Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/32ab16-8f6d-414d-80cf-0a86358e9c84/1/50oKCaOSMxeq4hrwk-w85wYdGSU.roa
File: 50oKCaOSMxeq4hrwk-w85wYdGSU.roa (raw, json)
Hash identifier: mIam5MHIs+Pz5JH1dsExc9yHqTcU5eoeAy49bEeRyD4=
Subject key identifier: E7:4A:0A:09:A3:92:33:17:AA:E2:1A:F0:93:EC:3C:E7:06:1D:19:25
Certificate issuer: /CN=d796afc54fe63ed1740d5e896b3f591b1184f6dc
Certificate serial: 01BF52
Authority key identifier: D7:96:AF:C5:4F:E6:3E:D1:74:0D:5E:89:6B:3F:59:1B:11:84:F6:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15avxU_mPtF0DV6Jaz9ZGxGE9tw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/32ab16-8f6d-414d-80cf-0a86358e9c84/1/50oKCaOSMxeq4hrwk-w85wYdGSU.roa
Signing time: Wed 02 Mar 2022 07:00:38 +0000
ROA not before: Wed 02 Mar 2022 07:00:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12509
IP address blocks: 194.153.79.0/24 maxlen: 24
91.194.176.0/24 maxlen: 24
2001:67c:368::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114514 (0x1bf52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d796afc54fe63ed1740d5e896b3f591b1184f6dc
Validity
Not Before: Mar 2 07:00:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e74a0a09a3923317aae21af093ec3ce7061d1925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:db:6d:20:32:4c:7a:69:8a:9c:6d:35:5e:
d1:34:08:c8:0a:51:d5:92:3f:7b:57:c3:d2:49:bf:
ae:b4:33:d3:10:f2:06:8b:1f:8d:4f:a4:e6:89:8f:
2b:70:df:55:d5:bb:be:6a:6d:22:20:3c:f5:b9:8c:
48:ee:5b:44:03:36:ed:c9:cf:cc:b5:e4:a2:32:a3:
3c:d6:69:8e:a0:cf:77:95:3f:fd:9c:8a:13:87:c7:
6d:1e:93:b0:0a:bc:f7:9e:70:b7:e7:4c:df:0d:af:
a6:fa:b5:02:e9:38:a4:6f:35:5f:dd:b7:20:d9:ac:
7f:83:bd:38:15:d3:fc:37:77:e0:24:8c:2d:d6:d8:
a0:bf:82:8b:bd:bf:6b:6c:9f:78:c0:dc:f0:af:53:
fd:80:db:c8:50:56:9a:88:f2:f6:0a:fa:63:c5:de:
32:38:7c:69:b9:0a:47:68:96:d6:58:de:e1:99:85:
3f:0d:81:8e:61:36:9b:38:9b:49:9b:d8:cb:78:ee:
6e:8c:d9:74:0c:c2:01:ca:4e:7e:55:97:53:73:fb:
19:c2:ad:1c:69:be:18:ee:31:02:7e:4c:bb:6a:2f:
ff:de:7c:dc:44:c5:63:2b:86:43:6c:ad:4c:d9:37:
fc:e9:07:09:77:b9:80:4b:c2:15:e3:d0:92:d4:63:
e0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4A:0A:09:A3:92:33:17:AA:E2:1A:F0:93:EC:3C:E7:06:1D:19:25
X509v3 Authority Key Identifier:
keyid:D7:96:AF:C5:4F:E6:3E:D1:74:0D:5E:89:6B:3F:59:1B:11:84:F6:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15avxU_mPtF0DV6Jaz9ZGxGE9tw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/32ab16-8f6d-414d-80cf-0a86358e9c84/1/50oKCaOSMxeq4hrwk-w85wYdGSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/32ab16-8f6d-414d-80cf-0a86358e9c84/1/15avxU_mPtF0DV6Jaz9ZGxGE9tw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.176.0/24
