Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/420IAXEovPct3GBktJVqII34buE.roa
File: 420IAXEovPct3GBktJVqII34buE.roa (raw, json)
Hash identifier: OUXlhi0Vpdk/stSDp1JiX0IdzsUWGZjmzccrHIQRb8w=
Subject key identifier: E3:6D:08:01:71:28:BC:F7:2D:DC:60:64:B4:95:6A:20:8D:F8:6E:E1
Certificate issuer: /CN=068cb85bc4e9e4b732e957f08aa1c0237aadc47f
Certificate serial: 037CF58B
Authority key identifier: 06:8C:B8:5B:C4:E9:E4:B7:32:E9:57:F0:8A:A1:C0:23:7A:AD:C4:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/420IAXEovPct3GBktJVqII34buE.roa
Signing time: Sat 01 Jan 2022 07:03:00 +0000
ROA not before: Sat 01 Jan 2022 07:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29686
IP address blocks: 194.0.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58520971 (0x37cf58b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=068cb85bc4e9e4b732e957f08aa1c0237aadc47f
Validity
Not Before: Jan 1 07:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e36d08017128bcf72ddc6064b4956a208df86ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:76:ec:d5:b8:6c:b7:4d:1c:57:6c:d3:bc:
09:1e:da:38:b0:84:42:6e:92:c2:a0:f1:e0:89:21:
9f:62:bc:fd:e9:53:2a:77:80:01:55:ea:04:9a:6b:
56:c1:56:21:07:d7:ee:90:c0:52:c8:45:88:5a:5a:
98:10:7f:52:f1:76:9a:00:9c:48:36:a6:ed:59:7b:
42:4c:be:52:5d:5a:e4:c5:f3:2e:ed:d4:b3:86:64:
0c:f9:68:89:e5:e7:af:7c:56:49:f6:04:4b:37:fa:
9b:c6:06:25:cc:93:ef:cd:2a:24:43:9c:31:82:7e:
d2:8a:d7:69:04:50:03:3b:51:c7:65:3f:b9:d0:59:
2e:5c:3d:16:3e:50:86:d8:2c:52:3f:16:90:f8:f4:
07:94:bb:e4:88:35:c0:cd:58:2f:78:f7:6e:cf:1f:
af:7a:30:3d:06:6e:53:74:fd:88:d4:c9:6c:68:ca:
c7:65:8f:3d:aa:87:64:ed:98:3a:68:08:ef:88:24:
69:d0:34:50:f0:09:29:51:56:fd:9c:30:76:37:89:
dc:49:49:3f:83:ee:c8:28:18:18:1e:97:62:2b:16:
68:e9:3a:20:5d:7d:19:ca:e4:68:d1:22:36:f7:c4:
e5:e5:ea:d9:2e:db:37:6c:9f:a2:58:cd:76:b2:80:
16:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6D:08:01:71:28:BC:F7:2D:DC:60:64:B4:95:6A:20:8D:F8:6E:E1
X509v3 Authority Key Identifier:
keyid:06:8C:B8:5B:C4:E9:E4:B7:32:E9:57:F0:8A:A1:C0:23:7A:AD:C4:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/420IAXEovPct3GBktJVqII34buE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/18c856-18b1-4375-bcac-19f22ed613a5/1/Boy4W8Tp5Lcy6VfwiqHAI3qtxH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.208.0/24
Signature Algorithm: sha256WithRSAEncryption
77:49:37:62:f3:91:3c:be:76:b1:1f:bf:f5:48:6a:d8:30:40:
