Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/RfXQzntXRvhOSA6VmLN_wcs-ymY.roa
File: RfXQzntXRvhOSA6VmLN_wcs-ymY.roa (raw, json)
Hash identifier: ooXZuA/t6Ff89hJy8throwZ2ZbqN4N5l0lVsnh1QDDU=
Subject key identifier: 45:F5:D0:CE:7B:57:46:F8:4E:48:0E:95:98:B3:7F:C1:CB:3E:CA:66
Certificate issuer: /CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Certificate serial: 018573038AC27A11F98818164CC3EC1A72C4
Authority key identifier: A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/RfXQzntXRvhOSA6VmLN_wcs-ymY.roa
Signing time: Mon 02 Jan 2023 15:04:49 +0000
ROA not before: Mon 02 Jan 2023 15:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202373
IP address blocks: 194.34.159.0/24 maxlen: 24
194.34.156.0/22 maxlen: 22
194.34.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:8a:c2:7a:11:f9:88:18:16:4c:c3:ec:1a:72:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Validity
Not Before: Jan 2 15:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45f5d0ce7b5746f84e480e9598b37fc1cb3eca66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b0:d6:39:14:04:d0:66:4a:49:da:ba:23:78:
d1:c5:ff:2b:1f:9a:2c:da:c7:e1:2d:1b:8b:b8:3c:
62:f5:44:a1:17:aa:89:cf:ea:11:ec:3e:57:48:47:
eb:19:6d:7e:49:22:f1:63:b7:70:19:e3:66:52:b2:
87:ef:65:5d:05:88:ec:95:6e:72:3c:53:e0:d8:f1:
29:75:5c:43:a8:56:b5:89:d6:17:68:35:d1:c6:9e:
67:61:8a:7f:a5:89:49:c4:5c:37:18:72:b1:a8:61:
9b:1d:7e:05:c3:eb:7a:48:a9:91:ec:cd:ff:1f:ec:
79:57:78:bb:17:15:0b:06:d4:d1:56:e6:09:be:34:
21:6d:03:27:bb:ad:95:f8:d4:16:af:8c:0f:e4:88:
93:2f:8d:97:af:fc:bf:f1:cf:f0:45:2f:b5:bd:93:
94:a6:a7:70:c1:82:02:b8:cc:65:2d:8a:c3:6b:0b:
64:47:aa:c8:fa:ea:55:f4:64:cb:9c:95:c6:af:5f:
8f:ef:91:ba:9d:e9:2c:8f:1b:54:56:5c:51:76:b6:
41:55:66:3e:f2:cf:bb:4a:de:3c:b1:79:83:e6:54:
8a:d6:8f:01:7f:92:6a:f3:d4:f9:29:07:28:0d:40:
18:38:53:27:72:a2:8b:81:30:c8:21:6b:94:cf:e5:
71:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F5:D0:CE:7B:57:46:F8:4E:48:0E:95:98:B3:7F:C1:CB:3E:CA:66
X509v3 Authority Key Identifier:
keyid:A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/RfXQzntXRvhOSA6VmLN_wcs-ymY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.156.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:8b:5d:ca:cc:f0:92:9a:24:c7:06:e1:c2:a2:33:ec:c9:c7:
0f:62:8a:d0:2f:28:d9:c2:96:1b:23:7b:bc:7a:96:71:94:0c:
8d:67:13:7d:07:a1:fd:39:3d:3d:29:f8:50:be:ae:31:15:01:
d4:b1:37:38:40:13:8c:37:44:b5:b0:2d:41:02:c4:a6:76:d0:
31:c4:f7:c4:f7:89:d4:98:06:e1:f4:3b:e7:f4:bc:3d:7c:5c:
f7:1a:1c:42:9d:f3:fd:4d:69:0e:e8:ca:3e:ec:ce:1e:e6:f5:
78:73:3b:d9:ce:14:54:0b:21:3c:0f:ad:b9:ee:53:db:6a:a9:
0b:ef:a7:98:86:e2:37:ac:3d:e0:0f:61:c3:26:6a:79:c9:e1:
a2:38:03:38:47:7b:b8:3e:3c:41:46:b2:f4:c2:42:00:56:76:
69:b0:4e:a6:dd:ff:56:30:56:b6:34:6c:77:17:4d:25:e4:53:
22:2b:e2:d7:70:ac:15:f1:9c:b3:a9:57:db:02:a1:25:1c:a5:
db:30:19:ce:dd:86:4a:86:8f:51:5f:cc:c1:28:9c:dd:7c:73:
fc:44:4b:4c:70:87:69:ad:a2:1d:01:66:e8:2a:43:20:32:d0:
23:f3:66:eb:81:78:0c:d7:4b:5d:dc:44:81:b0:6a:e6:f2:95:
84:1d:38:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA4rCehH5iBgWTMPsGnLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWNhYTJhNzM2ODA2OThiMmM5ZTFhNmM5NjQxYTc0ZjNj
ZTc2ZTgwHhcNMjMwMTAyMTUwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWY1ZDBjZTdiNTc0NmY4NGU0ODBlOTU5OGIzN2ZjMWNiM2VjYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrDWORQE0GZKSdq6I3jRxf8rH5os
2sfhLRuLuDxi9UShF6qJz+oR7D5XSEfrGW1+SSLxY7dwGeNmUrKH72VdBYjslW5y
PFPg2PEpdVxDqFa1idYXaDXRxp5nYYp/pYlJxFw3GHKxqGGbHX4Fw+t6SKmR7M3/
H+x5V3i7FxULBtTRVuYJvjQhbQMnu62V+NQWr4wP5IiTL42Xr/y/8c/wRS+1vZOU
pqdwwYICuMxlLYrDawtkR6rI+upV9GTLnJXGr1+P75G6neksjxtUVlxRdrZBVWY+
8s+7St48sXmD5lSK1o8Bf5Jq89T5KQcoDUAYOFMncqKLgTDIIWuUz+VxzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEX10M57V0b4TkgOlZizf8HLPspmMB8GA1UdIwQY
MBaAFKWcqipzaAaYssnhpslkGnTzznboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYt
YWU5MWFiMzQyYmUxLzEvUmZYUXpudFhSdmhPU0E2Vm1MTl93Y3MteW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYtYWU5MWFiMzQyYmUx
LzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiKcMA0G
CSqGSIb3DQEBCwUAA4IBAQA7i13KzPCSmiTHBuHCojPsyccPYorQLyjZwpYbI3u8
epZxlAyNZxN9B6H9OT09KfhQvq4xFQHUsTc4QBOMN0S1sC1BAsSmdtAxxPfE94nU
mAbh9Dvn9Lw9fFz3GhxCnfP9TWkO6Mo+7M4e5vV4czvZzhRUCyE8D6257lPbaqkL
76eYhuI3rD3gD2HDJmp5yeGiOAM4R3u4PjxBRrL0wkIAVnZpsE6m3f9WMFa2NGx3
F00l5FMiK+LXcKwV8ZyzqVfbAqElHKXbMBnO3YZKho9RX8zBKJzdfHP8REtMcIdp
raIdAWboKkMgMtAj82brgXgM10td3ESBsGrm8pWEHTgb
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:04:59 2025 by rpki-client