Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Si9RlRzXrBhEvtsaFNSdjwuVocM.roa
File: Si9RlRzXrBhEvtsaFNSdjwuVocM.roa (raw, json)
Hash identifier: a1e89F3xTtSRPzqyQ4h16tqUAUhP9bpBxF3mR8jaYwM=
Subject key identifier: 4A:2F:51:95:1C:D7:AC:18:44:BE:DB:1A:14:D4:9D:8F:0B:95:A1:C3
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018683CD9A935A17D3693D65F922CADD01AC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Si9RlRzXrBhEvtsaFNSdjwuVocM.roa
Signing time: Fri 24 Feb 2023 14:22:15 +0000
ROA not before: Fri 24 Feb 2023 14:22:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200143
IP address blocks: 194.68.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:cd:9a:93:5a:17:d3:69:3d:65:f9:22:ca:dd:01:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 24 14:22:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a2f51951cd7ac1844bedb1a14d49d8f0b95a1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f6:85:be:a2:c2:c9:9c:38:66:93:76:85:75:
35:d5:13:20:84:39:66:a1:54:45:2d:c0:28:fd:de:
10:e4:ea:7b:f2:d4:50:61:d9:c5:df:aa:5e:be:bb:
9e:d1:b3:f0:26:b6:3f:d9:10:85:2c:f5:5a:f9:ff:
4b:b9:5b:ed:58:02:50:77:2d:d6:32:5d:11:32:1c:
df:fc:ff:e5:3b:d7:73:dc:88:60:0c:77:7b:ae:15:
59:cb:49:9e:ac:b2:1e:1f:eb:76:7a:e4:87:ec:99:
c7:b3:b8:04:79:7f:08:eb:56:26:be:74:d2:04:78:
6e:b8:97:32:3d:2f:85:d2:97:35:5d:6c:40:74:36:
2a:a7:8d:0b:25:fc:29:ed:d4:10:2b:36:08:9f:10:
ae:94:15:6f:77:b2:bb:29:c9:c1:68:9e:9a:98:56:
0b:45:4b:0c:0e:be:bb:ce:eb:06:3c:c8:de:2e:f9:
96:52:e2:a1:ee:b8:17:41:91:cd:f7:42:92:95:12:
a7:37:8d:ac:2e:a1:17:f7:52:35:d6:db:cc:c7:da:
d4:96:ef:7a:08:f5:20:22:2f:98:04:ec:f2:13:a9:
f1:51:b4:a4:f4:35:76:1e:a7:9f:52:82:5f:9b:ff:
6b:e9:e3:32:51:d0:42:c2:b2:5d:0e:70:82:8d:05:
b5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:2F:51:95:1C:D7:AC:18:44:BE:DB:1A:14:D4:9D:8F:0B:95:A1:C3
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Si9RlRzXrBhEvtsaFNSdjwuVocM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.68.20.0/24
Signature Algorithm: sha256WithRSAEncryption
96:2b:7b:b3:2b:42:73:ab:0f:9d:90:be:50:2f:dd:b0:31:1e:
9f:07:e9:1f:6d:9a:24:fc:55:ac:13:cc:0b:8e:59:f9:2d:e6:
c1:e5:38:de:b7:bc:bc:7d:59:31:d7:b0:90:33:8b:f5:14:3d:
fd:d1:d7:69:b0:fe:d5:ca:53:00:11:ef:65:91:6a:9d:00:a3:
ac:2a:79:0e:2a:02:5e:58:af:da:67:2a:22:3d:9d:49:20:d7:
77:7b:ff:c0:c8:4c:ff:42:8c:52:34:3c:76:6e:5e:a6:4c:f5:
ab:fc:73:a0:86:22:10:2e:da:ef:89:fa:44:f7:c9:af:0c:d2:
e8:a2:1f:ed:f2:35:62:46:5a:d0:0d:4c:69:bc:e7:b5:9a:f9:
79:92:a5:50:f8:24:5a:75:13:77:ca:ef:7b:70:52:22:de:8b:
12:59:bd:98:c5:21:b9:37:77:04:a9:a8:61:b6:7b:89:8d:20:
e3:47:a5:b7:4a:74:58:5a:5c:44:73:41:ec:59:b5:de:69:b8:
17:7c:a0:d8:e2:22:d5:b9:29:b1:57:1a:b2:bf:71:a9:62:33:
d7:5c:d3:e1:5f:2c:dc:47:5d:3a:8a:ff:28:39:13:5c:2b:8c:
c8:4d:2a:d2:c6:52:4d:1a:09:a9:b4:f6:38:66:94:78:2e:b1:
05:26:62:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaDzZqTWhfTaT1l+SLK3QGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMjI0MTQyMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTJmNTE5NTFjZDdhYzE4NDRiZWRiMWExNGQ0OWQ4ZjBiOTVhMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufaFvqLCyZw4ZpN2hXU11RMghDlm
oVRFLcAo/d4Q5Op78tRQYdnF36pevrue0bPwJrY/2RCFLPVa+f9LuVvtWAJQdy3W
Ml0RMhzf/P/lO9dz3IhgDHd7rhVZy0merLIeH+t2euSH7JnHs7gEeX8I61YmvnTS
BHhuuJcyPS+F0pc1XWxAdDYqp40LJfwp7dQQKzYInxCulBVvd7K7KcnBaJ6amFYL
RUsMDr67zusGPMjeLvmWUuKh7rgXQZHN90KSlRKnN42sLqEX91I11tvMx9rUlu96
CPUgIi+YBOzyE6nxUbSk9DV2HqefUoJfm/9r6eMyUdBCwrJdDnCCjQW1owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEovUZUc16wYRL7bGhTUnY8LlaHDMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvU2k5UmxSelhyQmhFdnRzYUZOU2Rqd3VWb2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkQUMA0G
CSqGSIb3DQEBCwUAA4IBAQCWK3uzK0Jzqw+dkL5QL92wMR6fB+kfbZok/FWsE8wL
jln5LebB5Tjet7y8fVkx17CQM4v1FD390ddpsP7VylMAEe9lkWqdAKOsKnkOKgJe
WK/aZyoiPZ1JINd3e//AyEz/QoxSNDx2bl6mTPWr/HOghiIQLtrvifpE98mvDNLo
oh/t8jViRlrQDUxpvOe1mvl5kqVQ+CRadRN3yu97cFIi3osSWb2YxSG5N3cEqahh
tnuJjSDjR6W3SnRYWlxEc0HsWbXeabgXfKDY4iLVuSmxVxqyv3GpYjPXXNPhXyzc
R106iv8oORNcK4zITSrSxlJNGgmptPY4ZpR4LrEFJmIF
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:44 2025 by rpki-client