Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/p1zFCVAhOuXLq20WZweAHSBxu-o.roa
File: p1zFCVAhOuXLq20WZweAHSBxu-o.roa (raw, json)
Hash identifier: xE4HWMqvTRG2BByksQWrWB3wLbtu1efYPXiG7gv2qgk=
Subject key identifier: A7:5C:C5:09:50:21:3A:E5:CB:AB:6D:16:67:07:80:1D:20:71:BB:EA
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F70125DD4EA516D046CE9D4F3C83
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/p1zFCVAhOuXLq20WZweAHSBxu-o.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50866
IP address blocks: 82.119.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f7:01:25:dd:4e:a5:16:d0:46:ce:9d:4f:3c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a75cc50950213ae5cbab6d166707801d2071bbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f2:f7:2c:cf:52:4e:a6:65:dd:90:71:c9:c7:
9d:d1:50:34:a1:89:20:39:6e:c2:de:91:da:96:28:
fe:7a:b5:a4:ae:89:dd:fb:45:e7:cf:fb:9f:c3:db:
8f:6b:54:00:c2:8f:ee:e6:02:76:0b:d0:b5:19:5b:
1f:04:45:a0:e9:45:6f:df:a7:62:3c:f1:86:44:e6:
96:91:60:69:2a:3c:88:1c:04:0f:eb:a7:bb:ac:9b:
82:93:f3:45:51:4e:8a:0f:79:00:44:c8:c7:4e:2a:
8f:e3:0d:40:ed:18:e4:c1:9a:a2:7c:ba:e5:0f:5c:
59:5e:40:d4:3e:4b:7c:8f:27:3d:c4:1c:7e:9d:de:
fd:f8:50:a9:80:94:6a:db:67:89:ea:88:63:58:75:
8d:ed:0f:8c:87:86:6f:c2:2f:4f:eb:e4:64:03:02:
cd:25:9c:72:0b:84:73:41:59:4d:61:8f:04:2d:92:
03:a3:93:bc:74:70:41:37:e4:91:86:71:12:54:be:
42:a4:b8:2c:84:de:4a:f0:d0:e9:61:ef:12:81:1f:
9a:05:71:5d:73:75:42:a8:2b:68:23:1a:8d:d5:c3:
f3:3b:8b:5e:f8:5f:01:c2:55:f5:2d:d8:00:01:f0:
ca:a9:1e:e3:b4:51:93:fc:33:0c:06:28:29:aa:cd:
09:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5C:C5:09:50:21:3A:E5:CB:AB:6D:16:67:07:80:1D:20:71:BB:EA
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/p1zFCVAhOuXLq20WZweAHSBxu-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:48:27:3c:4d:5a:63:43:0a:ff:ef:c8:73:3e:ad:ea:be:a2:
5a:d3:fd:31:43:6f:83:b9:8c:63:59:0e:98:9e:a0:82:3a:be:
14:6d:87:bf:e2:a1:a5:8d:4c:92:7b:dd:5a:0a:f9:84:1c:24:
be:37:85:2f:82:ec:15:29:8d:14:31:1c:22:55:3d:de:1c:3f:
d9:da:32:33:28:ed:17:53:d5:e9:d2:69:19:a7:d3:97:e6:3f:
db:05:84:9f:50:d8:f4:90:6f:00:40:c2:0b:27:a2:ec:26:5e:
e5:fd:ce:96:40:e8:9d:dd:6e:f8:e0:7c:d1:ff:46:4b:75:ed:
12:9f:ab:85:91:d8:58:a5:0c:29:b2:c6:5d:09:59:5e:24:09:
f7:b5:aa:4a:df:08:93:25:45:80:2d:10:df:ad:9d:e8:f3:71:
76:b7:e7:b0:a1:ba:9e:d9:40:a2:e6:9e:a9:0f:39:8b:54:85:
86:30:29:99:e1:8c:5c:54:ad:5d:ea:33:10:e6:ab:55:1a:d8:
76:8d:b6:66:44:48:d7:f8:4b:ce:b8:d0:05:dc:fb:63:55:6b:
3c:e4:65:02:4d:7b:e8:40:34:c9:f9:1b:87:72:0c:92:49:0e:
e8:6e:1d:f3:fb:cc:4e:97:68:09:d1:f8:a1:95:66:8c:ae:54:
e1:89:a6:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfcBJd1OpRbQRs6dTzyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVjYzUwOTUwMjEzYWU1Y2JhYjZkMTY2NzA3ODAxZDIwNzFiYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPL3LM9STqZl3ZBxyced0VA0oYkg
OW7C3pHalij+erWkrond+0Xnz/ufw9uPa1QAwo/u5gJ2C9C1GVsfBEWg6UVv36di
PPGGROaWkWBpKjyIHAQP66e7rJuCk/NFUU6KD3kARMjHTiqP4w1A7RjkwZqifLrl
D1xZXkDUPkt8jyc9xBx+nd79+FCpgJRq22eJ6ohjWHWN7Q+Mh4Zvwi9P6+RkAwLN
JZxyC4RzQVlNYY8ELZIDo5O8dHBBN+SRhnESVL5CpLgshN5K8NDpYe8SgR+aBXFd
c3VCqCtoIxqN1cPzO4te+F8BwlX1LdgAAfDKqR7jtFGT/DMMBigpqs0JrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdcxQlQITrly6ttFmcHgB0gcbvqMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvcDF6RkNWQWhPdVhMcTIwV1p3ZUFIU0J4dS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUndIMA0G
CSqGSIb3DQEBCwUAA4IBAQClSCc8TVpjQwr/78hzPq3qvqJa0/0xQ2+DuYxjWQ6Y
nqCCOr4UbYe/4qGljUySe91aCvmEHCS+N4UvguwVKY0UMRwiVT3eHD/Z2jIzKO0X
U9Xp0mkZp9OX5j/bBYSfUNj0kG8AQMILJ6LsJl7l/c6WQOid3W744HzR/0ZLde0S
n6uFkdhYpQwpssZdCVleJAn3tapK3wiTJUWALRDfrZ3o83F2t+ewobqe2UCi5p6p
DzmLVIWGMCmZ4YxcVK1d6jMQ5qtVGth2jbZmREjX+EvOuNAF3PtjVWs85GUCTXvo
QDTJ+RuHcgySSQ7obh3z+8xOl2gJ0fihlWaMrlThiaZ8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:15 2025 by rpki-client