Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/Exv4dtOseoa8qUJxNY_6mxPQpg4.roa
File: Exv4dtOseoa8qUJxNY_6mxPQpg4.roa (raw, json)
Hash identifier: byv0dNXV7xuIyciQpNIKFOcYzun6t3EfnDILMWGC2/o=
Subject key identifier: 13:1B:F8:76:D3:AC:7A:86:BC:A9:42:71:35:8F:FA:9B:13:D0:A6:0E
Certificate issuer: /CN=2aa17ed407432c418b1c9eaf61fd1ca1cbff6a74
Certificate serial: 018A8E5E77045D124E63F1D5858F7B43E721
Authority key identifier: 2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/Exv4dtOseoa8qUJxNY_6mxPQpg4.roa
Signing time: Wed 13 Sep 2023 11:47:50 +0000
ROA not before: Wed 13 Sep 2023 11:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61423
IP address blocks: 194.124.145.0/24 maxlen: 24
194.124.146.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:5e:77:04:5d:12:4e:63:f1:d5:85:8f:7b:43:e7:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa17ed407432c418b1c9eaf61fd1ca1cbff6a74
Validity
Not Before: Sep 13 11:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=131bf876d3ac7a86bca94271358ffa9b13d0a60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f5:63:9c:77:4d:5f:8a:ff:39:c5:ca:12:62:
b6:fd:3e:77:35:ef:3c:3d:8b:e2:61:5e:19:61:97:
82:08:c7:6d:c3:97:e1:51:59:36:fb:64:0f:2a:32:
ac:59:6f:f5:0c:a7:9a:37:e2:d3:c7:25:ee:c5:53:
ac:01:25:5a:af:17:e5:46:a4:dd:39:0f:c1:da:8e:
e5:6d:06:aa:d7:af:0f:eb:1a:ca:5b:96:d1:8f:4b:
3b:04:1d:dc:37:98:29:09:d6:9b:47:f7:cc:01:a1:
d8:57:06:eb:59:f6:bd:3c:d0:8f:10:c3:3d:9a:39:
14:24:d3:72:5f:8d:84:cf:36:15:11:07:3c:91:fa:
2b:1e:9a:3e:ad:a7:ed:c9:a6:f1:73:de:4b:40:34:
46:43:da:4b:d7:5b:4c:83:92:2d:e0:1b:17:99:cf:
a1:9f:21:0e:a8:44:a9:79:f1:e4:e0:53:4b:de:09:
f7:59:ca:2c:e5:81:78:3b:cd:fa:f5:68:a8:7f:fd:
99:2c:12:cd:94:9f:c8:e1:a9:d3:ab:fa:15:58:80:
ad:4c:1e:40:f5:d7:b3:e6:ae:64:34:0b:e1:db:27:
d9:fd:5d:55:12:37:6b:c7:89:c6:6d:e9:f0:88:40:
5c:40:35:16:4a:6f:8a:04:c8:f9:c1:b0:04:49:49:
f2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1B:F8:76:D3:AC:7A:86:BC:A9:42:71:35:8F:FA:9B:13:D0:A6:0E
X509v3 Authority Key Identifier:
keyid:2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/Exv4dtOseoa8qUJxNY_6mxPQpg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/KqF-1AdDLEGLHJ6vYf0cocv_anQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.145.0-194.124.147.255
Signature Algorithm: sha256WithRSAEncryption
47:92:74:ad:37:54:29:c1:46:cd:0f:f4:f0:3d:e5:1d:f5:7d:
03:a3:11:57:32:79:2d:32:05:ad:be:57:87:69:91:d9:79:64:
