Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/v9JjY2c4FrToeytQ_lbxtnJ4gNk.roa
File: v9JjY2c4FrToeytQ_lbxtnJ4gNk.roa (raw, json)
Hash identifier: X3yH64cdjgxCSmV5sw3+kHPzlsX1ZSEqI4v/qtjztQQ=
Subject key identifier: BF:D2:63:63:67:38:16:B4:E8:7B:2B:50:FE:56:F1:B6:72:78:80:D9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 428008FB
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/v9JjY2c4FrToeytQ_lbxtnJ4gNk.roa
Signing time: Sat 01 Jan 2022 14:03:23 +0000
ROA not before: Sat 01 Jan 2022 14:03:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198463
IP address blocks: 194.132.214.0/24 maxlen: 24
194.14.33.0/24 maxlen: 24
194.68.125.0/24 maxlen: 24
193.182.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115687163 (0x428008fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfd26363673816b4e87b2b50fe56f1b6727880d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7f:af:05:0d:15:d3:33:e1:74:b3:75:1e:f7:
5e:cf:e3:d9:55:75:e4:21:f2:be:7b:e5:59:68:10:
71:29:37:21:36:79:49:b1:12:ff:d4:8e:cc:ac:71:
70:e4:b7:19:09:4c:cc:da:6d:cd:31:8a:8e:31:5d:
6f:55:d3:07:f4:27:e0:c6:23:9f:17:4d:3a:7c:61:
f8:dc:5a:2b:9e:73:1d:41:56:d7:16:f6:d4:a9:54:
6a:d9:61:c8:ea:42:dd:da:5b:85:5e:4a:41:fb:50:
2d:af:09:9c:f7:29:4a:12:50:7c:04:46:79:2f:e6:
0d:16:50:cb:5b:89:d2:2a:8c:1b:0b:20:f7:6e:de:
b5:fb:51:90:ae:84:41:b5:e7:88:2a:7a:ad:3e:bd:
ed:df:b9:65:93:88:b7:44:93:15:af:6e:33:21:29:
8f:13:63:80:99:17:61:18:b4:b5:5a:8e:b5:d2:a5:
a1:4d:a7:d2:cd:58:ca:2b:0d:17:15:6e:a0:5a:87:
ac:5d:7e:14:cc:db:66:0b:15:ec:3b:61:66:1c:57:
f4:9f:4d:de:30:14:20:84:19:94:6b:4f:95:ef:18:
8a:3a:c7:3c:86:ae:e4:38:b3:d2:93:90:fa:b8:03:
13:37:0f:9d:a7:12:20:a8:c5:6b:3d:f2:3d:f6:dd:
eb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D2:63:63:67:38:16:B4:E8:7B:2B:50:FE:56:F1:B6:72:78:80:D9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/v9JjY2c4FrToeytQ_lbxtnJ4gNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.182.180.0/24
194.14.33.0/24
194.68.125.0/24
194.132.214.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:cd:54:69:92:36:a8:9b:75:2b:e5:57:bd:45:eb:41:fd:fc:
aa:02:28:81:99:4a:f4:4a:3f:e5:15:e1:8a:ba:f6:08:88:09:
72:4a:dd:4b:7b:e5:06:eb:2f:ef:5d:3f:24:c4:d1:3f:eb:b6:
ef:e4:a1:e8:1d:d6:00:f6:fc:92:6b:5d:b3:34:f4:82:30:8b:
1e:6d:08:4e:a6:b7:56:00:43:22:c6:de:2c:58:8f:60:d8:a5:
e6:dc:94:43:ba:bc:21:98:b6:c5:db:f6:dd:d1:00:32:b6:31:
9b:2e:1f:03:25:25:1e:b1:78:f6:de:80:69:b3:da:25:57:4a:
31:0d:8b:ca:5e:85:97:ea:3a:93:eb:25:1e:bf:43:93:ae:0d:
0e:0e:a4:c3:49:ce:f0:45:1a:f3:ad:b8:49:0a:67:08:64:1e:
2e:f5:59:08:1e:c1:bb:57:01:d3:f1:a1:e3:08:49:e7:3b:dd:
21:51:c7:37:71:f9:4b:b0:fb:3d:d6:93:e6:fe:e2:b4:96:fa:
1d:bd:a0:9c:f5:9f:61:04:33:89:dd:dc:62:5c:cb:8f:39:c1:
4e:0e:b0:14:9f:76:58:e1:58:d7:76:a5:ee:17:46:59:b2:2e:
de:bc:f4:1d:3e:53:3d:1b:0b:bf:d7:ff:c7:4e:46:77:ac:d3:
42:79:11:35
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEQoAI+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZkMjYzNjM2NzM4
MTZiNGU4N2IyYjUwZmU1NmYxYjY3Mjc4ODBkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKF/rwUNFdMz4XSzdR73Xs/j2VV15CHyvnvlWWgQcSk3ITZ5
SbES/9SOzKxxcOS3GQlMzNptzTGKjjFdb1XTB/Qn4MYjnxdNOnxh+NxaK55zHUFW
1xb21KlUatlhyOpC3dpbhV5KQftQLa8JnPcpShJQfARGeS/mDRZQy1uJ0iqMGwsg
927etftRkK6EQbXniCp6rT697d+5ZZOIt0STFa9uMyEpjxNjgJkXYRi0tVqOtdKl
oU2n0s1YyisNFxVuoFqHrF1+FMzbZgsV7DthZhxX9J9N3jAUIIQZlGtPle8YijrH
PIau5Diz0pOQ+rgDEzcPnacSIKjFaz3yPfbd61MCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBS/0mNjZzgWtOh7K1D+VvG2cniA2TAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3Y5SmpZMmM0RnJUb2V5dFFfbGJ4dG5KNGdOay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMG2tAMEAMIOIQMEAMJEfQMEAMKE
1jANBgkqhkiG9w0BAQsFAAOCAQEAC81UaZI2qJt1K+VXvUXrQf38qgIogZlK9Eo/
5RXhirr2CIgJckrdS3vlBusv710/JMTRP+u27+Sh6B3WAPb8kmtdszT0gjCLHm0I
Tqa3VgBDIsbeLFiPYNil5tyUQ7q8IZi2xdv23dEAMrYxmy4fAyUlHrF49t6AabPa
JVdKMQ2Lyl6Fl+o6k+slHr9Dk64NDg6kw0nO8EUa8624SQpnCGQeLvVZCB7Bu1cB
0/Gh4whJ5zvdIVHHN3H5S7D7PdaT5v7itJb6Hb2gnPWfYQQzid3cYlzLjznBTg6w
FJ92WOFY13al7hdGWbIu3rz0HT5TPRsLv9f/x05Gd6zTQnkRNQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:27 2025 by rpki-client