Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/dmrSt8z3LwwaM3mlSTdCszJHSAc.roa
File: dmrSt8z3LwwaM3mlSTdCszJHSAc.roa (raw, json)
Hash identifier: kodS6ZLcb4geoLaiL3BF6FVj4r6IarAQU30leVO6vdM=
Subject key identifier: 76:6A:D2:B7:CC:F7:2F:0C:1A:33:79:A5:49:37:42:B3:32:47:48:07
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018570CBCD7C1C675CED05ABC394D2DF90FA
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/dmrSt8z3LwwaM3mlSTdCszJHSAc.roa
Signing time: Mon 02 Jan 2023 04:44:42 +0000
ROA not before: Mon 02 Jan 2023 04:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 158
IP address blocks: 194.237.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:cd:7c:1c:67:5c:ed:05:ab:c3:94:d2:df:90:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 04:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=766ad2b7ccf72f0c1a3379a5493742b332474807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:91:50:65:b8:29:39:db:ff:63:6d:74:14:
d8:92:c2:d5:9c:40:f6:8d:9e:33:e5:3c:a0:55:ae:
2e:36:0c:bf:6e:29:0c:01:b9:cb:75:3b:3e:04:cc:
a6:0d:51:7b:22:c2:2c:85:3f:5c:39:c8:9b:dd:71:
c6:df:4a:99:73:c4:74:d7:09:8d:34:a5:83:7d:fc:
f3:cc:7d:f9:b3:6a:31:17:6d:90:bf:f2:ee:3a:5d:
ee:03:0e:2f:c1:7b:27:e7:02:dd:d4:6a:33:f2:eb:
cb:84:a7:07:e1:d3:0e:99:c7:da:4a:e8:ce:e9:84:
33:4c:36:2f:a4:5e:62:e6:1a:a3:ee:ad:ae:98:c7:
4b:08:4d:e4:5a:a1:4c:64:9c:d4:dd:4e:a8:aa:90:
15:07:9b:31:bf:30:5a:28:aa:f5:7f:a5:1c:31:1a:
5a:78:81:b3:d1:ea:be:60:a4:07:6c:d2:05:b1:ce:
c3:cf:3e:ae:b6:28:5e:20:82:8b:20:d4:ed:99:0d:
08:ae:19:be:5c:c7:e0:23:66:df:1e:46:e6:6e:f1:
c2:6f:12:7f:9a:82:7b:11:f6:3d:9a:58:24:7c:fc:
a5:0b:61:b8:d1:76:cb:4c:d7:92:e2:b1:ee:4f:cd:
87:7f:a9:82:bc:e2:52:ba:b1:f4:3d:b8:25:40:56:
e3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6A:D2:B7:CC:F7:2F:0C:1A:33:79:A5:49:37:42:B3:32:47:48:07
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/dmrSt8z3LwwaM3mlSTdCszJHSAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.237.142.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:84:dc:30:0e:86:23:58:06:d6:32:17:30:96:5b:bc:09:ec:
92:db:ff:94:d3:31:74:6e:85:ed:78:b0:26:c0:c0:d7:0a:9e:
73:30:fe:b1:c1:19:f5:c5:c9:c4:fd:69:f2:11:6b:1b:e2:9c:
ee:8b:54:00:3d:cd:9b:89:33:c4:9a:ee:f5:26:82:24:7b:19:
50:6d:f5:c2:cf:16:07:98:0d:4d:47:95:00:ee:fb:29:8e:44:
d6:47:fa:b9:3d:ce:68:2d:16:7b:ac:5e:aa:04:bd:77:08:22:
01:20:05:97:05:a2:2d:cf:43:73:30:fa:80:bf:d6:86:e0:54:
89:ae:23:10:07:64:54:cc:d0:6e:7c:1d:b4:3b:5a:b0:62:6a:
dc:d0:4f:bf:41:7a:70:14:c8:37:0c:59:d4:0c:11:c1:c4:0a:
ef:fc:d7:e1:92:97:cd:c2:cb:54:04:5d:12:59:8e:7f:d2:c7:
96:8e:fe:f0:81:f6:5a:59:f9:be:76:ca:01:91:29:a3:cc:cd:
40:45:76:d6:f7:ff:e9:2a:6c:af:f3:63:c5:91:8e:ca:ea:50:
68:6f:c7:7d:8e:c2:1e:94:eb:ac:20:75:f2:ac:dd:a5:bd:28:
68:06:0b:e6:8b:c6:bd:6f:39:39:dd:3c:40:52:82:3b:62:54:
d4:80:88:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy818HGdc7QWrw5TS35D6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjMwMTAyMDQ0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjZhZDJiN2NjZjcyZjBjMWEzMzc5YTU0OTM3NDJiMzMyNDc0ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoSRUGW4KTnb/2NtdBTYksLVnED2
jZ4z5TygVa4uNgy/bikMAbnLdTs+BMymDVF7IsIshT9cOcib3XHG30qZc8R01wmN
NKWDffzzzH35s2oxF22Qv/LuOl3uAw4vwXsn5wLd1Goz8uvLhKcH4dMOmcfaSujO
6YQzTDYvpF5i5hqj7q2umMdLCE3kWqFMZJzU3U6oqpAVB5sxvzBaKKr1f6UcMRpa
eIGz0eq+YKQHbNIFsc7Dzz6utiheIIKLINTtmQ0Irhm+XMfgI2bfHkbmbvHCbxJ/
moJ7EfY9mlgkfPylC2G40XbLTNeS4rHuT82Hf6mCvOJSurH0PbglQFbjOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZq0rfM9y8MGjN5pUk3QrMyR0gHMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvZG1yU3Q4ejNMd3dhTTNtbFNUZENzekpIU0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwu2OMA0G
CSqGSIb3DQEBCwUAA4IBAQA9hNwwDoYjWAbWMhcwllu8CeyS2/+U0zF0boXteLAm
wMDXCp5zMP6xwRn1xcnE/WnyEWsb4pzui1QAPc2biTPEmu71JoIkexlQbfXCzxYH
mA1NR5UA7vspjkTWR/q5Pc5oLRZ7rF6qBL13CCIBIAWXBaItz0NzMPqAv9aG4FSJ
riMQB2RUzNBufB20O1qwYmrc0E+/QXpwFMg3DFnUDBHBxArv/NfhkpfNwstUBF0S
WY5/0seWjv7wgfZaWfm+dsoBkSmjzM1ARXbW9//pKmyv82PFkY7K6lBob8d9jsIe
lOusIHXyrN2lvShoBgvmi8a9bzk53TxAUoI7YlTUgIhf
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:35 2025 by rpki-client