0b:0a:9f:4c:06:58:90:05:23:01:4c:1f:07:27:46:4a:bd:83:
d9:7d:0a:46:2c:5f:d2:aa:f1:78:f5:1f:ab:41:12:d9:e8:75:
e8:9c:73:ba:57:09:90:d6:a2:45:8b:3c:86:cf:a2:eb:7e:c6:
d9:d4:5d:ee:ee:d9:67:fc:99:a4:68:1a:56:21:8a:4b:98:87:
34:24:2e:ce:76:bf:0c:6e:12:d0:07:df:84:91:ed:4e:46:a0:
d5:d0:9f:fe:1d:c6:00:67:fa:c6:8e:6e:44:d9:c4:05:0b:d2:
91:81:f4:ed:6c:40:64:73:b4:e9:14:26:b1:3b:0e:12:a2:3f:
52:12:eb:11:4d:00:87:da:64:3b:e7:18:60:5e:4f:53:e6:da:
42:5f:22:d7:13:d6:6a:8c:ec:fc:13:0a:de:0b:c6:d1:ff:aa:
94:8f:11:74:97:f5:0a:41:e1:16:4a:9a:24:07:8e:b9:1b:70:
c2:a6:27:90:9b:33:e5:3b:03:bd:1b:d2:c3:bc:00:ea:54:5e:
25:01:8c:20:66:4d:29:4a:74:ed:71:cd:a6:b7:74:ea:b8:25:
ee:3c:4d:98
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqOXncEXRJOY/HVhY97Q+chMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE3ZWQ0MDc0MzJjNDE4YjFjOWVhZjYxZmQxY2ExY2Jm
ZjZhNzQwHhcNMjMwOTEzMTE0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzFiZjg3NmQzYWM3YTg2YmNhOTQyNzEzNThmZmE5YjEzZDBhNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvVjnHdNX4r/OcXKEmK2/T53Ne88
PYviYV4ZYZeCCMdtw5fhUVk2+2QPKjKsWW/1DKeaN+LTxyXuxVOsASVarxflRqTd
OQ/B2o7lbQaq168P6xrKW5bRj0s7BB3cN5gpCdabR/fMAaHYVwbrWfa9PNCPEMM9
mjkUJNNyX42EzzYVEQc8kforHpo+raftyabxc95LQDRGQ9pL11tMg5It4BsXmc+h
nyEOqESpefHk4FNL3gn3Wcos5YF4O8369Wiof/2ZLBLNlJ/I4anTq/oVWICtTB5A
9dez5q5kNAvh2yfZ/V1VEjdrx4nGbenwiEBcQDUWSm+KBMj5wbAESUnyoQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBMb+HbTrHqGvKlCcTWP+psT0KYOMB8GA1UdIwQY
MBaAFCqhftQHQyxBixyer2H9HKHL/2p0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FGLTFBZERMRUdMSEo2dllmMGNvY3ZfYW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NGQ0MzctYTI3Ny00MWJkLTk4OGYt
OTUwZjBhMDEwMWE5LzEvRXh2NGR0T3Nlb2E4cVVKeE5ZXzZteFBRcGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NGQ0MzctYTI3Ny00MWJkLTk4OGYtOTUwZjBhMDEwMWE5
LzEvS3FGLTFBZERMRUdMSEo2dllmMGNvY3ZfYW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCfJED
BALCfJAwDQYJKoZIhvcNAQELBQADggEBAEeSdK03VCnBRs0P9PA95R31fQOjEVcy
eS0yBa2+V4dpkdl5ZAsKn0wGWJAFIwFMHwcnRkq9g9l9CkYsX9Kq8Xj1H6tBEtno
deicc7pXCZDWokWLPIbPout+xtnUXe7u2Wf8maRoGlYhikuYhzQkLs52vwxuEtAH
34SR7U5GoNXQn/4dxgBn+saObkTZxAUL0pGB9O1sQGRztOkUJrE7DhKiP1IS6xFN
AIfaZDvnGGBeT1Pm2kJfItcT1mqM7PwTCt4LxtH/qpSPEXSX9QpB4RZKmiQHjrkb
cMKmJ5CbM+U7A70b0sO8AOpUXiUBjCBmTSlKdO1xzaa3dOq4Je48TZg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:39 2025 by rpki-client