Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/eyyeasfkTqIDTSTafTZjDJEwRSw.roa
File: eyyeasfkTqIDTSTafTZjDJEwRSw.roa (raw, json)
Hash identifier: Ps0XZgoIFgFl0J/FfXcET4Q7CYedziAAAhetO/desR4=
Subject key identifier: 7B:2C:9E:6A:C7:E4:4E:A2:03:4D:24:DA:7D:36:63:0C:91:30:45:2C
Certificate issuer: /CN=0de2720c57db027610c821c84047b110bc36ddc3
Certificate serial: 018572311157C4BF6C5945709A9AFCDB9AD9
Authority key identifier: 0D:E2:72:0C:57:DB:02:76:10:C8:21:C8:40:47:B1:10:BC:36:DD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/eyyeasfkTqIDTSTafTZjDJEwRSw.roa
Signing time: Mon 02 Jan 2023 11:14:56 +0000
ROA not before: Mon 02 Jan 2023 11:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207815
IP address blocks: 194.11.83.0/24 maxlen: 24
194.11.16.0/24 maxlen: 24
194.11.19.0/24 maxlen: 24
194.11.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:11:57:c4:bf:6c:59:45:70:9a:9a:fc:db:9a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0de2720c57db027610c821c84047b110bc36ddc3
Validity
Not Before: Jan 2 11:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b2c9e6ac7e44ea2034d24da7d36630c9130452c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3e:16:dc:a7:36:4c:dc:c3:54:dd:65:75:e2:
7b:fa:fb:6d:36:ee:61:e8:a3:c8:80:82:0f:91:9a:
c1:5d:31:e8:17:36:95:1f:c4:6a:3f:e8:52:d5:3f:
81:c5:bf:b6:ce:9f:00:57:54:51:83:88:0d:d6:05:
81:99:25:ec:a8:de:f9:3a:31:4d:51:ef:8b:42:ce:
bc:76:92:7c:5b:ac:b2:b0:5d:a5:89:32:f1:05:c3:
29:74:23:a6:8d:26:28:f0:aa:e3:22:19:77:bb:33:
8f:cd:c1:f4:be:4a:ef:d1:29:05:68:67:f4:a2:f4:
54:94:6a:77:55:68:b3:74:26:0e:70:55:4f:d6:cc:
0d:bc:58:79:76:a3:00:1b:45:88:6a:60:1c:f0:11:
bc:3d:8b:d1:db:5d:95:aa:94:cb:6c:10:cb:09:0d:
47:7f:54:db:dd:d4:28:cc:0b:13:ac:ac:ff:c3:e9:
ac:10:01:f4:28:cd:65:31:ed:bf:43:8b:46:84:95:
19:96:42:60:cf:e4:b0:9f:63:b8:c6:3b:bf:e8:1a:
10:32:e3:d5:e8:8d:42:90:10:fe:ad:51:56:4d:ad:
5a:1f:ea:b3:20:6d:a5:e8:ca:e1:a6:74:83:10:1f:
c0:78:f8:08:ee:7b:12:19:5e:78:1a:51:6f:aa:c7:
8c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2C:9E:6A:C7:E4:4E:A2:03:4D:24:DA:7D:36:63:0C:91:30:45:2C
X509v3 Authority Key Identifier:
keyid:0D:E2:72:0C:57:DB:02:76:10:C8:21:C8:40:47:B1:10:BC:36:DD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/eyyeasfkTqIDTSTafTZjDJEwRSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/DeJyDFfbAnYQyCHIQEexELw23cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.16.0/24
194.11.19.0/24
194.11.25.0/24
194.11.83.0/24
Signature Algorithm: sha256WithRSAEncryption
