Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/EP9RE_HvnInS62WIjism0NORZak.roa
File: EP9RE_HvnInS62WIjism0NORZak.roa (raw, json)
Hash identifier: DDi3H/UA1IhX6exYsyjiai1TR2kOFvDxboKLxS/fWBA=
Subject key identifier: 10:FF:51:13:F1:EF:9C:89:D2:EB:65:88:8E:2B:26:D0:D3:91:65:A9
Certificate issuer: /CN=1983b02e10ca821bfe1be6e751d92cf73d6d4c0b
Certificate serial: 01871D9B421E58AFA0349F2C9FEFB428EA0D
Authority key identifier: 19:83:B0:2E:10:CA:82:1B:FE:1B:E6:E7:51:D9:2C:F7:3D:6D:4C:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GYOwLhDKghv-G-bnUdks9z1tTAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/EP9RE_HvnInS62WIjism0NORZak.roa
Signing time: Sun 26 Mar 2023 11:08:46 +0000
ROA not before: Sun 26 Mar 2023 11:08:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208472
IP address blocks: 194.11.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1d:9b:42:1e:58:af:a0:34:9f:2c:9f:ef:b4:28:ea:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1983b02e10ca821bfe1be6e751d92cf73d6d4c0b
Validity
Not Before: Mar 26 11:08:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10ff5113f1ef9c89d2eb65888e2b26d0d39165a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ff:46:c9:9a:22:e2:88:7d:21:7a:72:ac:03:
86:2b:98:d5:86:91:9c:d6:0e:4c:25:73:12:d6:17:
17:74:70:2e:a2:c7:cb:fe:37:31:a9:a0:87:8c:99:
0b:69:2e:95:76:6e:79:aa:4b:b0:57:f9:3a:b6:d2:
cf:c7:52:46:bc:27:1c:e3:bd:eb:d2:bd:f6:d9:b1:
1e:e1:a6:fe:c4:46:6d:23:f2:73:6f:43:b1:0f:73:
d8:8f:7f:b8:32:f0:71:12:f9:75:0a:a8:c5:9e:24:
d2:f1:1c:7b:46:de:1c:fc:e6:ab:9c:fd:8b:bf:d7:
90:99:5f:73:be:d8:0a:ef:3f:5a:42:af:12:3f:a4:
e5:3f:ba:a0:18:59:2c:6e:f7:58:17:6b:97:16:5b:
f0:f3:bb:2f:fb:1e:a8:e2:5a:01:c0:66:6c:f7:8d:
30:45:df:06:7e:18:f4:a0:51:45:9b:a9:76:b0:ff:
c2:96:a2:38:0c:b3:26:8f:34:2a:25:73:44:bc:8b:
27:03:61:a2:c3:c4:f5:87:05:b7:ed:70:e5:e8:25:
83:82:00:7b:18:9c:24:83:67:6f:1c:cc:30:ac:8d:
bf:10:c3:09:ed:0e:45:07:52:3e:1c:ff:6f:72:3d:
67:68:8d:12:fb:f1:90:3a:0b:2f:6b:5e:bd:62:ee:
07:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FF:51:13:F1:EF:9C:89:D2:EB:65:88:8E:2B:26:D0:D3:91:65:A9
X509v3 Authority Key Identifier:
keyid:19:83:B0:2E:10:CA:82:1B:FE:1B:E6:E7:51:D9:2C:F7:3D:6D:4C:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GYOwLhDKghv-G-bnUdks9z1tTAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/EP9RE_HvnInS62WIjism0NORZak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/GYOwLhDKghv-G-bnUdks9z1tTAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.247.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:8b:ff:47:ca:b6:ba:31:7c:25:27:02:f5:b2:d2:e3:64:4f:
