Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_2Mkyt14JWLCPF_4EgBS8rJoaMg.roa
File: _2Mkyt14JWLCPF_4EgBS8rJoaMg.roa (raw, json)
Hash identifier: qzfcry1nLUcjSuVB5bUOoZQREY2p5K73AuulwIR0ORU=
Subject key identifier: FF:63:24:CA:DD:78:25:62:C2:3C:5F:F8:12:00:52:F2:B2:68:68:C8
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAE0605C27C7157CAFC0AA9B90C64E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_2Mkyt14JWLCPF_4EgBS8rJoaMg.roa
Signing time: Sun 01 Jan 2023 10:05:13 +0000
ROA not before: Sun 01 Jan 2023 10:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30893
IP address blocks: 194.71.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e0:60:5c:27:c7:15:7c:af:c0:aa:9b:90:c6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff6324cadd782562c23c5ff8120052f2b26868c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:65:2c:a0:76:46:bf:c0:ab:36:ac:9b:9d:84:
98:f0:54:e0:21:7b:77:f9:28:5f:97:ff:76:1f:1e:
9d:73:b8:e1:bd:95:68:f6:32:4d:7e:96:12:4e:60:
74:b0:05:0c:d2:42:c2:85:50:61:72:5c:b4:92:ff:
32:83:5e:1b:4b:9e:5c:1b:51:6f:7f:e3:e3:c7:b0:
63:bf:c3:a4:09:23:34:f6:73:26:74:3c:b3:75:79:
92:ff:3d:25:4a:84:82:d5:8e:00:a7:fa:b5:6a:10:
a4:fd:ca:0a:61:02:ec:5b:c5:57:f4:c0:8c:52:dc:
cd:0a:bc:80:62:aa:a9:ac:48:8e:7b:b7:1f:29:43:
93:26:87:95:a2:16:37:84:97:eb:8f:1c:b8:0f:1b:
4a:62:31:68:71:9a:81:8f:5c:2d:12:6f:28:01:88:
aa:47:10:53:0d:a8:50:ea:21:4c:f3:46:9d:36:db:
94:ca:7f:be:6f:07:89:bb:2f:e3:15:23:1c:c8:f1:
49:02:c8:d1:3e:50:5c:e8:9b:50:87:7a:d1:75:00:
a9:23:be:7a:e0:f6:f6:e0:36:27:8b:48:84:dc:ab:
b4:6e:2e:51:27:4c:38:e1:c3:ec:b2:73:88:1a:da:
6e:ab:69:f7:ea:27:ab:71:2b:fb:2d:b6:15:4a:09:
26:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:63:24:CA:DD:78:25:62:C2:3C:5F:F8:12:00:52:F2:B2:68:68:C8
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/_2Mkyt14JWLCPF_4EgBS8rJoaMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.71.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:65:99:c8:7e:f6:2b:d8:13:ee:c1:ef:26:60:e2:a9:b4:06:
21:01:fa:06:be:44:7e:c3:91:46:e0:72:21:32:32:92:77:0a:
81:a5:48:27:65:74:39:50:9c:e4:f9:eb:57:29:b7:3f:66:f7:
35:b3:7a:a8:a0:37:e5:78:e0:f6:9b:be:5c:14:9a:63:be:db:
0a:f7:7c:c3:90:b4:92:45:96:a1:6a:2c:de:21:5f:de:df:cc:
cc:d7:b1:cb:26:da:d5:4f:3a:b9:df:d3:0a:54:82:10:8a:a3:
ea:91:03:73:fe:b3:ab:ca:36:6e:11:c0:fd:cc:8b:85:00:e0:
fe:95:b9:5a:4a:52:00:33:c4:62:7c:04:7e:7c:19:3a:ad:2f:
68:cd:03:19:9a:9c:b2:04:95:55:21:d1:6e:81:ad:47:3c:aa:
f2:a1:2b:ed:c8:e7:0c:ca:61:f2:7a:56:b5:bf:ee:bb:c0:a4:
42:02:e1:a1:8e:44:5d:2c:29:de:19:f8:f2:b0:07:8d:e8:a4:
ea:2c:54:99:69:e5:8f:d8:ad:6d:06:ef:35:ef:06:ee:5b:2d:
7f:da:a7:34:3a:05:52:5f:7c:39:59:aa:3d:56:74:90:7b:a6:
9a:f2:5e:63:f6:81:9c:56:5c:4d:7c:a1:8e:d2:f8:39:73:8c:
7d:7b:6e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyuBgXCfHFXyvwKqbkMZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYzMjRjYWRkNzgyNTYyYzIzYzVmZjgxMjAwNTJmMmIyNjg2OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2UsoHZGv8CrNqybnYSY8FTgIXt3
+Shfl/92Hx6dc7jhvZVo9jJNfpYSTmB0sAUM0kLChVBhcly0kv8yg14bS55cG1Fv
f+Pjx7Bjv8OkCSM09nMmdDyzdXmS/z0lSoSC1Y4Ap/q1ahCk/coKYQLsW8VX9MCM
UtzNCryAYqqprEiOe7cfKUOTJoeVohY3hJfrjxy4DxtKYjFocZqBj1wtEm8oAYiq
RxBTDahQ6iFM80adNtuUyn++bweJuy/jFSMcyPFJAsjRPlBc6JtQh3rRdQCpI756
4Pb24DYni0iE3Ku0bi5RJ0w44cPssnOIGtpuq2n36iercSv7LbYVSgkmJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9jJMrdeCViwjxf+BIAUvKyaGjIMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvXzJNa3l0MTRKV0xDUEZfNEVnQlM4ckpvYU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkdvMA0G
CSqGSIb3DQEBCwUAA4IBAQCaZZnIfvYr2BPuwe8mYOKptAYhAfoGvkR+w5FG4HIh
MjKSdwqBpUgnZXQ5UJzk+etXKbc/Zvc1s3qooDfleOD2m75cFJpjvtsK93zDkLSS
RZahaizeIV/e38zM17HLJtrVTzq539MKVIIQiqPqkQNz/rOryjZuEcD9zIuFAOD+
lblaSlIAM8RifAR+fBk6rS9ozQMZmpyyBJVVIdFuga1HPKryoSvtyOcMymHyela1
v+67wKRCAuGhjkRdLCneGfjysAeN6KTqLFSZaeWP2K1tBu817wbuWy1/2qc0OgVS
X3w5Wao9VnSQe6aa8l5j9oGcVlxNfKGO0vg5c4x9e24K
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:02 2025 by rpki-client