Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bdd2ba-a484-4b0d-ae9a-5d33e18a69a0/1/x3oNBSlOvYCIUnFeCrMoSWSG0ds.roa
File: x3oNBSlOvYCIUnFeCrMoSWSG0ds.roa (raw, json)
Hash identifier: Klz3FSwuKh0wiBrMujZNlsAUEEZA9dfNogqMkYz+l34=
Subject key identifier: C7:7A:0D:05:29:4E:BD:80:88:52:71:5E:0A:B3:28:49:64:86:D1:DB
Certificate issuer: /CN=344718d135a09bb524706b4259cabcc626e514ef
Certificate serial: 12912949
Authority key identifier: 34:47:18:D1:35:A0:9B:B5:24:70:6B:42:59:CA:BC:C6:26:E5:14:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NEcY0TWgm7UkcGtCWcq8xiblFO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bdd2ba-a484-4b0d-ae9a-5d33e18a69a0/1/x3oNBSlOvYCIUnFeCrMoSWSG0ds.roa
Signing time: Sat 01 Jan 2022 11:03:28 +0000
ROA not before: Sat 01 Jan 2022 11:03:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38915
IP address blocks: 194.104.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311503177 (0x12912949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=344718d135a09bb524706b4259cabcc626e514ef
Validity
Not Before: Jan 1 11:03:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c77a0d05294ebd808852715e0ab328496486d1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3c:5c:2b:9d:eb:84:c6:ee:41:dd:7e:c4:5b:
c8:4c:92:f8:10:d8:e3:00:fd:d1:f4:86:b6:dd:b6:
a0:a1:b6:6e:0a:51:7a:7f:5d:8a:7b:cc:c0:15:30:
8a:9d:f3:ec:3d:0f:ff:52:68:ac:13:34:09:48:40:
04:9e:cc:2d:0a:b2:ed:ae:94:f7:44:c5:cc:94:58:
10:65:70:8f:bb:f9:17:7a:7a:4f:f5:43:51:21:c0:
6d:db:6a:13:1c:26:c1:de:a1:0a:48:f9:ba:81:37:
af:78:e2:c8:10:f5:93:c1:1b:7b:67:00:24:53:8f:
c2:d1:a2:f3:de:c5:64:56:0c:af:f9:ec:40:9a:d2:
16:c5:04:ef:62:2e:aa:68:52:76:fd:d4:19:b4:13:
b8:b4:32:d5:47:50:27:bd:2d:8f:de:08:69:b2:11:
c7:fb:88:7f:1b:8a:6d:95:32:53:1a:34:ce:13:bb:
4f:c1:3f:0e:ee:b2:23:62:05:12:0a:a9:d1:34:01:
ec:f9:11:0b:a8:a5:b9:a3:33:1d:d1:43:65:c3:60:
67:8f:a7:7c:17:7f:fb:f2:bd:be:5f:06:3f:c0:cf:
8b:d3:56:a9:d9:9c:ae:16:a6:37:89:3e:2c:35:c2:
ee:77:44:c4:35:0d:a2:e3:83:db:ac:f4:25:fa:e4:
7a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7A:0D:05:29:4E:BD:80:88:52:71:5E:0A:B3:28:49:64:86:D1:DB
X509v3 Authority Key Identifier:
keyid:34:47:18:D1:35:A0:9B:B5:24:70:6B:42:59:CA:BC:C6:26:E5:14:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NEcY0TWgm7UkcGtCWcq8xiblFO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bdd2ba-a484-4b0d-ae9a-5d33e18a69a0/1/x3oNBSlOvYCIUnFeCrMoSWSG0ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bdd2ba-a484-4b0d-ae9a-5d33e18a69a0/1/NEcY0TWgm7UkcGtCWcq8xiblFO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.157.0/24
