Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/RKeTKmprMS1_FKnFWEU_AQ8inEQ.roa
File: RKeTKmprMS1_FKnFWEU_AQ8inEQ.roa (raw, json)
Hash identifier: nOSPAGIv4lQHKSOQpNrCXhTB1d5puIQld47lwCnmZe8=
Subject key identifier: 44:A7:93:2A:6A:6B:31:2D:7F:14:A9:C5:58:45:3F:01:0F:22:9C:44
Certificate issuer: /CN=1102fc0d9ff86fe65c14469d55046e2053bfe5ca
Certificate serial: 0184CDCAF60990C52D6A0CCF67A754A11292
Authority key identifier: 11:02:FC:0D:9F:F8:6F:E6:5C:14:46:9D:55:04:6E:20:53:BF:E5:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EQL8DZ_4b-ZcFEadVQRuIFO_5co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/RKeTKmprMS1_FKnFWEU_AQ8inEQ.roa
Signing time: Thu 01 Dec 2022 13:05:41 +0000
ROA not before: Thu 01 Dec 2022 13:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12795
IP address blocks: 194.246.110.0/24 maxlen: 24
194.246.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:ca:f6:09:90:c5:2d:6a:0c:cf:67:a7:54:a1:12:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1102fc0d9ff86fe65c14469d55046e2053bfe5ca
Validity
Not Before: Dec 1 13:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44a7932a6a6b312d7f14a9c558453f010f229c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0d:52:24:df:c4:0a:f3:34:ca:76:f3:ca:15:
a8:b1:90:55:89:05:b6:52:59:13:09:bf:18:2b:d9:
0e:81:91:e4:da:ca:b5:ab:e2:c3:14:f5:7c:c3:ad:
cd:93:94:d8:c1:bc:5f:6a:e1:9a:32:70:24:fe:20:
e7:14:dd:e0:a4:dd:1e:10:34:4b:c0:f3:4f:50:46:
eb:10:1e:92:d1:d2:50:a4:5e:07:c2:e9:09:94:f0:
ed:75:18:fc:ac:63:46:a5:a6:5e:fd:6a:7c:94:8f:
89:76:3f:ce:4d:c1:90:29:0a:a2:49:22:c4:35:30:
f7:b9:35:58:d7:26:7d:81:41:0e:a3:67:7f:ed:5a:
5a:fc:4e:8a:39:0f:1f:93:c5:de:fb:3c:aa:3c:8e:
1b:d2:e9:de:85:3a:2e:de:0a:90:67:ee:ff:07:c1:
f5:40:9f:a9:3a:93:57:4e:2e:02:ac:3a:61:7c:54:
a4:f3:ce:1e:f2:64:ce:f5:49:14:74:84:9d:bc:20:
33:65:aa:d4:7c:d4:40:0b:85:34:30:9e:68:a9:2c:
6a:49:81:4a:d8:6e:dd:0b:27:d2:f6:6b:13:2a:f7:
aa:5d:cc:8b:7f:c6:65:59:89:52:7a:f6:d3:40:29:
61:57:d3:4c:3d:36:6d:26:d2:ae:7b:c9:0b:89:75:
a2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A7:93:2A:6A:6B:31:2D:7F:14:A9:C5:58:45:3F:01:0F:22:9C:44
X509v3 Authority Key Identifier:
keyid:11:02:FC:0D:9F:F8:6F:E6:5C:14:46:9D:55:04:6E:20:53:BF:E5:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQL8DZ_4b-ZcFEadVQRuIFO_5co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/RKeTKmprMS1_FKnFWEU_AQ8inEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/EQL8DZ_4b-ZcFEadVQRuIFO_5co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.110.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:55:d3:be:58:9e:21:b1:ad:34:49:13:c1:ef:e7:3c:96:98:
