Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/_xuPisG6GG_XAnazHBzCp-DVPHc.roa
File: _xuPisG6GG_XAnazHBzCp-DVPHc.roa (raw, json)
Hash identifier: 4gzZUMSAOr70bsHSL2pRxl8uABDg3Atuc7yRdANWm4E=
Subject key identifier: FF:1B:8F:8A:C1:BA:18:6F:D7:02:76:B3:1C:1C:C2:A7:E0:D5:3C:77
Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Certificate serial: 01856C4A5FA14AD77FAF51137CC9809A6D66
Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/_xuPisG6GG_XAnazHBzCp-DVPHc.roa
Signing time: Sun 01 Jan 2023 07:44:51 +0000
ROA not before: Sun 01 Jan 2023 07:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209103
IP address blocks: 194.126.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:5f:a1:4a:d7:7f:af:51:13:7c:c9:80:9a:6d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Validity
Not Before: Jan 1 07:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff1b8f8ac1ba186fd70276b31c1cc2a7e0d53c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:74:f3:33:bb:8a:1b:c1:7d:68:b8:f6:6c:18:
57:2b:d9:a7:cc:75:dc:5f:f4:88:54:7a:52:dd:f8:
5b:da:fb:0a:66:29:67:1f:2d:f9:e4:5a:44:9c:a3:
5d:c7:38:d3:ab:17:23:f7:92:b4:31:0c:f5:91:83:
98:4e:91:64:8a:b9:49:c8:c4:5b:0b:e6:bb:f7:02:
1e:c5:af:09:25:63:c4:4c:54:fc:6f:bb:ea:4e:57:
23:fb:90:5f:68:7b:14:26:e5:07:80:88:eb:19:c4:
09:82:1b:26:2d:c4:be:22:47:f9:61:69:a9:fa:40:
d0:c7:6c:c5:84:26:ae:d3:fd:8c:61:35:a3:94:f9:
eb:ad:26:78:98:84:af:26:6a:81:46:3d:84:85:d8:
47:4a:17:31:62:1a:63:8b:bd:00:1c:64:0a:18:9c:
86:4f:38:88:99:60:d0:c7:a5:e4:8e:c4:a6:ef:9b:
06:27:73:8c:72:ac:e6:7f:f0:8a:36:c4:c6:10:04:
1e:0b:90:bb:e3:bd:bb:43:c1:86:a7:5a:95:45:c7:
8f:49:97:fa:04:c2:1a:1f:be:dc:b8:0f:57:af:51:
3b:6a:82:52:ab:03:6f:e6:73:61:4a:14:f3:49:a4:
a4:62:08:75:e0:41:1c:78:b5:cb:17:72:be:24:14:
d9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1B:8F:8A:C1:BA:18:6F:D7:02:76:B3:1C:1C:C2:A7:E0:D5:3C:77
X509v3 Authority Key Identifier:
keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/_xuPisG6GG_XAnazHBzCp-DVPHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.177.0/24
Signature Algorithm: sha256WithRSAEncryption
41:0c:08:95:74:46:ca:20:28:df:30:e0:dc:e0:4c:3f:cd:4b:
27:71:e7:38:c9:70:7e:0c:23:44:7b:69:fd:1b:cb:55:3d:b7:
41:f6:b0:14:28:a3:d2:c5:56:84:4d:a9:35:3f:27:aa:a6:19:
8b:70:fe:b5:77:9a:2f:47:de:0a:6b:98:d9:09:ee:52:86:d6:
8e:15:82:67:3c:b0:3b:5e:8b:39:92:7b:7d:b0:88:42:48:85:
a6:6e:e6:73:58:c4:f3:b1:67:c2:93:49:1f:45:af:65:4a:16:
19:65:9e:49:6e:90:1c:cc:40:b5:40:a4:b6:c8:0a:71:f9:db:
61:4d:b1:b4:78:b2:55:f7:db:e9:61:85:ff:3b:c8:9b:70:cb:
d3:0f:82:7c:82:5e:9f:d5:8a:1c:c1:b4:02:a4:47:fa:14:4c:
ad:d3:3f:4c:a8:41:ca:3d:8a:d3:f2:1e:07:a0:cf:bd:0c:d2:
8a:96:b6:70:d9:af:44:1f:02:00:a6:56:01:a2:7d:d4:65:b2:
f0:04:d1:cd:88:a8:31:87:cd:99:11:53:3c:22:65:4f:83:27:
e7:0b:19:0f:39:7f:e6:8d:77:3a:ec:0b:15:f9:bd:e8:eb:2b:
96:b0:5c:f8:5b:26:5a:a8:76:ed:63:5e:7a:6a:e0:1f:d3:28:
ba:b6:e6:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSl+hStd/r1ETfMmAmm1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz
NWUyMmIwHhcNMjMwMTAxMDc0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFiOGY4YWMxYmExODZmZDcwMjc2YjMxYzFjYzJhN2UwZDUzYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXTzM7uKG8F9aLj2bBhXK9mnzHXc
X/SIVHpS3fhb2vsKZilnHy355FpEnKNdxzjTqxcj95K0MQz1kYOYTpFkirlJyMRb
C+a79wIexa8JJWPETFT8b7vqTlcj+5BfaHsUJuUHgIjrGcQJghsmLcS+Ikf5YWmp
+kDQx2zFhCau0/2MYTWjlPnrrSZ4mISvJmqBRj2EhdhHShcxYhpji70AHGQKGJyG
TziImWDQx6XkjsSm75sGJ3OMcqzmf/CKNsTGEAQeC5C74727Q8GGp1qVRcePSZf6
BMIaH77cuA9Xr1E7aoJSqwNv5nNhShTzSaSkYgh14EEceLXLF3K+JBTZ7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8bj4rBuhhv1wJ2sxwcwqfg1Tx3MB8GA1UdIwQY
MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt
MWE4MGEyZjdkN2VhLzEvX3h1UGlzRzZHR19YQW5hekhCekNwLURWUEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh
LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn6xMA0G
CSqGSIb3DQEBCwUAA4IBAQBBDAiVdEbKICjfMODc4Ew/zUsncec4yXB+DCNEe2n9
G8tVPbdB9rAUKKPSxVaETak1PyeqphmLcP61d5ovR94Ka5jZCe5ShtaOFYJnPLA7
Xos5knt9sIhCSIWmbuZzWMTzsWfCk0kfRa9lShYZZZ5JbpAczEC1QKS2yApx+dth
TbG0eLJV99vpYYX/O8ibcMvTD4J8gl6f1YocwbQCpEf6FEyt0z9MqEHKPYrT8h4H
oM+9DNKKlrZw2a9EHwIAplYBon3UZbLwBNHNiKgxh82ZEVM8ImVPgyfnCxkPOX/m
jXc67AsV+b3o6yuWsFz4WyZaqHbtY156auAf0yi6tuYH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:07 2025 by rpki-client