194.153.79.0/24
IPv6:
2001:67c:368::/48
Signature Algorithm: sha256WithRSAEncryption
07:43:e8:5c:da:74:c0:de:b4:d4:a1:58:cb:4e:d8:8a:9f:38:
94:5d:37:a6:05:c1:9e:14:7f:78:f6:0a:3e:f6:e3:db:38:32:
d6:4c:03:d5:86:47:00:f3:d2:21:85:c3:e3:1c:57:aa:6f:51:
f2:94:ca:b1:11:07:8a:a5:2e:94:b5:0c:58:c3:d2:21:f1:c7:
74:c0:d5:0a:81:79:ac:50:a6:9c:17:4e:5a:92:f3:06:5a:10:
3e:93:2a:78:fe:3b:b8:9c:d4:ec:11:61:13:00:1c:fe:9e:1d:
73:5b:03:fb:da:e3:2e:f0:bb:8e:61:63:30:55:09:6c:a6:32:
a4:e3:8f:91:2a:d7:f4:f7:b3:88:4c:06:db:42:d7:7c:92:74:
47:8b:24:3f:e4:a7:3a:f7:bc:a9:cd:55:47:43:74:4b:6d:cf:
70:c0:4d:49:1e:53:48:f6:84:63:0d:2d:b9:09:1b:1a:c8:71:
cb:0c:57:b7:28:ea:41:10:58:9e:9a:e2:81:90:ea:65:5f:d8:
b3:55:dd:7a:ac:20:20:80:29:df:9f:ee:8a:c4:bd:b0:6e:ee:
2d:70:04:ca:6b:09:2d:02:de:c9:2a:d1:63:10:bb:e1:1c:00:
81:b2:de:79:69:06:32:76:81:bf:68:f6:2f:8a:55:7f:3c:78:
cf:76:fb:cc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIDAb9SMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ3
OTZhZmM1NGZlNjNlZDE3NDBkNWU4OTZiM2Y1OTFiMTE4NGY2ZGMwHhcNMjIwMzAy
MDcwMDM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNzRhMGEwOWEzOTIz
MzE3YWFlMjFhZjA5M2VjM2NlNzA2MWQxOTI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsQzbbSAyTHppipxtNV7RNAjIClHVkj97V8PSSb+utDPTEPIG
ix+NT6TmiY8rcN9V1bu+am0iIDz1uYxI7ltEAzbtyc/MteSiMqM81mmOoM93lT/9
nIoTh8dtHpOwCrz3nnC350zfDa+m+rUC6TikbzVf3bcg2ax/g704FdP8N3fgJIwt
1tigv4KLvb9rbJ94wNzwr1P9gNvIUFaaiPL2Cvpjxd4yOHxpuQpHaJbWWN7hmYU/
DYGOYTabOJtJm9jLeO5ujNl0DMIByk5+VZdTc/sZwq0cab4Y7jECfky7ai//3nzc
RMVjK4ZDbK1M2Tf86QcJd7mAS8IV49CS1GPgzQIDAQABo4ICIDCCAhwwHQYDVR0O
BBYEFOdKCgmjkjMXquIa8JPsPOcGHRklMB8GA1UdIwQYMBaAFNeWr8VP5j7RdA1e
iWs/WRsRhPbcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MTVhdnhVX21QdEYwRFY2SmF6OVpHeEdFOXR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mMi8zMmFiMTYtOGY2ZC00MTRkLTgwY2YtMGE4NjM1OGU5Yzg0LzEv
NTBvS0NhT1NNeGVxNGhyd2stdzg1d1lkR1NVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8z
MmFiMTYtOGY2ZC00MTRkLTgwY2YtMGE4NjM1OGU5Yzg0LzEvMTVhdnhVX21QdEYw
RFY2SmF6OVpHeEdFOXR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYG
CCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW8KwAwQAwplPMA8EAgACMAkDBwAg
AQZ8A2gwDQYJKoZIhvcNAQELBQADggEBAAdD6FzadMDetNShWMtO2IqfOJRdN6YF
wZ4Uf3j2Cj7249s4MtZMA9WGRwDz0iGFw+McV6pvUfKUyrERB4qlLpS1DFjD0iHx
x3TA1QqBeaxQppwXTlqS8wZaED6TKnj+O7ic1OwRYRMAHP6eHXNbA/va4y7wu45h
YzBVCWymMqTjj5Eq1/T3s4hMBttC13ySdEeLJD/kpzr3vKnNVUdDdEttz3DATUke
U0j2hGMNLbkJGxrIccsMV7co6kEQWJ6a4oGQ6mVf2LNV3XqsICCAKd+f7orEvbBu
7i1wBMprCS0C3skq0WMQu+EcAIGy3nlpBjJ2gb9o9i+KVX88eM92+8w=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:15 2025 by rpki-client