Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/1oc8sT77uhLJMhsT9TE1e14BC48.roa
File: 1oc8sT77uhLJMhsT9TE1e14BC48.roa (raw, json)
Hash identifier: RHVIALg0bYiN7D1tgDMzL6ZJv2L7DFRfBmagt0d8708=
Subject key identifier: D6:87:3C:B1:3E:FB:BA:12:C9:32:1B:13:F5:31:35:7B:5E:01:0B:8F
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01870F0A50C7828710399D8680E4D5F98DB5
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/1oc8sT77uhLJMhsT9TE1e14BC48.roa
Signing time: Thu 23 Mar 2023 15:15:46 +0000
ROA not before: Thu 23 Mar 2023 15:15:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6168
IP address blocks: 194.170.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0f:0a:50:c7:82:87:10:39:9d:86:80:e4:d5:f9:8d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Mar 23 15:15:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6873cb13efbba12c9321b13f531357b5e010b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a9:b6:71:bc:83:96:e9:e3:e2:a8:e0:0d:f5:
01:60:6b:ed:69:88:0d:3f:e6:61:29:03:8f:b7:96:
06:7b:5d:74:fa:44:72:60:61:f7:64:5b:18:52:9a:
e1:d6:c9:78:90:69:66:7f:43:82:45:e3:a9:96:26:
71:d2:ef:18:19:97:30:69:b9:cd:59:c4:0f:c3:b1:
cd:35:ff:a7:57:91:07:7f:6e:08:94:11:16:ba:d9:
4b:90:bb:f5:80:79:e9:5f:08:cd:c4:4a:fd:a7:fb:
c3:15:c8:d6:04:33:44:f2:dc:90:8e:c5:52:f4:5c:
fa:be:fa:30:5d:46:db:1e:90:61:32:7c:22:64:67:
01:d5:eb:cf:34:4f:a0:de:cf:96:97:7e:7f:c1:ce:
07:0f:fd:53:10:50:09:e6:c4:2e:de:7c:d7:59:3d:
16:b1:78:7c:0e:97:99:c4:df:37:28:77:2c:03:65:
03:dd:ba:af:6a:57:72:96:2f:c2:5f:1a:09:67:16:
d2:d4:dd:d2:be:8e:84:57:e1:88:17:50:37:10:91:
53:b9:29:3e:4e:77:5a:f6:48:00:57:cd:86:04:79:
8f:73:e9:bb:bc:08:9e:9d:88:48:13:25:66:b1:f5:
a2:ac:91:5c:a3:22:ae:cd:20:a6:27:ab:54:ef:d4:
f1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:87:3C:B1:3E:FB:BA:12:C9:32:1B:13:F5:31:35:7B:5E:01:0B:8F
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/1oc8sT77uhLJMhsT9TE1e14BC48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.170.246.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:24:51:4f:94:ce:c4:1b:dc:e3:63:91:be:f1:8a:b3:bb:59:
9d:d8:26:25:e1:98:45:a7:0f:f2:d3:c5:84:64:75:da:42:d0:
02:82:5f:74:2a:08:65:1a:b7:90:18:4f:1b:86:46:2a:a9:7c:
18:ce:78:a5:6a:b2:8f:10:c5:ba:fb:94:39:53:da:07:63:46:
91:af:95:30:c2:1d:d2:d9:13:13:90:97:0b:78:d7:83:cb:e0:
a7:b0:7f:fd:f1:88:65:b4:31:ab:10:06:3d:23:98:cd:4e:4a:
11:28:fa:53:e2:4b:c1:9e:2d:59:87:8d:27:4a:94:f3:5c:63:
4e:fd:f6:a6:95:5c:c1:83:66:ca:ed:f2:85:ca:e4:b3:1f:ab:
f5:18:e5:41:6e:c5:bf:30:3c:bd:d2:f8:77:45:65:02:f4:c1:
c5:be:c6:9c:40:6c:d3:61:24:46:2c:e4:76:1d:97:59:c3:e8:
e2:fe:4d:23:14:84:51:4a:c6:e7:2b:e3:df:24:0b:32:8b:2b:
dc:d4:5a:1d:ec:f2:26:c5:bd:e2:9d:5b:54:51:af:79:73:01:
7c:51:fd:a6:db:ff:70:01:2a:4f:25:d6:50:f6:aa:72:d8:86:
f8:09:36:b0:63:25:14:80:f7:94:e3:cf:9d:be:7c:26:8d:9a:
30:cf:05:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcPClDHgocQOZ2GgOTV+Y21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwMzIzMTUxNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjg3M2NiMTNlZmJiYTEyYzkzMjFiMTNmNTMxMzU3YjVlMDEwYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKm2cbyDlunj4qjgDfUBYGvtaYgN
P+ZhKQOPt5YGe110+kRyYGH3ZFsYUprh1sl4kGlmf0OCReOpliZx0u8YGZcwabnN
WcQPw7HNNf+nV5EHf24IlBEWutlLkLv1gHnpXwjNxEr9p/vDFcjWBDNE8tyQjsVS
9Fz6vvowXUbbHpBhMnwiZGcB1evPNE+g3s+Wl35/wc4HD/1TEFAJ5sQu3nzXWT0W
sXh8DpeZxN83KHcsA2UD3bqvaldyli/CXxoJZxbS1N3Svo6EV+GIF1A3EJFTuSk+
Tnda9kgAV82GBHmPc+m7vAienYhIEyVmsfWirJFcoyKuzSCmJ6tU79TxSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaHPLE++7oSyTIbE/UxNXteAQuPMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvMW9jOHNUNzd1aExKTWhzVDlURTFlMTRCQzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqr2MA0G
CSqGSIb3DQEBCwUAA4IBAQBcJFFPlM7EG9zjY5G+8Yqzu1md2CYl4ZhFpw/y08WE
ZHXaQtACgl90KghlGreQGE8bhkYqqXwYznilarKPEMW6+5Q5U9oHY0aRr5Uwwh3S
2RMTkJcLeNeDy+CnsH/98YhltDGrEAY9I5jNTkoRKPpT4kvBni1Zh40nSpTzXGNO
/famlVzBg2bK7fKFyuSzH6v1GOVBbsW/MDy90vh3RWUC9MHFvsacQGzTYSRGLOR2
HZdZw+ji/k0jFIRRSsbnK+PfJAsyiyvc1Fod7PImxb3inVtUUa95cwF8Uf2m2/9w
ASpPJdZQ9qpy2Ib4CTawYyUUgPeU48+dvnwmjZowzwUO
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:45:12 2025 by rpki-client