Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/lUHW213SFx9q6b4dMGffziBdG7c.roa
File: lUHW213SFx9q6b4dMGffziBdG7c.roa (raw, json)
Hash identifier: kS8u4cvNU+rmvQbaX3w0iFCtXlJZQDJUfglKzsqu0ns=
Subject key identifier: 95:41:D6:DB:5D:D2:17:1F:6A:E9:BE:1D:30:67:DF:CE:20:5D:1B:B7
Certificate issuer: /CN=1089a0251e32bf3c480f5a94abb5fb4eb906a5b3
Certificate serial: 01857295A063A82216EED67A750E8486C09A
Authority key identifier: 10:89:A0:25:1E:32:BF:3C:48:0F:5A:94:AB:B5:FB:4E:B9:06:A5:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EImgJR4yvzxID1qUq7X7TrkGpbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/lUHW213SFx9q6b4dMGffziBdG7c.roa
Signing time: Mon 02 Jan 2023 13:04:45 +0000
ROA not before: Mon 02 Jan 2023 13:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203412
IP address blocks: 194.55.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:a0:63:a8:22:16:ee:d6:7a:75:0e:84:86:c0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1089a0251e32bf3c480f5a94abb5fb4eb906a5b3
Validity
Not Before: Jan 2 13:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9541d6db5dd2171f6ae9be1d3067dfce205d1bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6a:ed:6d:53:01:e3:d1:7a:ff:2d:73:00:84:
06:b0:92:94:35:52:1b:4d:c8:c9:46:5f:f6:cb:35:
88:fc:88:64:10:99:c7:c5:82:b8:9b:bf:e8:f3:e6:
05:0d:23:04:ca:c3:91:19:83:55:63:2d:0f:b2:6c:
84:13:65:f2:b5:87:4f:f9:2a:75:a3:cb:73:88:67:
fe:36:c2:66:9e:e4:13:7f:44:9d:67:60:80:c3:32:
bb:65:fe:95:57:09:cb:07:e8:22:8b:b8:ac:e4:ba:
f6:cd:fb:bc:ee:ec:ba:c3:b5:2a:9f:5f:44:8e:a5:
d3:92:52:62:38:42:df:25:e9:c2:bd:f3:44:0b:79:
f9:46:68:6a:24:f4:09:83:99:ef:23:c1:e0:9d:3d:
e3:8e:f3:5e:56:95:fa:0e:57:ef:4f:ce:a4:25:70:
c2:05:37:b5:8c:d0:35:6c:89:41:8b:4e:dc:63:a9:
91:63:05:36:aa:05:36:60:51:e5:2f:c9:9b:bc:d0:
8b:78:0a:82:a3:79:47:1f:a3:6c:65:00:58:aa:a5:
a7:9b:a2:65:d4:a7:fb:69:43:f2:62:90:6f:8d:22:
76:05:0d:a1:d9:9d:5c:ba:4a:01:53:1a:dc:e7:2c:
59:d0:aa:72:f1:d6:79:d7:a5:5d:63:26:c4:8a:c4:
7f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:41:D6:DB:5D:D2:17:1F:6A:E9:BE:1D:30:67:DF:CE:20:5D:1B:B7
X509v3 Authority Key Identifier:
keyid:10:89:A0:25:1E:32:BF:3C:48:0F:5A:94:AB:B5:FB:4E:B9:06:A5:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EImgJR4yvzxID1qUq7X7TrkGpbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/lUHW213SFx9q6b4dMGffziBdG7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/EImgJR4yvzxID1qUq7X7TrkGpbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.162.0/24
