Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tojo2E5eE2APbvYVCIrd3uOnjxI.roa
File: tojo2E5eE2APbvYVCIrd3uOnjxI.roa (raw, json)
Hash identifier: SP/zSYaCIG7lZ3f/HX0laCXocOl/EVzXGJ5Y4xy8t3k=
Subject key identifier: B6:88:E8:D8:4E:5E:13:60:0F:6E:F6:15:08:8A:DD:DE:E3:A7:8F:12
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCADBFA45AC200238C660470D85E521
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tojo2E5eE2APbvYVCIrd3uOnjxI.roa
Signing time: Sun 01 Jan 2023 10:05:12 +0000
ROA not before: Sun 01 Jan 2023 10:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20943
IP address blocks: 194.68.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:db:fa:45:ac:20:02:38:c6:60:47:0d:85:e5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b688e8d84e5e13600f6ef615088adddee3a78f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cc:f8:73:8d:81:60:6e:98:81:66:7f:81:66:
2b:0d:b5:0e:1c:92:40:0e:49:6b:9e:21:56:ed:c9:
8e:d4:d1:be:33:35:7e:46:05:f9:74:10:7f:dd:ac:
d2:31:82:97:84:bf:02:0c:7c:47:cb:a8:ad:06:e6:
f2:4e:73:28:c0:3b:5e:b1:8c:b0:87:cc:8f:37:8f:
cc:0d:ac:a2:a9:93:72:6a:69:84:0c:da:a2:e7:9a:
90:0c:3e:81:4d:ab:98:51:0c:3c:12:6f:2d:48:9b:
1f:70:e9:e8:73:e0:dc:cb:52:ec:6a:3c:5e:65:71:
84:6f:2f:2b:bc:5a:f4:d9:00:05:f7:f3:1e:ea:e3:
7e:95:7a:24:e3:ca:81:ec:b9:bc:09:c9:4b:89:30:
e7:f2:ef:cd:4a:39:ae:ef:3a:ff:ff:21:b6:a6:d0:
d0:28:a2:08:9f:87:8a:91:b1:91:93:d8:7c:09:df:
f8:c6:14:d7:5b:72:ea:38:45:c5:0c:ea:90:1d:d8:
5c:06:9f:69:8d:1a:3a:94:4e:c2:73:1f:20:75:cb:
c1:65:46:81:03:6e:b7:c1:27:a0:e3:0c:25:40:fa:
cc:44:fa:f2:06:06:b3:ac:44:4f:86:a0:f5:8b:a8:
82:2b:da:53:19:f7:d6:18:95:1b:08:d8:00:ed:10:
45:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:88:E8:D8:4E:5E:13:60:0F:6E:F6:15:08:8A:DD:DE:E3:A7:8F:12
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tojo2E5eE2APbvYVCIrd3uOnjxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.68.134.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ee:5d:86:e0:03:3e:20:8a:31:5d:1f:4e:cd:89:51:fe:a1:
7e:12:a2:c9:29:f3:56:9f:ce:d2:e2:0b:b5:44:e2:62:bd:b2:
19:4f:27:d4:ee:94:b2:69:63:cf:48:68:52:5d:b0:5d:d0:24:
11:d8:ee:78:74:c8:62:22:5d:86:92:d1:83:e7:f7:87:27:e0:
83:76:08:f8:69:93:91:f5:bf:c3:46:b1:e9:0d:91:60:b2:10:
bd:a9:89:a2:8f:8c:6f:b1:d2:94:87:65:ee:de:bf:08:58:3a:
82:dc:07:f4:01:5d:3c:3a:fc:86:10:ad:46:1c:3e:60:b0:fe:
47:62:df:ab:c6:0e:7a:76:e2:c6:ab:44:57:2a:50:9d:5d:c5:
94:84:58:a7:6d:c3:72:af:89:b2:50:ee:08:e7:87:c8:36:9b:
26:ab:77:c6:2b:97:d2:fe:9b:70:bc:3b:06:ee:e2:c7:36:d7:
2f:3a:4b:df:92:fb:da:84:b5:01:cb:7a:64:86:b0:65:c2:dc:
34:54:96:0f:fe:dd:84:ac:56:3e:89:70:06:bd:55:90:1a:d0:
37:d5:65:d1:08:1f:13:d7:4a:15:93:dc:bb:e3:a8:85:5f:ef:
a4:96:50:22:a5:83:0e:e8:7a:02:a0:cd:48:05:b6:d7:70:d8:
c4:1e:88:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsytv6RawgAjjGYEcNheUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjg4ZThkODRlNWUxMzYwMGY2ZWY2MTUwODhhZGRkZWUzYTc4ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMz4c42BYG6YgWZ/gWYrDbUOHJJA
DklrniFW7cmO1NG+MzV+RgX5dBB/3azSMYKXhL8CDHxHy6itBubyTnMowDtesYyw
h8yPN4/MDayiqZNyammEDNqi55qQDD6BTauYUQw8Em8tSJsfcOnoc+Dcy1Lsajxe
ZXGEby8rvFr02QAF9/Me6uN+lXok48qB7Lm8CclLiTDn8u/NSjmu7zr//yG2ptDQ
KKIIn4eKkbGRk9h8Cd/4xhTXW3LqOEXFDOqQHdhcBp9pjRo6lE7Ccx8gdcvBZUaB
A263wSeg4wwlQPrMRPryBgazrERPhqD1i6iCK9pTGffWGJUbCNgA7RBF1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLaI6NhOXhNgD272FQiK3d7jp48SMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdG9qbzJFNWVFMkFQYnZZVkNJcmQzdU9uanhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkSGMA0G
CSqGSIb3DQEBCwUAA4IBAQCc7l2G4AM+IIoxXR9OzYlR/qF+EqLJKfNWn87S4gu1
ROJivbIZTyfU7pSyaWPPSGhSXbBd0CQR2O54dMhiIl2GktGD5/eHJ+CDdgj4aZOR
9b/DRrHpDZFgshC9qYmij4xvsdKUh2Xu3r8IWDqC3Af0AV08OvyGEK1GHD5gsP5H
Yt+rxg56duLGq0RXKlCdXcWUhFinbcNyr4myUO4I54fINpsmq3fGK5fS/ptwvDsG
7uLHNtcvOkvfkvvahLUBy3pkhrBlwtw0VJYP/t2ErFY+iXAGvVWQGtA31WXRCB8T
10oVk9y746iFX++kllAipYMO6HoCoM1IBbbXcNjEHoj7
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:09 2025 by rpki-client