Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/4CwKP1iHmR9ni8eoIyxNBz9xbHY.roa
File: 4CwKP1iHmR9ni8eoIyxNBz9xbHY.roa (raw, json)
Hash identifier: b2SG3JZF9G4qseki8uj5x4vuIBOjvht53ZrPR+o07L0=
Subject key identifier: E0:2C:0A:3F:58:87:99:1F:67:8B:C7:A8:23:2C:4D:07:3F:71:6C:76
Certificate issuer: /CN=2aa17ed407432c418b1c9eaf61fd1ca1cbff6a74
Certificate serial: 0185A4F4CB7DA57AC555AE84AF1824879C04
Authority key identifier: 2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/4CwKP1iHmR9ni8eoIyxNBz9xbHY.roa
Signing time: Thu 12 Jan 2023 07:49:44 +0000
ROA not before: Thu 12 Jan 2023 07:49:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 194.124.145.0/24 maxlen: 24
194.124.146.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a4:f4:cb:7d:a5:7a:c5:55:ae:84:af:18:24:87:9c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa17ed407432c418b1c9eaf61fd1ca1cbff6a74
Validity
Not Before: Jan 12 07:49:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e02c0a3f5887991f678bc7a8232c4d073f716c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1c:d1:9a:7a:49:53:87:ef:ef:92:a6:58:c7:
64:42:b3:58:13:e0:94:3b:dd:d6:9c:c6:65:e9:5e:
63:99:98:09:f2:fd:e8:04:3b:80:fa:0c:c2:4c:f5:
82:aa:57:1c:7d:77:0c:8a:eb:19:86:4d:63:88:41:
72:fb:b4:62:ec:21:92:78:d3:3d:dc:69:fc:67:15:
80:0c:32:fe:21:d0:b9:b2:81:be:26:7c:ac:89:de:
4c:4c:a8:a1:14:24:0f:64:59:7f:5d:e8:8d:4b:72:
e7:b9:7c:c6:d4:23:5c:30:a8:72:28:71:ed:d7:e2:
9e:fa:e0:71:5d:d1:70:59:a8:aa:8d:a2:c5:38:7e:
90:96:0e:b8:c5:01:27:93:49:dd:8f:9b:05:ae:00:
f7:77:68:ef:e0:b5:da:1f:11:fc:03:3b:f2:86:01:
6a:a7:f3:4f:1b:8a:48:bf:5b:bd:60:ba:ef:5f:98:
2c:22:be:8c:a0:73:93:7c:f9:e5:56:ea:c1:47:2a:
e5:ea:cc:b2:ac:66:dd:03:a4:01:dc:4c:cb:7d:76:
e5:5c:f9:84:f4:50:ac:d9:9e:58:ce:d9:04:8a:41:
78:7f:32:e1:50:54:e8:a8:a1:ae:dc:cf:2a:07:13:
bc:2f:04:85:44:b0:20:ee:10:01:e9:e8:fb:c6:88:
01:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2C:0A:3F:58:87:99:1F:67:8B:C7:A8:23:2C:4D:07:3F:71:6C:76
X509v3 Authority Key Identifier:
keyid:2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/4CwKP1iHmR9ni8eoIyxNBz9xbHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/KqF-1AdDLEGLHJ6vYf0cocv_anQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.145.0-194.124.147.255
Signature Algorithm: sha256WithRSAEncryption
17:e1:eb:3c:d1:63:29:9c:0d:f3:fa:60:60:1d:83:29:6b:eb:
10:94:98:3b:58:ea:11:ee:41:cf:37:11:f0:58:c4:96:c8:80:
80:28:6c:78:e6:94:93:e7:1d:d3:c0:c8:7d:33:3f:8d:4c:6e:
e8:9f:32:b2:4b:34:88:f6:40:80:5c:a8:ff:d6:ee:45:3e:a7:
98:a0:d2:2a:3b:47:27:be:22:5d:2c:2e:e0:ba:e7:b3:19:c8:
8d:ea:f0:8c:1a:23:3a:4e:3f:36:fe:96:c8:9d:2c:32:68:3f:
be:27:ab:4b:68:dd:5a:f2:b0:30:5f:f9:74:18:5d:02:4e:4f:
f5:b3:bd:e8:9e:30:a7:ba:dd:40:87:c4:cb:15:63:45:eb:3e:
6b:5b:ad:5a:4f:ce:8d:bc:88:dd:ca:ae:89:f2:1c:97:84:97:
e5:2e:49:f0:bc:c8:f0:ec:9a:e9:4e:e4:91:b1:cc:2e:03:be:
36:f4:b0:fa:fe:db:82:f3:d3:9a:e1:a7:3e:88:3b:40:57:21:
ea:09:0f:db:a1:80:dd:3e:86:3c:ad:27:3c:14:3c:aa:1a:c4:
c9:b7:4f:74:6d:a1:85:5e:9c:38:04:2b:d5:ff:47:3d:f9:f3:
91:31:ed:0a:8e:e5:ba:5d:2c:65:8d:40:ba:0a:9c:2b:6a:48:
84:40:34:aa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYWk9Mt9pXrFVa6Erxgkh5wEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE3ZWQ0MDc0MzJjNDE4YjFjOWVhZjYxZmQxY2ExY2Jm
ZjZhNzQwHhcNMjMwMTEyMDc0OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJjMGEzZjU4ODc5OTFmNjc4YmM3YTgyMzJjNGQwNzNmNzE2Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxzRmnpJU4fv75KmWMdkQrNYE+CU
O93WnMZl6V5jmZgJ8v3oBDuA+gzCTPWCqlccfXcMiusZhk1jiEFy+7Ri7CGSeNM9
3Gn8ZxWADDL+IdC5soG+Jnysid5MTKihFCQPZFl/XeiNS3LnuXzG1CNcMKhyKHHt
1+Ke+uBxXdFwWaiqjaLFOH6Qlg64xQEnk0ndj5sFrgD3d2jv4LXaHxH8AzvyhgFq
p/NPG4pIv1u9YLrvX5gsIr6MoHOTfPnlVurBRyrl6syyrGbdA6QB3EzLfXblXPmE
9FCs2Z5YztkEikF4fzLhUFToqKGu3M8qBxO8LwSFRLAg7hAB6ej7xogBZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOAsCj9Yh5kfZ4vHqCMsTQc/cWx2MB8GA1UdIwQY
MBaAFCqhftQHQyxBixyer2H9HKHL/2p0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FGLTFBZERMRUdMSEo2dllmMGNvY3ZfYW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NGQ0MzctYTI3Ny00MWJkLTk4OGYt
OTUwZjBhMDEwMWE5LzEvNEN3S1AxaUhtUjluaThlb0l5eE5Cejl4YkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NGQ0MzctYTI3Ny00MWJkLTk4OGYtOTUwZjBhMDEwMWE5
LzEvS3FGLTFBZERMRUdMSEo2dllmMGNvY3ZfYW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCfJED
BALCfJAwDQYJKoZIhvcNAQELBQADggEBABfh6zzRYymcDfP6YGAdgylr6xCUmDtY
6hHuQc83EfBYxJbIgIAobHjmlJPnHdPAyH0zP41MbuifMrJLNIj2QIBcqP/W7kU+
p5ig0io7Rye+Il0sLuC657MZyI3q8IwaIzpOPzb+lsidLDJoP74nq0to3VrysDBf
+XQYXQJOT/WzveieMKe63UCHxMsVY0XrPmtbrVpPzo28iN3KronyHJeEl+UuSfC8
yPDsmulO5JGxzC4Dvjb0sPr+24Lz05rhpz6IO0BXIeoJD9uhgN0+hjytJzwUPKoa
xMm3T3RtoYVenDgEK9X/Rz3585Ex7QqO5bpdLGWNQLoKnCtqSIRANKo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:35 2025 by rpki-client