Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/aecb6b-7b39-47f9-b0cf-8ffb127b324e/1/4Tm81S93tPkqrI7_H5ofooWQmoU.roa
File: 4Tm81S93tPkqrI7_H5ofooWQmoU.roa (raw, json)
Hash identifier: N9zg26zNpB2gAgMf7XM9zASDbkMrlHEqftxL9qgVEWA=
Subject key identifier: E1:39:BC:D5:2F:77:B4:F9:2A:AC:8E:FF:1F:9A:1F:A2:85:90:9A:85
Certificate issuer: /CN=7d5aa0afe8e6f0bb85e5c75f2f6c14121830ec85
Certificate serial: 018571A7BE7212ACD5BF60D64643E7BF45FC
Authority key identifier: 7D:5A:A0:AF:E8:E6:F0:BB:85:E5:C7:5F:2F:6C:14:12:18:30:EC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVqgr-jm8LuF5cdfL2wUEhgw7IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/aecb6b-7b39-47f9-b0cf-8ffb127b324e/1/4Tm81S93tPkqrI7_H5ofooWQmoU.roa
Signing time: Mon 02 Jan 2023 08:44:56 +0000
ROA not before: Mon 02 Jan 2023 08:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21355
IP address blocks: 194.31.14.0/23 maxlen: 24
194.99.88.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:be:72:12:ac:d5:bf:60:d6:46:43:e7:bf:45:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d5aa0afe8e6f0bb85e5c75f2f6c14121830ec85
Validity
Not Before: Jan 2 08:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e139bcd52f77b4f92aac8eff1f9a1fa285909a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3c:0a:e3:55:78:cb:ea:8a:52:18:ac:21:83:
f5:af:8c:58:36:a7:2b:1a:b5:e4:98:2d:0c:61:7a:
14:a1:07:1a:f1:50:c3:e5:28:57:36:0d:9d:5b:61:
45:17:17:77:96:e4:81:12:fd:46:87:b4:d7:44:93:
3c:33:ae:ca:46:84:25:e4:4e:4f:f9:db:8a:a6:70:
1a:9c:0c:c1:c2:b0:5e:af:90:59:a0:0b:9a:c1:3f:
0b:34:71:01:f0:12:a4:55:9a:94:52:11:42:f1:fa:
05:52:d9:3b:c0:59:10:eb:42:b4:b3:8d:59:da:00:
52:6c:de:5d:4d:4d:e0:7f:6a:cd:33:35:02:e7:f5:
bd:6b:01:42:86:6b:14:2e:96:92:f3:31:d5:30:b4:
60:2d:b2:1f:c0:cb:d5:65:ea:83:22:7f:13:d0:d1:
f2:bb:24:a6:15:f9:c8:ee:b1:47:23:41:98:3a:32:
ca:97:41:08:0a:78:57:b7:32:8e:c4:5b:dd:17:e7:
53:8e:12:84:89:3a:21:68:6b:05:47:53:75:21:d1:
70:0b:fb:52:0c:be:0a:7f:73:85:85:aa:17:6a:fb:
cf:b8:cb:e2:15:f6:77:26:c1:ab:58:a6:b4:1a:66:
43:bb:5d:7c:dd:7d:3b:75:83:1b:04:42:fd:de:88:
17:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:39:BC:D5:2F:77:B4:F9:2A:AC:8E:FF:1F:9A:1F:A2:85:90:9A:85
X509v3 Authority Key Identifier:
keyid:7D:5A:A0:AF:E8:E6:F0:BB:85:E5:C7:5F:2F:6C:14:12:18:30:EC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVqgr-jm8LuF5cdfL2wUEhgw7IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/aecb6b-7b39-47f9-b0cf-8ffb127b324e/1/4Tm81S93tPkqrI7_H5ofooWQmoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/aecb6b-7b39-47f9-b0cf-8ffb127b324e/1/fVqgr-jm8LuF5cdfL2wUEhgw7IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.14.0/23