30:50:28:2f:1c:71:8b:40:16:af:20:51:1e:2d:a1:7d:66:2d:
4c:c8:f5:f9:9b:5f:5f:49:08:dd:2d:4f:06:f9:60:b6:55:94:
56:24:e5:ff:38:64:83:a1:0f:0a:a7:6f:ef:17:0a:0b:70:55:
07:39:cb:1f:97:65:71:42:3e:88:43:ba:f2:25:01:f8:32:7a:
5b:01:24:b6:67:78:d3:de:f0:fd:1a:ac:d6:47:56:13:b8:c8:
54:b0:7a:0a:4c:a9:ad:9e:a4:4c:dd:06:dc:a1:ff:3b:e6:88:
27:25:d5:67:db:f6:6d:69:24:2b:bb:73:b2:cd:fd:b5:ac:67:
44:21:73:f8:86:ea:7d:11:2f:eb:c6:f1:7b:a2:da:ee:54:52:
99:39:4b:33:3b:90:49:c1:b5:d4:25:f6:55:b3:59:a8:47:39:
e8:01:d1:f7:97:4a:a6:14:a0:9f:30:9c:4a:0a:d8:c9:28:04:
b7:ab:25:14:90:9e:29:ca:b3:c2:b3:e3:29:f6:45:5a:53:e0:
c3:fd:5f:44:9e:9d:63:0d:e9:cf:3d:77:a4:5d:c7:1f:bc:d0:
b7:57:c6:f4:4c:31:a1:26:f2:f6:71:fb:e2:dd:33:d9:f9:c6:
1f:ee:05:d2:7c:8b:68:99:dd:88:6d:dd:51:33:07:f7:84:c7:
b7:24:66:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyMRFXxL9sWUVwmpr825rZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZTI3MjBjNTdkYjAyNzYxMGM4MjFjODQwNDdiMTEwYmMz
NmRkYzMwHhcNMjMwMTAyMTExNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJjOWU2YWM3ZTQ0ZWEyMDM0ZDI0ZGE3ZDM2NjMwYzkxMzA0NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz4W3Kc2TNzDVN1ldeJ7+vttNu5h
6KPIgIIPkZrBXTHoFzaVH8RqP+hS1T+Bxb+2zp8AV1RRg4gN1gWBmSXsqN75OjFN
Ue+LQs68dpJ8W6yysF2liTLxBcMpdCOmjSYo8KrjIhl3uzOPzcH0vkrv0SkFaGf0
ovRUlGp3VWizdCYOcFVP1swNvFh5dqMAG0WIamAc8BG8PYvR212VqpTLbBDLCQ1H
f1Tb3dQozAsTrKz/w+msEAH0KM1lMe2/Q4tGhJUZlkJgz+Swn2O4xju/6BoQMuPV
6I1CkBD+rVFWTa1aH+qzIG2l6MrhpnSDEB/AePgI7nsSGV54GlFvqseMNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHssnmrH5E6iA00k2n02YwyRMEUsMB8GA1UdIwQY
MBaAFA3icgxX2wJ2EMghyEBHsRC8Nt3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGVKeURGZmJBbllReUNISVFFZXhFTHcyM2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jNWE1MzAtMTMwYi00YTYyLTk4MjAt
NjMxMGJmNjMwNTFmLzEvZXl5ZWFzZmtUcUlEVFNUYWZUWmpESkV3UlN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jNWE1MzAtMTMwYi00YTYyLTk4MjAtNjMxMGJmNjMwNTFm
LzEvRGVKeURGZmJBbllReUNISVFFZXhFTHcyM2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwgsQAwQA
wgsTAwQAwgsZAwQAwgtTMA0GCSqGSIb3DQEBCwUAA4IBAQAwUCgvHHGLQBavIFEe
LaF9Zi1MyPX5m19fSQjdLU8G+WC2VZRWJOX/OGSDoQ8Kp2/vFwoLcFUHOcsfl2Vx
Qj6IQ7ryJQH4MnpbASS2Z3jT3vD9GqzWR1YTuMhUsHoKTKmtnqRM3Qbcof875ogn
JdVn2/ZtaSQru3Oyzf21rGdEIXP4hup9ES/rxvF7otruVFKZOUszO5BJwbXUJfZV
s1moRznoAdH3l0qmFKCfMJxKCtjJKAS3qyUUkJ4pyrPCs+Mp9kVaU+DD/V9Enp1j
DenPPXekXccfvNC3V8b0TDGhJvL2cfvi3TPZ+cYf7gXSfItomd2Ibd1RMwf3hMe3
JGYP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:42 2025 by rpki-client