Signature Algorithm: sha256WithRSAEncryption
60:66:1f:18:70:6e:a5:94:cf:26:68:d7:75:62:cc:e3:54:a4:
df:f2:90:dd:a2:6c:09:7e:0b:26:62:74:eb:3c:96:46:91:9e:
9f:8a:c6:e8:05:d4:bc:4d:e5:62:0e:3b:94:c0:19:68:5e:35:
98:b4:e0:96:5e:30:8f:7f:75:1b:91:14:4d:0a:07:08:36:67:
e7:f5:54:1d:e4:b3:16:89:a4:5a:cf:a5:73:ba:55:76:d3:63:
d9:46:65:b2:d3:2a:51:9d:ae:4a:00:94:d7:98:56:ec:3d:a7:
c6:39:88:f3:2c:ca:d1:e7:d3:2c:06:e2:7e:e0:a5:c7:58:11:
aa:1b:d0:d4:92:3d:71:82:1d:30:ec:c9:e5:a4:0e:16:22:e1:
bb:05:e7:f8:b0:1b:62:90:d1:f7:0b:61:ef:90:cb:31:af:ec:
19:32:1c:46:5b:ee:69:3f:7a:a2:92:29:53:c8:8d:73:d5:88:
63:8e:ca:ad:ed:51:b4:57:1c:40:02:07:68:1f:9d:55:21:e8:
b3:ed:48:97:f5:86:b8:04:47:8d:19:70:93:ee:db:b1:c9:66:
a3:a9:56:67:89:64:b1:94:72:52:07:9e:d8:c8:c3:74:39:2b:
a5:3e:63:9e:ad:5a:3e:f5:42:f4:aa:d0:76:ec:a6:c8:7b:22:
bb:4b:c6:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEpEpSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDQ3MThkMTM1YTA5YmI1MjQ3MDZiNDI1OWNhYmNjNjI2ZTUxNGVmMB4XDTIyMDEw
MTExMDMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc3YTBkMDUyOTRl
YmQ4MDg4NTI3MTVlMGFiMzI4NDk2NDg2ZDFkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANs8XCud64TG7kHdfsRbyEyS+BDY4wD90fSGtt22oKG2bgpR
en9dinvMwBUwip3z7D0P/1JorBM0CUhABJ7MLQqy7a6U90TFzJRYEGVwj7v5F3p6
T/VDUSHAbdtqExwmwd6hCkj5uoE3r3jiyBD1k8Ebe2cAJFOPwtGi897FZFYMr/ns
QJrSFsUE72IuqmhSdv3UGbQTuLQy1UdQJ70tj94IabIRx/uIfxuKbZUyUxo0zhO7
T8E/Du6yI2IFEgqp0TQB7PkRC6iluaMzHdFDZcNgZ4+nfBd/+/K9vl8GP8DPi9NW
qdmcrhamN4k+LDXC7ndExDUNouOD26z0JfrkemMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTHeg0FKU69gIhScV4KsyhJZIbR2zAfBgNVHSMEGDAWgBQ0RxjRNaCbtSRw
a0JZyrzGJuUU7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05FY1kwVFdnbTdVa2NHdENXY3E4eGlibEZPOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvYmRkMmJhLWE0ODQtNGIwZC1hZTlhLTVkMzNlMThhNjlhMC8x
L3gzb05CU2xPdllDSVVuRmVDck1vU1dTRzBkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
YmRkMmJhLWE0ODQtNGIwZC1hZTlhLTVkMzNlMThhNjlhMC8xL05FY1kwVFdnbTdV
a2NHdENXY3E4eGlibEZPOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJonTANBgkqhkiG9w0BAQsFAAOC
AQEAYGYfGHBupZTPJmjXdWLM41Sk3/KQ3aJsCX4LJmJ06zyWRpGen4rG6AXUvE3l
Yg47lMAZaF41mLTgll4wj391G5EUTQoHCDZn5/VUHeSzFomkWs+lc7pVdtNj2UZl
stMqUZ2uSgCU15hW7D2nxjmI8yzK0efTLAbifuClx1gRqhvQ1JI9cYIdMOzJ5aQO
FiLhuwXn+LAbYpDR9wth75DLMa/sGTIcRlvuaT96opIpU8iNc9WIY47Kre1RtFcc
QAIHaB+dVSHos+1Il/WGuARHjRlwk+7bsclmo6lWZ4lksZRyUgee2MjDdDkrpT5j
nq1aPvVC9KrQduymyHsiu0vGuA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:19 2025 by rpki-client