Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/c41sQZX3JAtL9KIslpB9CQMx3EY.roa
File: c41sQZX3JAtL9KIslpB9CQMx3EY.roa (raw, json)
Hash identifier: IN57aaukfGq+wGEWUNakHsCOvQlzP0tq26CfuyQXnak=
Subject key identifier: 73:8D:6C:41:95:F7:24:0B:4B:F4:A2:2C:96:90:7D:09:03:31:DC:46
Certificate issuer: /CN=b1940f000996ebfd2dab71c469cc51ee881b3f5e
Certificate serial: 018570B99168EBD1723EA9B876697B931996
Authority key identifier: B1:94:0F:00:09:96:EB:FD:2D:AB:71:C4:69:CC:51:EE:88:1B:3F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZQPAAmW6_0tq3HEacxR7ogbP14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/c41sQZX3JAtL9KIslpB9CQMx3EY.roa
Signing time: Mon 02 Jan 2023 04:24:47 +0000
ROA not before: Mon 02 Jan 2023 04:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 194.42.96.0/23 maxlen: 24
194.42.104.0/23 maxlen: 24
2a0f:340::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:91:68:eb:d1:72:3e:a9:b8:76:69:7b:93:19:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1940f000996ebfd2dab71c469cc51ee881b3f5e
Validity
Not Before: Jan 2 04:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=738d6c4195f7240b4bf4a22c96907d090331dc46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:99:40:b6:67:8a:84:65:74:a8:98:dd:fa:17:
54:61:8a:de:cc:58:f0:18:27:fb:3f:6d:bc:ca:0e:
b4:dd:d8:cd:54:fe:eb:66:62:cc:74:37:67:8b:bf:
17:39:75:84:0e:7b:f8:9a:f5:bc:49:11:fb:5b:65:
c2:e5:07:fa:97:0e:f8:d5:4a:10:2c:d5:1b:48:58:
d6:8e:e5:70:ba:cb:18:74:a1:ef:e5:b8:0d:71:7d:
c2:48:5b:61:58:f8:57:48:d5:01:0f:c1:3a:5f:f8:
13:7b:09:7a:0d:73:6e:db:0b:93:c7:a0:03:44:aa:
c0:18:33:13:6a:e8:e5:cb:87:26:e4:b8:19:fe:88:
86:81:ff:83:4c:f7:07:e5:c2:6e:a2:0e:79:21:ae:
8a:1d:99:1e:14:51:6e:8e:f9:cc:e9:34:a0:d0:81:
7b:3b:0d:d3:b1:cb:b2:24:e2:9c:e7:43:c9:32:d3:
ff:e3:69:ab:b6:ee:3f:6f:6b:9a:46:42:80:01:f6:
d8:77:a4:bf:71:34:ef:0b:a0:0e:39:20:a0:1c:4d:
c1:c4:2e:d3:81:38:59:96:16:15:5a:b8:6f:5d:42:
60:6a:74:90:de:a5:aa:c9:bc:03:18:92:ca:e3:03:
68:a4:25:b7:a8:a8:ac:b8:28:a3:5c:f4:d9:a8:64:
ba:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8D:6C:41:95:F7:24:0B:4B:F4:A2:2C:96:90:7D:09:03:31:DC:46
X509v3 Authority Key Identifier:
keyid:B1:94:0F:00:09:96:EB:FD:2D:AB:71:C4:69:CC:51:EE:88:1B:3F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZQPAAmW6_0tq3HEacxR7ogbP14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/c41sQZX3JAtL9KIslpB9CQMx3EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/sZQPAAmW6_0tq3HEacxR7ogbP14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.96.0/23
194.42.104.0/23
IPv6:
2a0f:340::/29