65:8c:5a:83:ba:5c:5d:63:d9:0f:13:ed:55:9f:d5:79:a1:6d:
b3:ac:b7:8d:68:d6:03:e9:b5:bb:96:c3:36:a8:0a:4a:42:bc:
e8:c4:09:91:1b:17:76:e8:cc:42:cb:26:60:a1:4f:92:a9:b0:
1a:f9:85:04:50:7c:e5:07:d1:ea:ea:fd:e8:66:30:cf:75:f5:
88:af:45:23:97:a0:54:3d:e3:f3:93:d6:4d:96:68:ca:22:a9:
8e:94:a7:b4:9c:73:98:eb:ea:31:04:13:0d:ce:84:e4:e4:5a:
03:42:dc:dd:39:a3:d8:90:74:2e:e8:39:9e:a3:8e:fc:d0:a1:
52:b8:8b:99:e4:00:ea:4f:11:95:ef:6c:4a:42:2e:93:ed:c9:
fe:3d:04:36:48:06:7b:35:44:26:cb:88:b7:d0:93:61:97:20:
ad:0b:57:9c:df:7e:0b:16:72:0c:79:61:57:2e:c6:95:35:2e:
c2:98:8c:0b:f9:ce:2b:11:f5:92:a1:37:e9:48:f6:7a:0b:42:
96:44:ab:99:6d:71:15:d7:d1:1c:f8:23:98:15:47:9a:d4:de:
f7:97:92:3d:83:75:b0:9e:8c:14:f9:a1:ee:ca:ae:56:45:9a:
a3:64:6d:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTNyvYJkMUtagzPZ6dUoRKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMDJmYzBkOWZmODZmZTY1YzE0NDY5ZDU1MDQ2ZTIwNTNi
ZmU1Y2EwHhcNMjIxMjAxMTMwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGE3OTMyYTZhNmIzMTJkN2YxNGE5YzU1ODQ1M2YwMTBmMjI5YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA1SJN/ECvM0ynbzyhWosZBViQW2
UlkTCb8YK9kOgZHk2sq1q+LDFPV8w63Nk5TYwbxfauGaMnAk/iDnFN3gpN0eEDRL
wPNPUEbrEB6S0dJQpF4HwukJlPDtdRj8rGNGpaZe/Wp8lI+Jdj/OTcGQKQqiSSLE
NTD3uTVY1yZ9gUEOo2d/7Vpa/E6KOQ8fk8Xe+zyqPI4b0unehTou3gqQZ+7/B8H1
QJ+pOpNXTi4CrDphfFSk884e8mTO9UkUdISdvCAzZarUfNRAC4U0MJ5oqSxqSYFK
2G7dCyfS9msTKveqXcyLf8ZlWYlSevbTQClhV9NMPTZtJtKue8kLiXWi+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESnkypqazEtfxSpxVhFPwEPIpxEMB8GA1UdIwQY
MBaAFBEC/A2f+G/mXBRGnVUEbiBTv+XKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVFMOERaXzRiLVpjRkVhZFZRUnVJRk9fNWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zMDlkNTctZWM4Mi00YjUzLWJlZTQt
MzQwM2NkYWQyYzY3LzEvUktlVEttcHJNUzFfRktuRldFVV9BUThpbkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zMDlkNTctZWM4Mi00YjUzLWJlZTQtMzQwM2NkYWQyYzY3
LzEvRVFMOERaXzRiLVpjRkVhZFZRUnVJRk9fNWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwvZuMA0G
CSqGSIb3DQEBCwUAA4IBAQCpVdO+WJ4hsa00SRPB7+c8lphljFqDulxdY9kPE+1V
n9V5oW2zrLeNaNYD6bW7lsM2qApKQrzoxAmRGxd26MxCyyZgoU+SqbAa+YUEUHzl
B9Hq6v3oZjDPdfWIr0Ujl6BUPePzk9ZNlmjKIqmOlKe0nHOY6+oxBBMNzoTk5FoD
QtzdOaPYkHQu6Dmeo4780KFSuIuZ5ADqTxGV72xKQi6T7cn+PQQ2SAZ7NUQmy4i3
0JNhlyCtC1ec334LFnIMeWFXLsaVNS7CmIwL+c4rEfWSoTfpSPZ6C0KWRKuZbXEV
19Ec+COYFUea1N73l5I9g3WwnowU+aHuyq5WRZqjZG2F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:56 2025 by rpki-client