Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/PWltJxZyqUx8nOMajYu3Dv1T6go.roa
File: PWltJxZyqUx8nOMajYu3Dv1T6go.roa (raw, json)
Hash identifier: ylsoCKFfEOM9Yq2lshqtBljRVCP1EpLRHh2NgqwgIjI=
Subject key identifier: 3D:69:6D:27:16:72:A9:4C:7C:9C:E3:1A:8D:8B:B7:0E:FD:53:EA:0A
Certificate issuer: /CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Certificate serial: 018BED00E8FCB753F742DADBBA9DBB37F569
Authority key identifier: 0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/PWltJxZyqUx8nOMajYu3Dv1T6go.roa
Signing time: Mon 20 Nov 2023 13:52:21 +0000
ROA not before: Mon 20 Nov 2023 13:52:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35128
IP address blocks: 194.152.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:00:e8:fc:b7:53:f7:42:da:db:ba:9d:bb:37:f5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Validity
Not Before: Nov 20 13:52:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d696d271672a94c7c9ce31a8d8bb70efd53ea0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4e:02:9f:f4:26:d7:11:f5:8e:02:86:c2:b1:
9c:b8:b6:73:5a:ff:44:4f:7e:a4:fa:41:8a:8b:72:
b5:e3:8a:4a:90:56:c6:90:d8:65:cf:54:65:1a:97:
42:01:95:e8:88:1e:46:d6:bc:af:fb:30:79:d2:ef:
bd:f6:29:29:3f:c0:0d:8e:52:53:77:a0:d0:e7:a8:
50:20:fc:a7:15:b3:1d:6a:34:b9:7d:e6:2b:1a:f4:
d8:fb:47:13:05:d2:30:3a:94:54:b2:d4:16:9e:55:
3a:0b:56:2c:e4:09:25:e5:db:94:36:c1:0b:8e:54:
f5:33:8e:0d:ae:e9:5f:a5:34:16:cd:bb:d8:25:b1:
e2:f0:87:2e:b2:b9:7a:71:a0:ce:e5:23:91:df:51:
51:c5:22:10:e9:57:1f:f7:10:2b:d2:43:50:b9:2d:
12:80:35:af:d3:b3:2f:d3:c4:a5:90:11:51:5f:3e:
c7:34:79:02:a6:e4:54:06:de:93:c5:96:e6:4b:02:
6d:16:fe:6f:b8:ab:68:d1:33:9d:20:04:30:ae:f1:
77:95:7e:cc:ed:4d:26:c3:85:56:bb:95:7c:39:95:
9a:5a:37:7b:a7:51:95:11:b9:13:b1:ae:e9:31:05:
93:c4:03:b5:5c:23:ca:77:7d:31:81:c6:a3:88:95:
cb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:69:6D:27:16:72:A9:4C:7C:9C:E3:1A:8D:8B:B7:0E:FD:53:EA:0A
X509v3 Authority Key Identifier:
keyid:0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/PWltJxZyqUx8nOMajYu3Dv1T6go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.152.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:05:c0:2c:a9:98:2d:37:36:23:a3:72:d4:d2:d6:83:6f:86:
66:a4:2a:ac:e4:23:2e:67:9f:d1:69:a1:b1:7c:6f:ed:f1:1d:
0c:1a:aa:e2:7a:c3:6d:b4:10:21:43:17:17:73:e2:6a:7c:f6:
89:97:81:80:e4:ed:2d:c2:03:4d:db:8c:a1:dd:fe:d3:a8:95:
b6:5f:42:01:70:99:68:e5:eb:0a:c7:ea:90:d0:f4:a5:7a:d1:
c6:d2:76:3c:c5:b5:38:de:97:ef:fb:ad:39:71:44:8e:42:f6:
36:f5:71:5a:df:27:74:b9:dd:a9:73:67:09:7a:c2:b0:38:33:
13:96:13:47:56:d9:3f:56:2d:48:17:87:53:61:e5:47:e8:0c:
56:04:1b:d6:07:e9:c8:67:65:32:6e:60:00:96:c0:96:ad:7b:
d6:d7:22:3f:c2:d3:0f:cb:34:30:8b:34:f3:dc:4d:04:56:8f:
fd:2f:b8:5c:b2:09:d3:bb:4b:51:20:72:fc:f3:0f:84:b2:79:
6d:c7:88:7b:c5:94:f8:6a:73:ee:54:e0:4d:85:af:ab:c8:29:
ee:45:75:65:d6:84:3f:eb:12:3f:44:1c:46:ed:0c:c1:fe:70:
e6:70:b1:6c:09:63:8b:cb:43:fc:71:e7:46:1c:e3:fb:80:4b:
79:0d:51:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvtAOj8t1P3Qtrbup27N/VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGY0ODcyYWQxYzFmNGZjYjIxM2I2YjJlZGIzODhhMmQ5
YzlhMjMwHhcNMjMxMTIwMTM1MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY5NmQyNzE2NzJhOTRjN2M5Y2UzMWE4ZDhiYjcwZWZkNTNlYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi04Cn/Qm1xH1jgKGwrGcuLZzWv9E
T36k+kGKi3K144pKkFbGkNhlz1RlGpdCAZXoiB5G1ryv+zB50u+99ikpP8ANjlJT
d6DQ56hQIPynFbMdajS5feYrGvTY+0cTBdIwOpRUstQWnlU6C1Ys5Akl5duUNsEL
jlT1M44NrulfpTQWzbvYJbHi8Icusrl6caDO5SOR31FRxSIQ6Vcf9xAr0kNQuS0S
gDWv07Mv08SlkBFRXz7HNHkCpuRUBt6TxZbmSwJtFv5vuKto0TOdIAQwrvF3lX7M
7U0mw4VWu5V8OZWaWjd7p1GVEbkTsa7pMQWTxAO1XCPKd30xgcajiJXLUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1pbScWcqlMfJzjGo2Ltw79U+oKMB8GA1UdIwQY
MBaAFA4PSHKtHB9PyyE7ay7bOIotnJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQt
YzAxZjgwYTFjODA1LzEvUFdsdEp4WnlxVXg4bk9NYWpZdTNEdjFUNmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQtYzAxZjgwYTFjODA1
LzEvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpj2MA0G
CSqGSIb3DQEBCwUAA4IBAQAKBcAsqZgtNzYjo3LU0taDb4ZmpCqs5CMuZ5/RaaGx
fG/t8R0MGqriesNttBAhQxcXc+JqfPaJl4GA5O0twgNN24yh3f7TqJW2X0IBcJlo
5esKx+qQ0PSletHG0nY8xbU43pfv+605cUSOQvY29XFa3yd0ud2pc2cJesKwODMT
lhNHVtk/Vi1IF4dTYeVH6AxWBBvWB+nIZ2UybmAAlsCWrXvW1yI/wtMPyzQwizTz
3E0EVo/9L7hcsgnTu0tRIHL88w+Esnltx4h7xZT4anPuVOBNha+ryCnuRXVl1oQ/
6xI/RBxG7QzB/nDmcLFsCWOLy0P8cedGHOP7gEt5DVEP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:33 2025 by rpki-client