Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/o1X-_8_jxbrzY6-fv8KudWmyyjY.roa
File: o1X-_8_jxbrzY6-fv8KudWmyyjY.roa (raw, json)
Hash identifier: e5zCiPD9OcFqKtOCvMoQ/5Ps3y14UNoV52I+GdgMBuA=
Subject key identifier: A3:55:FE:FF:CF:E3:C5:BA:F3:63:AF:9F:BF:C2:AE:75:69:B2:CA:36
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB0403C8C37A9FFDE0593218AC7BDF
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/o1X-_8_jxbrzY6-fv8KudWmyyjY.roa
Signing time: Sun 01 Jan 2023 10:05:22 +0000
ROA not before: Sun 01 Jan 2023 10:05:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200881
IP address blocks: 194.68.138.0/23 maxlen: 23
194.68.140.0/22 maxlen: 22
194.68.144.0/22 maxlen: 22
194.68.148.0/23 maxlen: 23
193.235.88.0/23 maxlen: 23
193.235.86.0/23 maxlen: 23
193.235.91.0/24 maxlen: 24
193.235.90.0/24 maxlen: 24
193.235.94.0/23 maxlen: 23
193.235.92.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:04:03:c8:c3:7a:9f:fd:e0:59:32:18:ac:7b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a355feffcfe3c5baf363af9fbfc2ae7569b2ca36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:df:1b:ae:79:fe:b2:0b:5a:c8:7b:76:62:62:
ed:ac:12:12:f1:b6:d3:7c:04:4e:aa:73:df:a1:90:
c7:f4:66:23:24:00:58:ea:39:b6:7c:b9:31:36:a7:
a6:f9:ae:27:9a:5d:b4:f0:5c:dd:8a:62:d4:77:f4:
6d:27:0c:4d:1d:4b:d6:e6:09:73:50:ce:f7:12:3a:
c5:5f:e6:4f:73:10:6f:6d:1c:ba:45:58:d4:98:fc:
6f:cd:7c:fb:5e:01:94:4b:62:47:e8:a5:ca:d5:1d:
d2:99:89:c8:af:ff:77:41:b6:0a:01:e6:79:b0:69:
f6:0c:94:45:e7:d1:c5:a7:39:89:f0:0d:3f:3f:2d:
aa:23:f6:06:e9:ff:92:a5:9a:13:e7:8d:ff:83:51:
1b:8e:b7:f6:b9:fe:98:a4:82:0b:b4:15:bb:7b:1f:
0b:48:f1:cf:2f:ee:57:ff:19:c2:f1:cb:8b:9f:0d:
65:30:7e:36:54:ea:b0:e9:26:9c:6b:bb:31:90:9d:
74:fd:99:f4:7d:5e:a8:d1:7f:92:89:5e:4c:ca:e8:
35:d0:1a:15:b3:de:3a:ff:90:41:b3:b1:fa:b5:55:
40:72:49:7b:01:54:b2:8b:ee:51:3f:5d:ad:e5:a4:
e7:2b:b5:12:6c:3a:f7:22:00:e9:72:33:c9:94:e3:
1c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:55:FE:FF:CF:E3:C5:BA:F3:63:AF:9F:BF:C2:AE:75:69:B2:CA:36
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/o1X-_8_jxbrzY6-fv8KudWmyyjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.235.86.0-193.235.95.255
194.68.138.0-194.68.149.255
Signature Algorithm: sha256WithRSAEncryption
45:b4:6e:af:bf:f7:ee:7d:93:93:e7:02:fd:57:01:e0:df:30:
a8:e2:03:5e:a8:68:4a:67:27:46:1a:bf:76:03:bf:85:f1:8a:
45:36:85:20:20:f3:d7:7f:a8:26:e3:70:b2:6b:8a:3c:a6:b9:
3f:c6:43:27:66:66:a9:19:d7:da:ea:1a:65:55:f6:c9:62:49:
72:12:26:6a:b2:94:1f:15:5f:0a:85:f5:ae:c8:f8:a6:6c:8f:
78:3c:fd:e3:19:d5:7c:da:2b:a1:ce:01:ab:38:ad:5f:93:58:
e9:35:a7:81:e6:d6:07:ed:5c:39:30:3c:7a:79:9a:3d:e0:1e:
0c:4b:74:57:e8:d9:62:b4:c5:b3:5d:66:02:c3:61:bd:17:51:
c3:4e:66:3f:3c:fc:b2:6c:69:3d:67:f6:64:7f:63:aa:ae:f1:
2c:1d:90:e7:18:48:85:52:b8:5d:b3:a2:6e:55:ef:f9:9d:67:
ed:ca:f9:ed:27:ba:08:2d:0c:78:c1:65:db:fe:c8:bc:42:49:
96:07:30:42:97:bd:0d:8c:1e:7a:ff:c3:3b:c5:c2:f0:82:e2:
a4:46:57:c0:8e:85:04:5f:5f:da:27:00:de:01:d6:19:cd:a9:
90:cc:cf:b2:ae:11:79:4c:e6:11:cd:d4:37:f7:ad:c0:c5:60:
e3:25:34:f7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVsywQDyMN6n/3gWTIYrHvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzU1ZmVmZmNmZTNjNWJhZjM2M2FmOWZiZmMyYWU3NTY5YjJjYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN8brnn+sgtayHt2YmLtrBIS8bbT
fAROqnPfoZDH9GYjJABY6jm2fLkxNqem+a4nml208FzdimLUd/RtJwxNHUvW5glz
UM73EjrFX+ZPcxBvbRy6RVjUmPxvzXz7XgGUS2JH6KXK1R3SmYnIr/93QbYKAeZ5
sGn2DJRF59HFpzmJ8A0/Py2qI/YG6f+SpZoT543/g1Ebjrf2uf6YpIILtBW7ex8L
SPHPL+5X/xnC8cuLnw1lMH42VOqw6Saca7sxkJ10/Zn0fV6o0X+SiV5Myug10BoV
s946/5BBs7H6tVVAckl7AVSyi+5RP12t5aTnK7USbDr3IgDpcjPJlOMcjQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKNV/v/P48W682Ovn7/CrnVpsso2MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbzFYLV84X2p4YnJ6WTYtZnY4S3VkV215eWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAHB61YD
BAXB60AwDAMEAcJEigMEAcJElDANBgkqhkiG9w0BAQsFAAOCAQEARbRur7/37n2T
k+cC/VcB4N8wqOIDXqhoSmcnRhq/dgO/hfGKRTaFICDz13+oJuNwsmuKPKa5P8ZD
J2ZmqRnX2uoaZVX2yWJJchImarKUHxVfCoX1rsj4pmyPeDz94xnVfNoroc4Bqzit
X5NY6TWngebWB+1cOTA8enmaPeAeDEt0V+jZYrTFs11mAsNhvRdRw05mPzz8smxp
PWf2ZH9jqq7xLB2Q5xhIhVK4XbOiblXv+Z1n7cr57Se6CC0MeMFl2/7IvEJJlgcw
Qpe9DYweev/DO8XC8ILipEZXwI6FBF9f2icA3gHWGc2pkMzPsq4ReUzmEc3UN/et
wMVg4yU09w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:28 2025 by rpki-client