Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/_DQNWPiAY9I4O-gB7HLOWqWomLY.roa
File: _DQNWPiAY9I4O-gB7HLOWqWomLY.roa (raw, json)
Hash identifier: XAAciaJbA4ptRL6Q5Ov8mUEvfQRhUb6TSTQ28/GD6Vo=
Subject key identifier: FC:34:0D:58:F8:80:63:D2:38:3B:E8:01:EC:72:CE:5A:A5:A8:98:B6
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01856EAFDAEA059445FDDF87B58DF5ABD97A
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/_DQNWPiAY9I4O-gB7HLOWqWomLY.roa
Signing time: Sun 01 Jan 2023 18:54:56 +0000
ROA not before: Sun 01 Jan 2023 18:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 185.69.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:da:ea:05:94:45:fd:df:87:b5:8d:f5:ab:d9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 18:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc340d58f88063d2383be801ec72ce5aa5a898b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:34:6c:57:ba:29:f7:ce:57:c5:66:19:2b:32:
07:c0:c9:49:ed:9a:ae:9d:25:75:b9:06:2f:2c:8f:
7b:b3:77:d8:61:8b:ab:82:e5:75:2d:bf:98:1b:25:
ce:30:67:9b:40:26:70:72:c7:9a:c7:34:64:ec:57:
a4:d0:2f:c8:43:39:f5:ca:cf:55:d2:5a:ac:16:bd:
98:cd:61:3d:55:ad:16:36:15:7c:8b:fd:72:f7:0c:
55:e0:bf:ca:4a:cb:df:cf:f4:40:b6:22:48:86:0d:
90:5a:51:5c:4e:2a:9a:94:16:07:b3:31:7e:9d:33:
b9:bc:0a:32:b6:48:03:fe:13:d2:c4:27:06:05:a6:
80:7f:8b:55:b9:f5:1a:99:94:cb:04:2b:db:90:30:
4b:3a:c4:df:d4:46:45:79:72:23:e4:be:dc:e2:63:
27:dc:1b:05:b2:97:22:16:9d:34:67:63:5e:be:61:
c4:93:5e:60:f2:09:ea:87:c0:15:13:82:89:1c:84:
c6:db:9f:79:f6:15:7e:b9:c0:80:31:e4:8c:14:93:
56:00:77:09:59:f1:8c:e2:4f:af:8e:5f:50:bc:25:
b7:d2:11:a9:6e:78:23:c8:26:af:91:85:48:87:ff:
2b:00:47:51:f4:08:55:09:c9:56:30:2a:97:7e:4d:
1c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:34:0D:58:F8:80:63:D2:38:3B:E8:01:EC:72:CE:5A:A5:A8:98:B6
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/_DQNWPiAY9I4O-gB7HLOWqWomLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.50.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:fb:dc:c3:cb:f5:33:ea:78:bf:bd:6c:35:b0:f8:2f:84:4e:
dd:53:eb:19:71:67:71:0d:a4:21:f7:30:24:c3:c9:84:17:71:
5e:e2:0a:f6:b0:e5:0c:4f:eb:92:72:c3:a1:10:d7:18:3e:5d:
7e:22:20:98:23:10:a3:c8:58:c7:60:35:90:4d:34:d6:a2:5b:
8e:89:64:86:dd:40:6b:6f:07:c9:54:7b:83:5c:16:de:8f:f6:
63:d7:a0:5c:3f:fb:1c:72:e1:6f:b4:f7:81:8e:86:b8:a9:7f:
cc:ce:4e:7c:1a:d3:75:92:37:4d:9c:92:13:33:56:d4:74:62:
08:cc:cd:b3:e7:7b:a5:b2:d9:70:28:97:6d:4b:63:ad:0f:16:
06:03:fd:77:aa:ac:31:18:6f:b7:8d:56:43:a9:a3:18:a8:47:
90:a7:e1:aa:cf:9c:bf:24:2f:4b:f8:cc:20:b8:dc:40:86:61:
f4:17:61:bc:f5:dd:1a:c3:3e:be:8e:97:56:27:b8:fa:31:ab:
47:e5:f8:02:c2:5c:35:6d:d6:11:cb:a9:2c:da:5b:4b:8c:71:
8a:fd:e5:bf:b7:3a:3e:9d:a0:3d:a2:94:77:3c:6d:f1:6d:f0:
42:fd:d7:0d:eb:ff:7c:47:ab:4a:dc:0d:7f:0e:1b:3d:c6:19:
28:54:62:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur9rqBZRF/d+HtY31q9l6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjMwMTAxMTg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzM0MGQ1OGY4ODA2M2QyMzgzYmU4MDFlYzcyY2U1YWE1YTg5OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijRsV7op985XxWYZKzIHwMlJ7Zqu
nSV1uQYvLI97s3fYYYurguV1Lb+YGyXOMGebQCZwcseaxzRk7Fek0C/IQzn1ys9V
0lqsFr2YzWE9Va0WNhV8i/1y9wxV4L/KSsvfz/RAtiJIhg2QWlFcTiqalBYHszF+
nTO5vAoytkgD/hPSxCcGBaaAf4tVufUamZTLBCvbkDBLOsTf1EZFeXIj5L7c4mMn
3BsFspciFp00Z2NevmHEk15g8gnqh8AVE4KJHITG25959hV+ucCAMeSMFJNWAHcJ
WfGM4k+vjl9QvCW30hGpbngjyCavkYVIh/8rAEdR9AhVCclWMCqXfk0c2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPw0DVj4gGPSODvoAexyzlqlqJi2MB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvX0RRTldQaUFZOUk0Ty1nQjdITE9XcVdvbUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUUyMA0G
CSqGSIb3DQEBCwUAA4IBAQCz+9zDy/Uz6ni/vWw1sPgvhE7dU+sZcWdxDaQh9zAk
w8mEF3Fe4gr2sOUMT+uScsOhENcYPl1+IiCYIxCjyFjHYDWQTTTWoluOiWSG3UBr
bwfJVHuDXBbej/Zj16BcP/sccuFvtPeBjoa4qX/Mzk58GtN1kjdNnJITM1bUdGII
zM2z53ulstlwKJdtS2OtDxYGA/13qqwxGG+3jVZDqaMYqEeQp+Gqz5y/JC9L+Mwg
uNxAhmH0F2G89d0awz6+jpdWJ7j6MatH5fgCwlw1bdYRy6ks2ltLjHGK/eW/tzo+
naA9opR3PG3xbfBC/dcN6/98R6tK3A1/Dhs9xhkoVGLl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:30 2025 by rpki-client