Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/X_UoRwdlEtMuvP9RZA-DsLx_RH0.roa
File: X_UoRwdlEtMuvP9RZA-DsLx_RH0.roa (raw, json)
Hash identifier: Mhl4hCCw0LEplfcSeJaaAWhgL8EEitxKuh6AxZEwSdw=
Subject key identifier: 5F:F5:28:47:07:65:12:D3:2E:BC:FF:51:64:0F:83:B0:BC:7F:44:7D
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 3DC8C440
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/X_UoRwdlEtMuvP9RZA-DsLx_RH0.roa
Signing time: Sat 01 Jan 2022 08:56:54 +0000
ROA not before: Sat 01 Jan 2022 08:56:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29217
IP address blocks: 194.18.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1036567616 (0x3dc8c440)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 08:56:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ff52847076512d32ebcff51640f83b0bc7f447d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:06:73:b5:f8:7c:88:b0:a9:ba:80:d9:23:3a:
03:5f:6f:b5:8e:1e:e1:1b:63:a1:8a:90:de:d0:e0:
b2:ab:68:bd:12:c4:2c:a6:a1:c3:39:17:68:a5:36:
24:23:83:62:4f:65:ca:71:12:a3:23:61:36:a1:f7:
ce:5a:ea:34:57:46:f7:ec:40:10:52:8b:a2:81:49:
d4:b2:98:48:74:96:d6:47:48:74:72:58:2d:ac:86:
b2:82:f7:8b:1a:0c:ee:ea:10:30:50:45:3f:37:49:
1f:c2:8f:2c:c1:91:72:7e:2c:c4:5b:29:5a:7b:6a:
78:3f:3e:31:f9:36:11:af:3c:6e:b0:0e:19:29:31:
41:34:48:dd:44:20:4b:6f:48:37:37:3c:99:f1:1d:
94:43:c2:0c:5f:3a:1b:c1:66:4f:9c:0d:25:8f:bf:
18:6c:3e:70:33:61:cc:e1:4e:b8:f2:02:47:75:bd:
7c:42:b9:b4:5d:c2:36:ed:f5:38:2a:b5:38:04:13:
53:c3:39:76:b7:66:66:eb:54:ee:65:ac:b8:53:3d:
de:74:7e:ac:49:95:f9:ae:8c:d8:c5:ef:07:0d:59:
c3:ec:be:39:33:21:ce:26:59:5e:3c:ba:40:1c:be:
1a:b7:b1:f1:8f:ae:c5:49:0f:0e:aa:fc:3c:27:43:
14:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F5:28:47:07:65:12:D3:2E:BC:FF:51:64:0F:83:B0:BC:7F:44:7D
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/X_UoRwdlEtMuvP9RZA-DsLx_RH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.18.224.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:f9:d3:e0:cf:fd:b7:3f:55:f5:4d:d4:58:92:c1:97:df:b1:
d3:4c:2d:09:0f:05:28:25:fe:cd:72:5f:07:94:66:a6:6d:36:
01:11:fd:e6:bd:0a:14:19:48:3f:b7:57:42:54:06:f8:96:00:
f5:de:be:0f:4e:ee:7a:1a:58:73:94:91:65:5b:a3:63:ed:a4:
9f:cb:ce:c6:d6:f3:0c:54:3c:36:97:0a:a0:9a:25:f0:65:21:
6c:84:82:0e:07:69:bf:07:0f:13:f5:1c:a1:fd:fa:9e:f2:2e:
ba:1d:25:86:0b:dc:74:a4:ac:49:32:1a:c5:3e:9d:89:59:9b:
aa:69:2c:4f:63:2b:5a:94:f8:b0:6d:06:21:07:df:0e:9c:94:
fc:01:a3:2e:6b:eb:f2:55:38:6c:7c:a5:17:95:a8:f4:96:6c:
31:b9:94:e2:02:0b:16:79:e2:5b:0d:65:49:07:b8:40:61:f8:
8b:2c:13:db:8d:a3:1f:f0:5c:06:58:4f:c9:22:ca:af:c6:f6:
32:96:30:00:e7:0e:79:81:55:9f:b4:eb:9b:73:73:cf:46:6d:
43:d3:95:fe:43:47:52:3e:eb:ac:4c:5a:e1:6a:8f:f8:52:89:
dc:2a:37:c6:a1:d5:f2:ed:02:7a:09:5a:fd:da:7e:35:2d:6c:
51:c5:9a:ff
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPcjEQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY4MTM4ZDRlYzJlYTUxY2FjZWYwOWZmMTA1OGEzNzBhNWJlMTkwMB4XDTIyMDEw
MTA4NTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZmNTI4NDcwNzY1
MTJkMzJlYmNmZjUxNjQwZjgzYjBiYzdmNDQ3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEGc7X4fIiwqbqA2SM6A19vtY4e4RtjoYqQ3tDgsqtovRLE
LKahwzkXaKU2JCODYk9lynESoyNhNqH3zlrqNFdG9+xAEFKLooFJ1LKYSHSW1kdI
dHJYLayGsoL3ixoM7uoQMFBFPzdJH8KPLMGRcn4sxFspWntqeD8+Mfk2Ea88brAO
GSkxQTRI3UQgS29INzc8mfEdlEPCDF86G8FmT5wNJY+/GGw+cDNhzOFOuPICR3W9
fEK5tF3CNu31OCq1OAQTU8M5drdmZutU7mWsuFM93nR+rEmV+a6M2MXvBw1Zw+y+
OTMhziZZXjy6QBy+Grex8Y+uxUkPDqr8PCdDFNcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRf9ShHB2US0y68/1FkD4OwvH9EfTAfBgNVHSMEGDAWgBQfaBONTsLqUcrO
8J/xBYo3ClvhkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyZ1RqVTdDNmxIS3p2Q2Y4UVdLTndwYjRaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8x
L1hfVW9Sd2RsRXRNdXZQOVJaQS1Ec0x4X1JIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8xL0gyZ1RqVTdDNmxI
S3p2Q2Y4UVdLTndwYjRaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIS4DANBgkqhkiG9w0BAQsFAAOC
AQEA4/nT4M/9tz9V9U3UWJLBl9+x00wtCQ8FKCX+zXJfB5Rmpm02ARH95r0KFBlI
P7dXQlQG+JYA9d6+D07uehpYc5SRZVujY+2kn8vOxtbzDFQ8NpcKoJol8GUhbISC
DgdpvwcPE/Ucof36nvIuuh0lhgvcdKSsSTIaxT6diVmbqmksT2MrWpT4sG0GIQff
DpyU/AGjLmvr8lU4bHylF5Wo9JZsMbmU4gILFnniWw1lSQe4QGH4iywT242jH/Bc
BlhPySLKr8b2MpYwAOcOeYFVn7Trm3Nzz0ZtQ9OV/kNHUj7rrExa4WqP+FKJ3Co3
xqHV8u0Cegla/dp+NS1sUcWa/w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:49 2025 by rpki-client