Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1d_Q3tQNvMKWSXBB1bpFL-Tlj9g.roa
File: 1d_Q3tQNvMKWSXBB1bpFL-Tlj9g.roa (raw, json)
Hash identifier: PcsneAvkaaVQ3qX2KJoaSE0jc/3mqsI1pkQEw1LvePA=
Subject key identifier: D5:DF:D0:DE:D4:0D:BC:C2:96:49:70:41:D5:BA:45:2F:E4:E5:8F:D8
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAEA5905F89D4A62B8BA41E740BA6F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1d_Q3tQNvMKWSXBB1bpFL-Tlj9g.roa
Signing time: Sun 01 Jan 2023 10:05:15 +0000
ROA not before: Sun 01 Jan 2023 10:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43065
IP address blocks: 192.71.21.0/24 maxlen: 24
193.183.196.0/22 maxlen: 22
194.14.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ea:59:05:f8:9d:4a:62:b8:ba:41:e7:40:ba:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5dfd0ded40dbcc296497041d5ba452fe4e58fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:17:b4:09:b1:f6:14:25:90:15:b6:c0:d0:53:
76:27:eb:10:4f:21:f5:b8:94:ca:7b:df:fb:3b:49:
5c:2d:8e:60:67:f4:df:bf:0f:cc:d1:66:f8:43:50:
4c:e7:a9:af:d8:96:89:0a:79:48:42:aa:a8:85:39:
51:0a:b5:47:ee:6d:6f:c9:c2:8b:36:47:81:08:5e:
77:41:88:7b:18:c0:42:5d:cf:7b:38:ce:59:be:32:
25:38:31:a6:55:35:27:77:db:94:76:48:3f:49:8f:
a6:f4:c1:9e:d6:cd:5a:df:3f:14:7c:7f:e9:4a:b6:
85:04:15:7e:53:85:f3:7c:08:c3:d1:2a:f5:3d:af:
d3:d1:77:dc:2c:90:5d:85:f5:6b:d9:6c:8d:49:07:
a1:e8:4d:11:2e:f8:92:61:82:39:63:de:d1:54:46:
34:e1:1f:6d:4c:a1:85:c1:a4:2f:f4:dd:23:90:9e:
ed:db:3e:e9:8c:6b:08:30:2a:47:ff:e0:aa:19:67:
68:08:dd:39:59:ac:97:e4:af:ba:0e:ad:b3:12:04:
3d:2c:b7:84:df:59:1f:a2:96:2a:90:de:cd:9d:de:
87:72:ab:38:b5:8a:e9:15:d1:20:8d:33:1d:09:5f:
76:1b:c9:5b:1a:26:31:35:b3:37:99:a3:a7:b6:4b:
56:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DF:D0:DE:D4:0D:BC:C2:96:49:70:41:D5:BA:45:2F:E4:E5:8F:D8
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1d_Q3tQNvMKWSXBB1bpFL-Tlj9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.21.0/24
193.183.196.0/22
194.14.132.0/24
Signature Algorithm: sha256WithRSAEncryption
39:7b:39:36:69:c4:37:a2:5e:75:24:b7:01:68:c9:ea:9d:29:
2f:ec:9b:94:ce:52:2c:e4:f6:cd:5c:61:b1:7a:e7:8d:09:03:
4f:73:d0:41:a9:69:f1:b9:1d:a6:87:9d:42:ab:08:2f:fd:c2:
ce:07:eb:d7:38:87:16:04:a3:74:2d:17:e2:0f:16:f3:00:33:
7b:d8:54:d3:cf:42:10:6a:77:8d:61:0b:6f:93:ff:b2:d9:40:
ce:2d:51:18:9f:cc:c3:c0:fc:09:7e:a1:74:e5:e3:2b:97:73:
10:95:81:e9:6e:ba:d8:7e:3b:88:ba:8a:94:96:c0:32:b6:f4:
4d:59:42:01:f5:c6:e2:2f:76:56:61:8c:a4:bc:de:b0:53:13:
1b:6b:f3:5b:bb:0f:d6:14:4c:74:14:c5:0d:5b:e4:bc:76:0d:
d3:a3:44:a0:e9:f3:42:26:f8:45:06:37:5b:9e:7f:03:0e:47:
a2:ce:ba:b8:4a:91:45:c3:fe:96:da:a4:ce:c7:21:d8:c3:cf:
9b:cf:6b:e8:41:95:16:36:cc:b9:38:88:86:dc:e6:cb:14:3b:
33:68:a2:fe:c9:6f:14:1a:db:bf:1b:e4:d9:a3:29:91:b1:b2:
d4:33:93:af:4a:c4:e8:71:2f:85:f6:c8:04:d2:e7:4c:d0:4d:
4d:65:b5:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsyupZBfidSmK4ukHnQLpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRmZDBkZWQ0MGRiY2MyOTY0OTcwNDFkNWJhNDUyZmU0ZTU4ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRe0CbH2FCWQFbbA0FN2J+sQTyH1
uJTKe9/7O0lcLY5gZ/Tfvw/M0Wb4Q1BM56mv2JaJCnlIQqqohTlRCrVH7m1vycKL
NkeBCF53QYh7GMBCXc97OM5ZvjIlODGmVTUnd9uUdkg/SY+m9MGe1s1a3z8UfH/p
SraFBBV+U4XzfAjD0Sr1Pa/T0XfcLJBdhfVr2WyNSQeh6E0RLviSYYI5Y97RVEY0
4R9tTKGFwaQv9N0jkJ7t2z7pjGsIMCpH/+CqGWdoCN05WayX5K+6Dq2zEgQ9LLeE
31kfopYqkN7Nnd6Hcqs4tYrpFdEgjTMdCV92G8lbGiYxNbM3maOntktWswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNXf0N7UDbzClklwQdW6RS/k5Y/YMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMWRfUTN0UU52TUtXU1hCQjFicEZMLVRsajlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwEcVAwQC
wbfEAwQAwg6EMA0GCSqGSIb3DQEBCwUAA4IBAQA5ezk2acQ3ol51JLcBaMnqnSkv
7JuUzlIs5PbNXGGxeueNCQNPc9BBqWnxuR2mh51Cqwgv/cLOB+vXOIcWBKN0LRfi
DxbzADN72FTTz0IQaneNYQtvk/+y2UDOLVEYn8zDwPwJfqF05eMrl3MQlYHpbrrY
fjuIuoqUlsAytvRNWUIB9cbiL3ZWYYykvN6wUxMba/Nbuw/WFEx0FMUNW+S8dg3T
o0Sg6fNCJvhFBjdbnn8DDkeizrq4SpFFw/6W2qTOxyHYw8+bz2voQZUWNsy5OIiG
3ObLFDszaKL+yW8UGtu/G+TZoymRsbLUM5OvSsTocS+F9sgE0udM0E1NZbUp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:55 2025 by rpki-client