3b:2a:4e:55:c6:0e:39:4c:d9:9d:a1:cb:c2:74:85:c7:3a:7b:
7d:73:ba:f6:3d:de:36:e8:5e:90:68:4d:23:26:45:46:6f:c8:
88:54:8e:ec:04:fb:c5:fb:46:e7:6a:f8:1c:2b:83:22:85:f2:
98:7b:89:50:a1:63:dd:c4:6d:fe:32:b6:53:fe:96:fc:b2:8c:
8e:25:45:bb:f2:c6:f5:ff:11:95:bc:7a:16:0f:e1:a2:33:01:
c5:67:b4:26:47:25:10:4a:43:a4:9e:26:f0:d4:93:00:c2:47:
47:fb:ff:24:61:87:ea:95:11:0d:d4:46:8c:8a:cc:0d:2a:99:
ee:28:af:97:d1:a0:77:f4:3f:50:6b:86:cb:1c:a6:07:96:cc:
d8:69:69:9f:50:09:79:20:77:00:40:16:3a:cc:33:68:80:04:
3f:05:db:f8:c7:0d:13:ee:96:b6:2c:be:2b:e4:42:95:07:c8:
99:37:aa:09:7c:27:05:57:38:db:34:9a:8c:07:2c:47:c3:d8:
b6:31:10:3a:1b:d4:f8:54:02:12:1a:fa:fc:75:68:e4:6c:27:
ec:2e:85:ec:2d:39:00:63:2e:fb:e6:31:6e:b5:6b:8d:46:a1:
b1:f8:32:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcdm0IeWK+gNJ8sn++0KOoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ODNiMDJlMTBjYTgyMWJmZTFiZTZlNzUxZDkyY2Y3M2Q2
ZDRjMGIwHhcNMjMwMzI2MTEwODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZmNTExM2YxZWY5Yzg5ZDJlYjY1ODg4ZTJiMjZkMGQzOTE2NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/9GyZoi4oh9IXpyrAOGK5jVhpGc
1g5MJXMS1hcXdHAuosfL/jcxqaCHjJkLaS6Vdm55qkuwV/k6ttLPx1JGvCcc473r
0r322bEe4ab+xEZtI/Jzb0OxD3PYj3+4MvBxEvl1CqjFniTS8Rx7Rt4c/OarnP2L
v9eQmV9zvtgK7z9aQq8SP6TlP7qgGFksbvdYF2uXFlvw87sv+x6o4loBwGZs940w
Rd8Gfhj0oFFFm6l2sP/ClqI4DLMmjzQqJXNEvIsnA2Giw8T1hwW37XDl6CWDggB7
GJwkg2dvHMwwrI2/EMMJ7Q5FB1I+HP9vcj1naI0S+/GQOgsva169Yu4H/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBD/URPx75yJ0utliI4rJtDTkWWpMB8GA1UdIwQY
MBaAFBmDsC4QyoIb/hvm51HZLPc9bUwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1lPd0xoREtnaHYtRy1iblVka3M5ejF0VEFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wOTZjMTctZGQ4My00MDU4LTgyZTEt
Y2RhMzYyNTYyOTZjLzEvRVA5UkVfSHZuSW5TNjJXSWppc20wTk9SWmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wOTZjMTctZGQ4My00MDU4LTgyZTEtY2RhMzYyNTYyOTZj
LzEvR1lPd0xoREtnaHYtRy1iblVka3M5ejF0VEFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgv3MA0G
CSqGSIb3DQEBCwUAA4IBAQAui/9Hyra6MXwlJwL1stLjZE87Kk5Vxg45TNmdocvC
dIXHOnt9c7r2Pd426F6QaE0jJkVGb8iIVI7sBPvF+0bnavgcK4MihfKYe4lQoWPd
xG3+MrZT/pb8soyOJUW78sb1/xGVvHoWD+GiMwHFZ7QmRyUQSkOknibw1JMAwkdH
+/8kYYfqlREN1EaMiswNKpnuKK+X0aB39D9Qa4bLHKYHlszYaWmfUAl5IHcAQBY6
zDNogAQ/Bdv4xw0T7pa2LL4r5EKVB8iZN6oJfCcFVzjbNJqMByxHw9i2MRA6G9T4
VAISGvr8dWjkbCfsLoXsLTkAYy775jFutWuNRqGx+DIp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:48 2025 by rpki-client