44:27:ce:71:62:07:c3:c8:0a:
e0:01:2e:4c:dd:92:af:0e:06:f1:fa:cc:3b:ed:1d:1c:60:95:
e0:29:bb:21:9d:5f:ca:79:74:15:e3:79:f7:8f:8c:81:74:10:
ca:32:c7:1e:5e:1c:82:5d:55:73:b3:e4:1d:9e:91:da:6e:f2:
ca:54:4a:08:86:29:8f:4a:59:c0:44:ba:58:6a:4a:0e:e7:17:
c8:0a:aa:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxOcqNsb8A7xjK0CQWb3MJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODg1NTNlZTliMGQwYjA4YWVjMjc0Y2RiYzllZjM2Y2QzODExMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq/ZkcwBPjbIVdvcY22BbgDLR40q
nO2MZJc9si7Ccy12flUAkYLjqarILIwzFgaOSJgSs5UovjApw7Qw6AcUeIdf1mKZ
ArorXQc7EDS/ki82QibJAY8hC4ZsgLtEWfC5dA8JaaC0k+n9ZoEegbfJpp4gmgm0
snYyRaFvZXfOv8d/iGU+cxBzDoFcuWKDxsYSEsIV0xbKaWr94wDIcFqG/wIFgKww
66B7JxeynqRdzJ6yFn+lDRv7T/18eT3h1p/T1q2D3iH687ODC8SgFlArBBl3NqZw
RTnQC5rOzM+/tT7twnUTtmf/asqcoP3+cQVON+jyxk+z1Sgz8CQpVOYpWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKiFU+6bDQsIrsJ0zbye82zTgRNIMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvcUlWVDdwc05Dd2l1d25UTnZKN3piTk9CRTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEwuHgMA8E
AgACMAkDBwAgARToAAQwDQYJKoZIhvcNAQELBQADggEBACsDpGfDx38MDT5SrDd7
5nvIQsiEtyrhSKlQgprgCyVjKaCrzN/mccv/S8tNhjvZehmPU0oA/5gkmGhO2nmr
rUOHfqz5Y/qmBGHck57Fp4XiY/cFJiOI58vW54wMcabaeab5BRjxAOB1P4MKT1Zw
zpBOCYUTGgupCGD8rGGzW2rSAVEdJxzxycPU97aa6Azs5whym9VQvUqso+hoBg0K
/HMHrGmCSubqysEFr0QnznFiB8PICuABLkzdkq8OBvH6zDvtHRxgleApuyGdX8p5
dBXjefePjIF0EMoyxx5eHIJdVXOz5B2ekdpu8spUSgiGKY9KWcBEulhqSg7nF8gK
qvg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:45 2025 by rpki-client