Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/Rs0DjiKyAqrgTABu8LpmdPzlgtg.roa
File: Rs0DjiKyAqrgTABu8LpmdPzlgtg.roa (raw, json)
Hash identifier: C5tVT/bmPSLyy8BCknUkSCPsuEQsLw2OAHnqgSfXSBk=
Subject key identifier: 46:CD:03:8E:22:B2:02:AA:E0:4C:00:6E:F0:BA:66:74:FC:E5:82:D8
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0185720C5B1A10C8D9D3D72EC1D65FCB6BE6
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/Rs0DjiKyAqrgTABu8LpmdPzlgtg.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 84.254.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5b:1a:10:c8:d9:d3:d7:2e:c1:d6:5f:cb:6b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46cd038e22b202aae04c006ef0ba6674fce582d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d0:c3:33:cc:32:f5:df:de:66:2e:1a:8b:5c:
d6:7b:b6:a2:ab:da:66:7f:f6:a0:1c:46:24:2d:0a:
de:9e:33:1d:da:14:b4:50:e1:72:d0:55:72:0f:a2:
4f:9b:93:6e:f7:4f:b4:f9:e6:cf:e9:d5:91:96:42:
95:a8:82:a3:cd:cf:a1:ea:e8:43:98:2d:cc:8d:09:
c5:de:c9:f7:a7:c3:e4:30:8b:92:d9:ac:75:c5:cb:
17:7c:09:cd:ee:3f:2d:de:cb:55:ef:18:9c:48:bb:
af:f0:cc:9f:a5:84:3b:19:bc:33:77:13:7e:48:83:
ef:0f:14:74:c4:0f:52:43:fa:e3:94:cb:df:43:e2:
c3:56:6c:06:75:9a:2c:e3:71:62:d5:b5:65:f3:05:
41:0a:43:a1:75:75:09:5b:d7:c0:03:b5:8a:25:f7:
9a:94:a3:2e:54:8d:bf:df:a0:70:de:58:b9:43:af:
f0:50:c2:b2:82:8a:30:8f:43:c8:70:e0:da:15:c2:
d4:2a:bd:e6:3c:c5:ac:e1:8a:bf:7c:7f:31:da:31:
c2:8f:94:cd:3a:4f:ad:48:cb:e4:e7:88:26:49:c7:
4e:9b:16:d0:b9:dc:5c:1d:d2:44:3b:04:4a:ea:b1:
ed:11:d1:00:7d:ad:93:f3:29:bd:98:7e:ff:83:54:
2a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CD:03:8E:22:B2:02:AA:E0:4C:00:6E:F0:BA:66:74:FC:E5:82:D8
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/Rs0DjiKyAqrgTABu8LpmdPzlgtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.134.0/24
Signature Algorithm: sha256WithRSAEncryption
88:41:55:45:7f:1c:9c:f8:fb:4f:cb:ef:20:d1:ee:86:aa:86:
3f:f7:99:ff:11:ee:96:89:b7:72:19:b5:bf:76:24:28:3f:41:
d2:57:72:9d:c3:3e:bb:8b:d7:6d:d4:3f:fb:9c:d0:7d:dc:96:
36:c7:83:bd:26:7b:67:f2:10:e8:7b:e4:fd:38:c4:f1:d8:9c:
f5:14:93:4d:bb:cc:5d:f2:e8:b1:05:4f:8a:81:74:0f:e5:2f:
d2:29:25:95:5b:07:e0:f6:c4:d6:ec:c3:1b:8f:a0:18:d3:15:
f9:c9:b7:d5:8e:b1:d6:41:a2:20:0a:18:bc:8f:99:af:19:7f:
8e:36:3f:f8:1b:be:23:49:7f:9a:09:ac:65:48:bb:20:51:64:
95:0d:23:10:0d:ba:6c:45:f7:ac:80:71:ea:c9:d6:03:38:50:
61:2e:fa:c5:64:0b:f7:da:cd:2b:84:43:36:f4:80:16:72:2f:
4b:56:88:2c:dc:11:f6:42:fa:8d:5d:62:4b:f3:f5:d8:9d:75:
3c:50:6f:75:83:4f:bb:88:25:f8:fb:71:c4:a1:b5:9a:42:bd:
75:31:4d:e8:c1:da:9d:de:c2:93:4a:31:c8:7a:21:02:6d:7a:
f6:e4:91:47:d8:78:0e:3d:a1:76:57:c7:52:8d:0c:f3:4d:5c:
25:9f:91:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDFsaEMjZ09cuwdZfy2vmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmNkMDM4ZTIyYjIwMmFhZTA0YzAwNmVmMGJhNjY3NGZjZTU4MmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtDDM8wy9d/eZi4ai1zWe7aiq9pm
f/agHEYkLQrenjMd2hS0UOFy0FVyD6JPm5Nu90+0+ebP6dWRlkKVqIKjzc+h6uhD
mC3MjQnF3sn3p8PkMIuS2ax1xcsXfAnN7j8t3stV7xicSLuv8MyfpYQ7GbwzdxN+
SIPvDxR0xA9SQ/rjlMvfQ+LDVmwGdZos43Fi1bVl8wVBCkOhdXUJW9fAA7WKJfea
lKMuVI2/36Bw3li5Q6/wUMKygoowj0PIcODaFcLUKr3mPMWs4Yq/fH8x2jHCj5TN
Ok+tSMvk54gmScdOmxbQudxcHdJEOwRK6rHtEdEAfa2T8ym9mH7/g1QqIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbNA44isgKq4EwAbvC6ZnT85YLYMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvUnMwRGppS3lBcXJnVEFCdThMcG1kUHpsZ3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVP6GMA0G
CSqGSIb3DQEBCwUAA4IBAQCIQVVFfxyc+PtPy+8g0e6GqoY/95n/Ee6WibdyGbW/
diQoP0HSV3Kdwz67i9dt1D/7nNB93JY2x4O9Jntn8hDoe+T9OMTx2Jz1FJNNu8xd
8uixBU+KgXQP5S/SKSWVWwfg9sTW7MMbj6AY0xX5ybfVjrHWQaIgChi8j5mvGX+O
Nj/4G74jSX+aCaxlSLsgUWSVDSMQDbpsRfesgHHqydYDOFBhLvrFZAv32s0rhEM2
9IAWci9LVogs3BH2QvqNXWJL8/XYnXU8UG91g0+7iCX4+3HEobWaQr11MU3owdqd
3sKTSjHIeiECbXr25JFH2HgOPaF2V8dSjQzzTVwln5Gg
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:54:14 2025 by rpki-client