Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/vyCwc0Ol8TMLoDwgAsa1Gxz9gSg.roa
File: vyCwc0Ol8TMLoDwgAsa1Gxz9gSg.roa (raw, json)
Hash identifier: HkSbWHsF4zIcleOtZCZOnq6R1C63VD0XnAMSVZMQbN0=
Subject key identifier: BF:20:B0:73:43:A5:F1:33:0B:A0:3C:20:02:C6:B5:1B:1C:FD:81:28
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 0184D349052E90E0EB46DB1023411C924957
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/vyCwc0Ol8TMLoDwgAsa1Gxz9gSg.roa
Signing time: Fri 02 Dec 2022 14:41:28 +0000
ROA not before: Fri 02 Dec 2022 14:41:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 703
IP address blocks: 194.169.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:49:05:2e:90:e0:eb:46:db:10:23:41:1c:92:49:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Dec 2 14:41:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf20b07343a5f1330ba03c2002c6b51b1cfd8128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:c1:4d:e8:b3:c0:21:c2:a5:6c:12:ed:6b:
26:29:05:e6:0b:32:b5:9a:c9:31:fa:59:52:9e:6a:
56:aa:bc:0c:2e:0c:19:5e:c6:7d:7d:02:30:2d:e3:
d3:13:20:ad:a8:8c:40:86:7f:62:3b:01:5e:1a:ca:
13:a1:c7:f1:cd:f8:67:be:a1:70:ea:4d:04:88:99:
2a:ab:be:a9:1e:20:27:bf:54:09:94:a2:ef:01:eb:
e9:6b:6c:b0:a3:e5:b2:8f:cd:8b:11:78:12:c6:b9:
f8:72:c9:90:45:75:8f:64:a3:db:12:58:fb:ad:ac:
ee:6e:bf:96:0c:60:98:38:61:19:cc:bd:49:91:81:
7c:48:f9:87:de:16:97:23:cb:e7:d0:a4:fd:0b:69:
ef:bf:c1:38:a0:f3:44:06:0f:49:a6:7f:0d:4b:fc:
10:cc:20:f5:cf:17:70:e7:5d:27:ec:b5:87:34:0a:
b1:8a:c3:97:3e:71:be:01:58:d3:c4:56:30:23:30:
52:c0:fd:9e:b2:ee:14:f5:59:7c:94:fa:e8:11:db:
7d:45:1b:a9:bc:a3:82:d8:a9:df:41:5d:a5:3e:c3:
74:89:e9:c7:8e:01:66:3a:9e:c1:14:29:30:3d:8d:
32:ed:f9:25:0c:8f:12:f5:44:39:46:43:b5:97:60:
ab:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:20:B0:73:43:A5:F1:33:0B:A0:3C:20:02:C6:B5:1B:1C:FD:81:28
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/vyCwc0Ol8TMLoDwgAsa1Gxz9gSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.18.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:7a:2a:d0:66:40:a0:f9:bb:58:be:d3:5c:1c:65:7a:19:d2:
37:35:ef:8f:d0:6a:27:f3:d0:50:74:f6:4e:34:07:13:71:5b:
7e:e9:40:77:e2:f0:4f:cc:f1:a6:10:d6:be:cc:7d:7e:18:eb:
35:08:a6:d0:47:b8:b4:90:1c:5f:93:c7:36:3f:bc:0c:66:36:
86:fd:10:75:94:00:8a:45:22:55:28:2c:07:a3:a9:a9:ff:6a:
f2:76:46:8d:f7:b1:f7:b1:f4:fa:d8:8b:28:43:06:78:41:cf:
8b:b2:de:86:e7:c0:72:f8:0f:72:bc:6a:a9:3a:2a:c6:5c:ee:
f0:8e:d1:c5:30:f8:d4:1f:cd:54:50:3e:6c:e1:08:62:fd:13:
00:72:53:60:27:67:0e:fd:cd:e2:5c:04:1b:ce:a9:23:cc:fd:
19:ef:92:fd:6e:a1:8a:cd:8d:d5:5b:50:fc:21:9e:bf:0a:05:
fa:9d:7f:78:a2:9f:0c:10:db:9f:d7:b9:ea:32:22:27:5d:32:
ad:9d:d6:4b:73:c1:1a:6d:ee:49:a2:f1:0e:7d:78:37:56:3f:
1c:1e:98:61:67:01:f0:54:2e:50:67:03:b5:67:96:71:7d:9e:
4f:e5:ad:c1:df:78:08:03:8a:89:ec:74:f6:af:a2:75:0b:9f:
a7:8b:66:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTTSQUukODrRtsQI0EckklXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjIxMjAyMTQ0MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIwYjA3MzQzYTVmMTMzMGJhMDNjMjAwMmM2YjUxYjFjZmQ4MTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOjBTeizwCHCpWwS7WsmKQXmCzK1
mskx+llSnmpWqrwMLgwZXsZ9fQIwLePTEyCtqIxAhn9iOwFeGsoTocfxzfhnvqFw
6k0EiJkqq76pHiAnv1QJlKLvAevpa2ywo+Wyj82LEXgSxrn4csmQRXWPZKPbElj7
razubr+WDGCYOGEZzL1JkYF8SPmH3haXI8vn0KT9C2nvv8E4oPNEBg9Jpn8NS/wQ
zCD1zxdw510n7LWHNAqxisOXPnG+AVjTxFYwIzBSwP2esu4U9Vl8lProEdt9RRup
vKOC2KnfQV2lPsN0ienHjgFmOp7BFCkwPY0y7fklDI8S9UQ5RkO1l2CrUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8gsHNDpfEzC6A8IALGtRsc/YEoMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEvdnlDd2MwT2w4VE1Mb0R3Z0FzYTFHeHo5Z1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkSMA0G
CSqGSIb3DQEBCwUAA4IBAQA6eirQZkCg+btYvtNcHGV6GdI3Ne+P0Gon89BQdPZO
NAcTcVt+6UB34vBPzPGmENa+zH1+GOs1CKbQR7i0kBxfk8c2P7wMZjaG/RB1lACK
RSJVKCwHo6mp/2rydkaN97H3sfT62IsoQwZ4Qc+Lst6G58By+A9yvGqpOirGXO7w
jtHFMPjUH81UUD5s4Qhi/RMAclNgJ2cO/c3iXAQbzqkjzP0Z75L9bqGKzY3VW1D8
IZ6/CgX6nX94op8MENuf17nqMiInXTKtndZLc8Eabe5JovEOfXg3Vj8cHphhZwHw
VC5QZwO1Z5ZxfZ5P5a3B33gIA4qJ7HT2r6J1C5+ni2a+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:01 2025 by rpki-client