Signature Algorithm: sha256WithRSAEncryption
67:38:53:6f:a0:5a:c0:78:12:52:a1:e0:19:3a:c1:07:1a:3b:
b9:14:30:ef:fe:95:36:1f:a8:d3:85:ff:e3:6d:2d:3f:34:99:
3e:41:46:a7:96:9a:6a:17:dc:cd:16:fc:f2:e1:b1:ee:7f:b8:
20:6a:52:9e:c6:20:77:f4:7d:63:58:12:c0:cd:7a:b4:d4:0e:
5f:5e:82:35:19:07:ad:e8:2e:4b:d7:06:ea:4a:e9:a5:3b:55:
04:da:c3:6c:74:4a:6a:c5:04:ba:d9:d8:d2:d2:f1:c6:8f:6f:
4f:45:6c:06:90:b7:cd:30:b0:8e:d7:20:e2:b7:3f:dc:0f:d9:
b2:97:01:9d:62:6f:69:a0:f0:50:50:cc:60:06:36:bb:bb:4d:
50:18:b6:ed:fd:b0:59:d8:9f:74:8d:60:a7:64:c8:e7:f6:39:
1b:93:b8:71:0b:73:8b:08:72:db:1b:de:e4:fd:7b:78:bb:76:
b8:ad:04:e4:99:f4:e7:89:13:1a:1f:aa:1c:2e:8c:cd:99:e4:
fe:e8:3a:b3:8f:a1:c2:f8:b9:d6:f4:bb:5f:5b:1a:07:b8:0a:
d9:af:63:37:7f:8a:50:2a:57:1c:e8:8c:ea:a4:a7:21:bc:1f:
3e:20:85:56:f1:b0:6d:7c:48:a9:a4:55:98:44:0e:75:ee:7c:
ad:bb:59:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwuZFo69FyPqm4dml7kxmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTQwZjAwMDk5NmViZmQyZGFiNzFjNDY5Y2M1MWVlODgx
YjNmNWUwHhcNMjMwMTAyMDQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzhkNmM0MTk1ZjcyNDBiNGJmNGEyMmM5NjkwN2QwOTAzMzFkYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJlAtmeKhGV0qJjd+hdUYYrezFjw
GCf7P228yg603djNVP7rZmLMdDdni78XOXWEDnv4mvW8SRH7W2XC5Qf6lw741UoQ
LNUbSFjWjuVwussYdKHv5bgNcX3CSFthWPhXSNUBD8E6X/gTewl6DXNu2wuTx6AD
RKrAGDMTaujly4cm5LgZ/oiGgf+DTPcH5cJuog55Ia6KHZkeFFFujvnM6TSg0IF7
Ow3TscuyJOKc50PJMtP/42mrtu4/b2uaRkKAAfbYd6S/cTTvC6AOOSCgHE3BxC7T
gThZlhYVWrhvXUJganSQ3qWqybwDGJLK4wNopCW3qKisuCijXPTZqGS6JwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHONbEGV9yQLS/SiLJaQfQkDMdxGMB8GA1UdIwQY
MBaAFLGUDwAJluv9LatxxGnMUe6IGz9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pRUEFBbVc2XzB0cTNIRWFjeFI3b2diUDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xYzEzZDktODFkNS00Y2RiLWEyZTEt
YTVhYmIyMGQyNDYyLzEvYzQxc1FaWDNKQXRMOUtJc2xwQjlDUU14M0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xYzEzZDktODFkNS00Y2RiLWEyZTEtYTVhYmIyMGQyNDYy
LzEvc1pRUEFBbVc2XzB0cTNIRWFjeFI3b2diUDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwipgAwQB
wipoMA0EAgACMAcDBQMqDwNAMA0GCSqGSIb3DQEBCwUAA4IBAQBnOFNvoFrAeBJS
oeAZOsEHGju5FDDv/pU2H6jThf/jbS0/NJk+QUanlppqF9zNFvzy4bHuf7ggalKe
xiB39H1jWBLAzXq01A5fXoI1GQet6C5L1wbqSumlO1UE2sNsdEpqxQS62djS0vHG
j29PRWwGkLfNMLCO1yDitz/cD9mylwGdYm9poPBQUMxgBja7u01QGLbt/bBZ2J90
jWCnZMjn9jkbk7hxC3OLCHLbG97k/Xt4u3a4rQTkmfTniRMaH6ocLozNmeT+6Dqz
j6HC+LnW9LtfWxoHuArZr2M3f4pQKlcc6IzqpKchvB8+IIVW8bBtfEippFWYRA51
7nytu1mP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:48 2025 by rpki-client