e4:1e:63:47:2c:ee:d9:17:52:96:54:e0:c6:02:bb:27:72:f8:
68:cc:da:04:e8:04:f7:9c:12:42:0f:78:7c:3d:1e:63:6b:8d:
35:47:ff:39:df:e7:6e:10:6e:ff:ec:e8:44:a6:42:66:ec:de:
34:eb:7c:8b:3f:67:a4:c2:ae:af:d9:7e:ca:f4:3c:50:3f:a3:
cb:6f:37:0c:be:83:d3:57:d8:2e:cb:11:f4:17:62:3b:86:8d:
ff:2e:cb:a8:89:b2:83:b7:0f:4a:7c:44:4e:a7:16:77:f5:29:
d9:0b:ac:19:27:d4:f1:a8:1f:91:79:56:f0:8f:1b:fb:0d:9c:
49:97:1d:aa:24:74:49:5b:04:c3:47:37:54:a4:14:24:6f:4b:
19:56:ed:7a:c3:89:29:a1:d2:47:6f:f9:c4:6d:41:a1:f8:b5:
bc:f9:b4:91:85:ee:ed:03:56:49:37:4a:8e:2d:46:1a:00:04:
09:04:e5:b4:76:1e:2e:57:0a:68:62:88:7c:84:37:07:e5:ae:
ce:e2:86:4c:d4:37:1c:c9:d9:5c:1c:02:d1:bc:96:a4:21:a1:
c9:dd:a7:96:5f:14:db:09:89:92:85:d4:a0:e1:ad:93:15:3c:
cd:44:94:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3z1izANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjhjYjg1YmM0ZTllNGI3MzJlOTU3ZjA4YWExYzAyMzdhYWRjNDdmMB4XDTIyMDEw
MTA3MDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM2ZDA4MDE3MTI4
YmNmNzJkZGM2MDY0YjQ5NTZhMjA4ZGY4NmVlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaOduzVuGy3TRxXbNO8CR7aOLCEQm6SwqDx4Ikhn2K8/elT
KneAAVXqBJprVsFWIQfX7pDAUshFiFpamBB/UvF2mgCcSDam7Vl7Qky+Ul1a5MXz
Lu3Us4ZkDPloieXnr3xWSfYESzf6m8YGJcyT780qJEOcMYJ+0orXaQRQAztRx2U/
udBZLlw9Fj5QhtgsUj8WkPj0B5S75Ig1wM1YL3j3bs8fr3owPQZuU3T9iNTJbGjK
x2WPPaqHZO2YOmgI74gkadA0UPAJKVFW/ZwwdjeJ3ElJP4PuyCgYGB6XYisWaOk6
IF19GcrkaNEiNvfE5eXq2S7bN2yfoljNdrKAFpUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjbQgBcSi89y3cYGS0lWogjfhu4TAfBgNVHSMEGDAWgBQGjLhbxOnktzLp
V/CKocAjeq3EfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JveTRXOFRwNUxjeTZWZndpcUhBSTNxdHhIOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMThjODU2LTE4YjEtNDM3NS1iY2FjLTE5ZjIyZWQ2MTNhNS8x
LzQyMElBWEVvdlBjdDNHQmt0SlZxSUkzNGJ1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MThjODU2LTE4YjEtNDM3NS1iY2FjLTE5ZjIyZWQ2MTNhNS8xL0JveTRXOFRwNUxj
eTZWZndpcUhBSTNxdHhIOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIA0DANBgkqhkiG9w0BAQsFAAOC
AQEAd0k3YvORPL52sR+/9Uhq2DBA5B5jRyzu2RdSllTgxgK7J3L4aMzaBOgE95wS
Qg94fD0eY2uNNUf/Od/nbhBu/+zoRKZCZuzeNOt8iz9npMKur9l+yvQ8UD+jy283
DL6D01fYLssR9BdiO4aN/y7LqImyg7cPSnxETqcWd/Up2QusGSfU8agfkXlW8I8b
+w2cSZcdqiR0SVsEw0c3VKQUJG9LGVbtesOJKaHSR2/5xG1Bofi1vPm0kYXu7QNW
STdKji1GGgAECQTltHYeLlcKaGKIfIQ3B+WuzuKGTNQ3HMnZXBwC0byWpCGhyd2n
ll8U2wmJkoXUoOGtkxU8zUSUVA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:46 2025 by rpki-client