Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/eV1MBuLVQZcQf5imWGKycS6ASxo.roa
File: eV1MBuLVQZcQf5imWGKycS6ASxo.roa (raw, json)
Hash identifier: wmvHRDQvm7dPBUC9U4BD1COVqheNUhFb0TyGvIed1No=
Subject key identifier: 79:5D:4C:06:E2:D5:41:97:10:7F:98:A6:58:62:B2:71:2E:80:4B:1A
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 01856CB8405E4028693ADE384D824DB7D520
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/eV1MBuLVQZcQf5imWGKycS6ASxo.roa
Signing time: Sun 01 Jan 2023 09:44:52 +0000
ROA not before: Sun 01 Jan 2023 09:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3215
IP address blocks: 143.196.112.0/21 maxlen: 21
143.196.120.0/22 maxlen: 22
143.196.64.0/19 maxlen: 19
143.196.191.0/24 maxlen: 24
143.196.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:40:5e:40:28:69:3a:de:38:4d:82:4d:b7:d5:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Jan 1 09:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=795d4c06e2d54197107f98a65862b2712e804b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3e:5c:e5:7c:4e:e2:c1:6d:ea:5e:5c:0b:42:
bc:c9:95:e3:56:4b:36:81:c9:aa:d7:4d:7a:bc:0f:
75:cc:72:54:44:f3:c5:d3:82:f9:57:6d:8a:4f:56:
e5:3e:32:a7:cb:8a:75:01:82:d4:d6:71:38:9c:82:
7d:a6:94:59:60:ce:c7:bd:cd:cb:99:37:29:99:7f:
91:72:1d:cb:99:c8:d6:a5:bb:b7:05:fc:32:5c:ae:
ce:72:74:be:fb:ab:01:cc:fe:fb:be:45:b3:8a:4d:
34:cf:ed:d1:d6:c3:ae:6e:66:55:3f:c0:a8:68:14:
be:4d:64:79:65:8a:d7:43:d8:b3:41:22:8a:2a:a4:
eb:4a:2f:22:9d:b7:3d:c8:9c:69:10:04:15:08:86:
b8:d1:8c:8f:39:ca:30:16:f4:f5:7a:33:a0:1b:83:
c5:29:5a:55:5f:8e:1a:f6:2a:59:50:09:f9:35:56:
d8:fa:75:4b:34:1b:41:cb:4a:af:88:3f:de:75:a2:
a6:bb:fb:68:19:2e:cf:64:9d:79:af:0b:a7:ff:3a:
27:f3:55:4a:b9:aa:e1:61:b8:3a:80:6b:6f:df:07:
ea:14:2e:b4:cf:54:4c:77:a0:8d:1e:5d:01:7c:8d:
a5:53:74:f1:e8:8b:8f:23:87:64:de:04:55:71:63:
97:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:5D:4C:06:E2:D5:41:97:10:7F:98:A6:58:62:B2:71:2E:80:4B:1A
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/eV1MBuLVQZcQf5imWGKycS6ASxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.64.0-143.196.123.255
143.196.191.0/24
Signature Algorithm: sha256WithRSAEncryption
49:8e:7e:23:98:53:2c:73:1d:c4:53:8a:98:43:0c:6f:8c:09:
4d:56:e7:83:f1:53:22:13:e4:84:93:e9:71:90:bf:26:de:b1:
75:ee:65:ec:cd:89:db:6c:be:c5:9d:f0:69:99:db:96:01:e7:
a5:4c:fa:57:bd:c2:23:34:ce:00:c5:07:ad:7b:6c:7d:8a:71:
ca:d5:01:42:85:ce:dd:ea:55:ca:ef:0f:d8:c7:45:d1:ae:2c:
52:48:14:33:e3:b5:14:93:38:d3:f6:61:e5:6a:b1:a7:f8:f9:
e0:50:73:eb:9a:0c:7a:0f:f9:dd:88:4b:0e:0f:0f:21:1c:b5:
ba:6a:ca:3d:31:9b:a7:e9:5f:01:e3:d2:ae:95:af:67:8f:f8:
f8:e5:75:15:b6:21:91:82:a7:c9:2e:41:ed:92:2b:1c:0b:16:
9e:37:b5:4b:3e:72:f1:bb:19:d0:a9:cc:f5:42:3a:0c:9e:11:
53:d1:a4:62:ef:fd:15:de:df:bf:3d:02:2e:37:82:15:03:56:
e2:03:9e:d6:37:1d:73:0d:80:b5:37:c6:aa:32:b3:84:14:6d:
9e:1a:1a:c0:80:9b:11:d3:52:22:c2:e0:c6:2c:8d:d3:29:92:
d3:7a:64:ce:e0:fa:ad:d3:7b:09:56:d1:95:c2:36:42:ee:90:
d2:f2:04:f2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsuEBeQChpOt44TYJNt9UgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjMwMTAxMDk0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTVkNGMwNmUyZDU0MTk3MTA3Zjk4YTY1ODYyYjI3MTJlODA0YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz5c5XxO4sFt6l5cC0K8yZXjVks2
gcmq1016vA91zHJURPPF04L5V22KT1blPjKny4p1AYLU1nE4nIJ9ppRZYM7Hvc3L
mTcpmX+Rch3LmcjWpbu3BfwyXK7OcnS++6sBzP77vkWzik00z+3R1sOubmZVP8Co
aBS+TWR5ZYrXQ9izQSKKKqTrSi8inbc9yJxpEAQVCIa40YyPOcowFvT1ejOgG4PF
KVpVX44a9ipZUAn5NVbY+nVLNBtBy0qviD/edaKmu/toGS7PZJ15rwun/zon81VK
uarhYbg6gGtv3wfqFC60z1RMd6CNHl0BfI2lU3Tx6IuPI4dk3gRVcWOXBQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHldTAbi1UGXEH+YplhisnEugEsaMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEvZVYxTUJ1TFZRWmNRZjVpbVdHS3ljUzZBU3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi
LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAaPxEAD
BAKPxHgDBACPxL8wDQYJKoZIhvcNAQELBQADggEBAEmOfiOYUyxzHcRTiphDDG+M
CU1W54PxUyIT5IST6XGQvybesXXuZezNidtsvsWd8GmZ25YB56VM+le9wiM0zgDF
B617bH2KccrVAUKFzt3qVcrvD9jHRdGuLFJIFDPjtRSTONP2YeVqsaf4+eBQc+ua
DHoP+d2ISw4PDyEctbpqyj0xm6fpXwHj0q6Vr2eP+PjldRW2IZGCp8kuQe2SKxwL
Fp43tUs+cvG7GdCpzPVCOgyeEVPRpGLv/RXe3789Ai43ghUDVuIDntY3HXMNgLU3
xqoys4QUbZ4aGsCAmxHTUiLC4MYsjdMpktN6ZM7g+q3TewlW0ZXCNkLukNLyBPI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:50 2025 by rpki-client