Signature Algorithm: sha256WithRSAEncryption
40:67:ca:b3:32:43:b0:d8:3d:6e:2e:a5:e4:4b:d8:da:3a:b2:
17:83:f0:f6:6f:3a:16:29:7b:41:bc:be:16:fb:21:39:3f:70:
13:55:a3:ad:a5:da:29:a2:26:96:a8:39:8c:91:73:c0:05:11:
dd:72:9a:8f:45:f1:10:6b:b6:d8:50:89:b8:a1:fb:ef:97:2f:
17:3d:d8:60:da:7e:38:79:66:62:07:5d:48:8c:0d:5c:8a:cd:
04:bf:65:27:f6:4f:13:fb:38:2c:8a:0d:55:b8:30:c9:b1:49:
31:a3:55:5b:ef:83:bf:00:bb:2f:ba:92:50:d7:db:78:ee:5a:
9b:ed:4f:7f:89:64:56:df:07:c1:0e:6c:60:41:da:24:4e:bc:
6c:d5:86:6e:b1:01:a4:d6:80:21:cf:3f:25:10:53:ed:99:26:
be:13:62:ec:ce:3c:b8:9d:e6:33:3f:9d:a9:8e:85:ad:8d:a4:
e1:bf:db:02:c9:5c:d0:7c:ab:71:ec:41:dc:ab:a7:fc:bd:a3:
b3:07:2b:b6:cd:aa:28:42:d0:1b:6e:03:70:04:c9:df:24:29:
87:df:f1:bb:8e:3a:0f:4d:ed:55:b8:c6:6a:b2:02:c0:b6:d9:
50:c4:49:1e:ba:65:69:c3:56:e7:2d:5c:13:0c:80:6b:c1:f9:
bb:6f:06:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVylaBjqCIW7tZ6dQ6EhsCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwODlhMDI1MWUzMmJmM2M0ODBmNWE5NGFiYjVmYjRlYjkw
NmE1YjMwHhcNMjMwMTAyMTMwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQxZDZkYjVkZDIxNzFmNmFlOWJlMWQzMDY3ZGZjZTIwNWQxYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGrtbVMB49F6/y1zAIQGsJKUNVIb
TcjJRl/2yzWI/IhkEJnHxYK4m7/o8+YFDSMEysORGYNVYy0PsmyEE2XytYdP+Sp1
o8tziGf+NsJmnuQTf0SdZ2CAwzK7Zf6VVwnLB+gii7is5Lr2zfu87uy6w7Uqn19E
jqXTklJiOELfJenCvfNEC3n5RmhqJPQJg5nvI8HgnT3jjvNeVpX6DlfvT86kJXDC
BTe1jNA1bIlBi07cY6mRYwU2qgU2YFHlL8mbvNCLeAqCo3lHH6NsZQBYqqWnm6Jl
1Kf7aUPyYpBvjSJ2BQ2h2Z1cukoBUxrc5yxZ0Kpy8dZ516VdYybEisR/1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVB1ttd0hcfaum+HTBn384gXRu3MB8GA1UdIwQY
MBaAFBCJoCUeMr88SA9alKu1+065BqWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUltZ0pSNHl2enhJRDFxVXE3WDdUcmtHcGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83ZGI3YTgtODI3Zi00Y2YwLWFiYzkt
YjhjNDZmOTU2NDBlLzEvbFVIVzIxM1NGeDlxNmI0ZE1HZmZ6aUJkRzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83ZGI3YTgtODI3Zi00Y2YwLWFiYzktYjhjNDZmOTU2NDBl
LzEvRUltZ0pSNHl2enhJRDFxVXE3WDdUcmtHcGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjeiMA0G
CSqGSIb3DQEBCwUAA4IBAQBAZ8qzMkOw2D1uLqXkS9jaOrIXg/D2bzoWKXtBvL4W
+yE5P3ATVaOtpdopoiaWqDmMkXPABRHdcpqPRfEQa7bYUIm4ofvvly8XPdhg2n44
eWZiB11IjA1cis0Ev2Un9k8T+zgsig1VuDDJsUkxo1Vb74O/ALsvupJQ19t47lqb
7U9/iWRW3wfBDmxgQdokTrxs1YZusQGk1oAhzz8lEFPtmSa+E2Lszjy4neYzP52p
joWtjaThv9sCyVzQfKtx7EHcq6f8vaOzByu2zaooQtAbbgNwBMnfJCmH3/G7jjoP
Te1VuMZqsgLAttlQxEkeumVpw1bnLVwTDIBrwfm7bwbb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:04 2025 by rpki-client