194.99.88.0/23
Signature Algorithm: sha256WithRSAEncryption
91:ab:d5:0e:db:f3:4b:47:bd:12:ab:8b:d8:11:ba:78:ed:7d:
4e:54:e4:01:b3:34:f3:93:d5:93:8c:f6:2e:9d:62:89:b6:32:
b1:04:31:07:03:92:a9:e1:2f:83:c8:1c:51:f5:7a:84:c6:e1:
66:3c:ca:3b:72:52:14:1d:88:0b:5f:41:51:53:cd:6c:c5:32:
0b:a0:9c:20:26:5f:9e:22:fd:3f:4d:50:83:1b:02:61:2f:d4:
62:79:8c:10:3f:0e:2d:76:ef:35:40:88:8a:5a:13:50:41:0f:
b3:b2:24:95:61:87:91:ac:ad:62:42:fa:97:86:ad:34:96:dd:
a4:e7:4e:90:a5:b5:6f:e3:ab:a6:d4:5e:ef:8c:ac:c1:03:ca:
f1:0a:76:cd:24:1c:c7:5d:fe:a0:97:24:ac:52:66:3f:e3:4f:
c8:8b:71:82:20:d6:bc:e8:4e:99:4a:6d:ee:df:bb:88:74:90:
5f:b3:87:9b:bb:2e:83:21:3f:04:58:77:13:14:d3:b4:9b:5b:
f9:78:ad:00:35:b1:ed:74:6a:5c:02:80:49:81:d3:63:1e:fa:
fc:4b:94:30:4b:03:d6:84:42:ac:7d:58:5b:92:87:49:72:d5:
ff:98:8d:b8:6f:1b:08:2b:ee:50:58:b8:7c:83:44:b1:f4:a6:
de:d8:2b:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp75yEqzVv2DWRkPnv0X8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNWFhMGFmZThlNmYwYmI4NWU1Yzc1ZjJmNmMxNDEyMTgz
MGVjODUwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM5YmNkNTJmNzdiNGY5MmFhYzhlZmYxZjlhMWZhMjg1OTA5YTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDwK41V4y+qKUhisIYP1r4xYNqcr
GrXkmC0MYXoUoQca8VDD5ShXNg2dW2FFFxd3luSBEv1Gh7TXRJM8M67KRoQl5E5P
+duKpnAanAzBwrBer5BZoAuawT8LNHEB8BKkVZqUUhFC8foFUtk7wFkQ60K0s41Z
2gBSbN5dTU3gf2rNMzUC5/W9awFChmsULpaS8zHVMLRgLbIfwMvVZeqDIn8T0NHy
uySmFfnI7rFHI0GYOjLKl0EICnhXtzKOxFvdF+dTjhKEiTohaGsFR1N1IdFwC/tS
DL4Kf3OFhaoXavvPuMviFfZ3JsGrWKa0GmZDu1183X07dYMbBEL93ogXMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOE5vNUvd7T5KqyO/x+aH6KFkJqFMB8GA1UdIwQY
MBaAFH1aoK/o5vC7heXHXy9sFBIYMOyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZxZ3Itam04THVGNWNkZkwyd1VFaGd3N0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hZWNiNmItN2IzOS00N2Y5LWIwY2Yt
OGZmYjEyN2IzMjRlLzEvNFRtODFTOTN0UGtxckk3X0g1b2Zvb1dRbW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hZWNiNmItN2IzOS00N2Y5LWIwY2YtOGZmYjEyN2IzMjRl
LzEvZlZxZ3Itam04THVGNWNkZkwyd1VFaGd3N0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwh8OAwQB
wmNYMA0GCSqGSIb3DQEBCwUAA4IBAQCRq9UO2/NLR70Sq4vYEbp47X1OVOQBszTz
k9WTjPYunWKJtjKxBDEHA5Kp4S+DyBxR9XqExuFmPMo7clIUHYgLX0FRU81sxTIL
oJwgJl+eIv0/TVCDGwJhL9RieYwQPw4tdu81QIiKWhNQQQ+zsiSVYYeRrK1iQvqX
hq00lt2k506QpbVv46um1F7vjKzBA8rxCnbNJBzHXf6glySsUmY/40/Ii3GCINa8
6E6ZSm3u37uIdJBfs4ebuy6DIT8EWHcTFNO0m1v5eK0ANbHtdGpcAoBJgdNjHvr8
S5QwSwPWhEKsfVhbkodJctX/mI24bxsIK+5QWLh8g0Sx9Kbe2Cvb
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:06 2025 by rpki-client