Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/d45193-b5fe-4e1d-8e42-ae5db6e1486d/1/ObEaUW04pgv3aZspAOFlTukisbQ.roa
File: ObEaUW04pgv3aZspAOFlTukisbQ.roa (raw, json)
Hash identifier: cvt9eNUrMGQSqEyd2HbLhH+WzehgOqT/zi4WZb6/Ce8=
Subject key identifier: 39:B1:1A:51:6D:38:A6:0B:F7:69:9B:29:00:E1:65:4E:E9:22:B1:B4
Certificate issuer: /CN=52386e520478e625be1d6282d216b05912f83874
Certificate serial: 01857169E0D085B24C400F83ACDA5539228D
Authority key identifier: 52:38:6E:52:04:78:E6:25:BE:1D:62:82:D2:16:B0:59:12:F8:38:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UjhuUgR45iW-HWKC0hawWRL4OHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/d45193-b5fe-4e1d-8e42-ae5db6e1486d/1/ObEaUW04pgv3aZspAOFlTukisbQ.roa
Signing time: Mon 02 Jan 2023 07:37:22 +0000
ROA not before: Mon 02 Jan 2023 07:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29479
IP address blocks: 194.126.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:e0:d0:85:b2:4c:40:0f:83:ac:da:55:39:22:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52386e520478e625be1d6282d216b05912f83874
Validity
Not Before: Jan 2 07:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39b11a516d38a60bf7699b2900e1654ee922b1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:12:97:6f:fd:13:0a:dd:b5:c9:53:3a:6b:26:
21:da:9a:cc:7a:5d:90:ef:98:6f:4d:ea:84:93:d3:
c1:42:6a:6b:a9:93:b1:d3:b2:d3:76:3b:13:47:a8:
0b:33:b3:55:fb:01:2a:a4:3c:6e:ed:19:0b:94:d3:
fe:b4:a7:4f:71:54:c9:7f:1b:74:0d:c2:35:31:d4:
b3:38:70:2d:68:0c:49:70:e7:57:ab:83:f4:4f:35:
79:1d:35:12:6c:68:7a:45:c9:1a:e1:2e:62:98:69:
81:fa:06:ff:61:58:b5:26:a0:05:1d:6e:99:6a:be:
f5:32:0d:e7:39:97:b3:41:f2:06:45:62:0f:d1:e8:
55:73:0e:9e:ed:bf:b6:2a:c7:d4:f9:1a:c6:03:fc:
71:a7:3b:e3:fe:23:be:5b:36:fb:7b:74:f1:98:f6:
1f:0f:84:e3:9e:39:77:d8:ef:6c:f2:81:94:57:56:
3b:17:7b:11:f6:e2:cf:5e:65:b2:e0:cf:c2:d3:53:
70:1a:00:aa:ac:e0:26:49:88:33:06:dd:a0:15:00:
5b:62:0d:28:e2:d9:1f:b7:7f:ef:18:b9:48:2d:64:
1e:15:5a:80:d2:a0:5c:23:83:56:ea:55:a9:5b:3e:
60:9f:69:13:a2:02:41:68:f0:a2:81:85:82:1d:47:
ae:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B1:1A:51:6D:38:A6:0B:F7:69:9B:29:00:E1:65:4E:E9:22:B1:B4
X509v3 Authority Key Identifier:
keyid:52:38:6E:52:04:78:E6:25:BE:1D:62:82:D2:16:B0:59:12:F8:38:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UjhuUgR45iW-HWKC0hawWRL4OHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/d45193-b5fe-4e1d-8e42-ae5db6e1486d/1/ObEaUW04pgv3aZspAOFlTukisbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/d45193-b5fe-4e1d-8e42-ae5db6e1486d/1/UjhuUgR45iW-HWKC0hawWRL4OHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.211.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:92:23:ef:af:56:43:41:0e:25:9c:14:98:66:d4:15:09:6d:
0f:b0:6f:63:ec:ee:84:97:11:5a:f1:84:d8:8a:ac:3b:86:33:
a4:5e:a0:b3:33:b7:79:c7:0a:c3:12:da:5b:bd:c0:47:e1:8e:
3d:68:c7:51:72:3f:1d:78:f2:af:00:32:e0:ca:2c:45:c3:ae:
ff:31:18:83:7e:59:be:55:7a:84:51:17:52:f0:c8:c9:9c:21:
e3:fd:4d:80:8f:de:e5:ca:e0:74:bc:ef:e0:21:6b:d7:60:5b:
46:e3:c3:4d:c7:6c:68:10:c5:26:9d:8a:4a:ec:67:2f:e7:43:
74:55:05:98:f2:02:b0:67:3e:82:0f:a0:12:6c:da:1c:03:24:
0c:fa:f3:54:a1:3a:85:54:43:ed:1b:39:e0:c6:ca:6e:75:58:
f2:42:7d:a6:4e:f2:2d:55:a9:02:cd:c1:f5:ac:94:14:c2:62:
a7:e6:86:df:70:35:b4:48:51:65:53:a4:71:c2:c0:37:4f:31:
fe:cc:e3:e0:4e:a7:7d:48:bd:24:98:32:bb:d2:be:de:58:4f:
d8:c9:46:a2:87:5c:d9:d7:45:df:7f:c0:8f:91:dc:77:bc:10:
74:2b:62:df:b5:fd:f0:66:58:0e:b7:26:a6:82:b4:67:70:fc:
6c:aa:42:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxaeDQhbJMQA+DrNpVOSKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMzg2ZTUyMDQ3OGU2MjViZTFkNjI4MmQyMTZiMDU5MTJm
ODM4NzQwHhcNMjMwMTAyMDczNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIxMWE1MTZkMzhhNjBiZjc2OTliMjkwMGUxNjU0ZWU5MjJiMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhKXb/0TCt21yVM6ayYh2prMel2Q
75hvTeqEk9PBQmprqZOx07LTdjsTR6gLM7NV+wEqpDxu7RkLlNP+tKdPcVTJfxt0
DcI1MdSzOHAtaAxJcOdXq4P0TzV5HTUSbGh6Rcka4S5imGmB+gb/YVi1JqAFHW6Z
ar71Mg3nOZezQfIGRWIP0ehVcw6e7b+2KsfU+RrGA/xxpzvj/iO+Wzb7e3TxmPYf
D4Tjnjl32O9s8oGUV1Y7F3sR9uLPXmWy4M/C01NwGgCqrOAmSYgzBt2gFQBbYg0o
4tkft3/vGLlILWQeFVqA0qBcI4NW6lWpWz5gn2kTogJBaPCigYWCHUeu5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmxGlFtOKYL92mbKQDhZU7pIrG0MB8GA1UdIwQY
MBaAFFI4blIEeOYlvh1igtIWsFkS+Dh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWpodVVnUjQ1aVctSFdLQzBoYXdXUkw0T0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kNDUxOTMtYjVmZS00ZTFkLThlNDIt
YWU1ZGI2ZTE0ODZkLzEvT2JFYVVXMDRwZ3YzYVpzcEFPRmxUdWtpc2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kNDUxOTMtYjVmZS00ZTFkLThlNDItYWU1ZGI2ZTE0ODZk
LzEvVWpodVVnUjQ1aVctSFdLQzBoYXdXUkw0T0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn7TMA0G
CSqGSIb3DQEBCwUAA4IBAQCrkiPvr1ZDQQ4lnBSYZtQVCW0PsG9j7O6ElxFa8YTY
iqw7hjOkXqCzM7d5xwrDEtpbvcBH4Y49aMdRcj8dePKvADLgyixFw67/MRiDflm+
VXqEURdS8MjJnCHj/U2Aj97lyuB0vO/gIWvXYFtG48NNx2xoEMUmnYpK7Gcv50N0
VQWY8gKwZz6CD6ASbNocAyQM+vNUoTqFVEPtGzngxspudVjyQn2mTvItVakCzcH1
rJQUwmKn5obfcDW0SFFlU6RxwsA3TzH+zOPgTqd9SL0kmDK70r7eWE/YyUaih1zZ
10Xff8CPkdx3vBB0K2Lftf3wZlgOtyamgrRncPxsqkJg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:53 2025 by rpki-client