Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/pCPbSlBKdcgKyxTO5mDPIH_WB4w.roa
File: pCPbSlBKdcgKyxTO5mDPIH_WB4w.roa (raw, json)
Hash identifier: AV4gUzELSiwCrO7aSgJE5BZN3vaF0xXYJZNM4yNgAgk=
Subject key identifier: A4:23:DB:4A:50:4A:75:C8:0A:CB:14:CE:E6:60:CF:20:7F:D6:07:8C
Certificate issuer: /CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159
Certificate serial: 018571DE7B7897B205C6AC3EC7C522C976EF
Authority key identifier: A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/pCPbSlBKdcgKyxTO5mDPIH_WB4w.roa
Signing time: Mon 02 Jan 2023 09:44:44 +0000
ROA not before: Mon 02 Jan 2023 09:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59601
IP address blocks: 94.124.204.0/23 maxlen: 24
2a0d:bd87::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:7b:78:97:b2:05:c6:ac:3e:c7:c5:22:c9:76:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159
Validity
Not Before: Jan 2 09:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a423db4a504a75c80acb14cee660cf207fd6078c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:56:92:d9:82:cf:c5:8a:db:5d:05:c7:f5:bc:
f8:ba:34:f3:a4:89:d3:33:ee:d9:5f:8b:b3:47:b7:
dd:9b:b4:0c:98:9c:df:a1:81:da:18:2a:37:29:4c:
35:93:ce:71:b9:ff:4e:1a:f4:bf:34:fd:0c:c2:6b:
c1:a0:f3:57:fd:2d:14:16:e5:58:6e:c0:f9:b9:ad:
06:b6:08:2a:86:49:3d:d1:86:0b:08:d0:60:56:0d:
29:5b:4c:80:2d:6b:0a:5f:9f:f2:43:9f:33:f7:5a:
5e:c0:86:d4:37:42:c0:a5:80:21:c7:4e:dc:5b:f6:
9a:aa:44:f2:61:60:5d:21:ab:de:66:48:20:b1:59:
c1:55:80:8b:4c:96:60:3d:5c:03:6a:ea:53:bd:59:
50:38:95:9c:aa:da:9f:02:93:ce:78:69:24:12:5c:
68:1a:cf:00:a1:c9:fd:82:99:77:84:43:bd:31:33:
59:26:b7:67:e0:07:a1:91:fc:3e:36:12:66:ff:71:
a7:5e:d3:84:ec:a7:a8:14:ac:c6:c4:5a:1a:df:e9:
21:40:62:1c:22:41:81:47:7b:60:a1:76:44:95:e5:
bb:de:05:04:4c:6a:6b:ec:d6:31:88:b8:00:d3:d7:
2f:db:92:e7:8b:45:b1:81:f4:dc:2b:12:91:e7:2f:
22:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:23:DB:4A:50:4A:75:C8:0A:CB:14:CE:E6:60:CF:20:7F:D6:07:8C
X509v3 Authority Key Identifier:
keyid:A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/pCPbSlBKdcgKyxTO5mDPIH_WB4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/o6qN0Rh2au07Ce1p8uR9wdLBYVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.204.0/23
IPv6:
2a0d:bd87::/32
Signature Algorithm: sha256WithRSAEncryption
8d:be:f7:69:33:14:fb:63:ce:81:a0:0c:7c:23:8a:49:29:e9:
69:f2:75:ad:f4:83:17:21:f8:c5:0a:79:90:02:45:f1:3d:30:
ce:60:97:8a:36:ec:9d:98:b0:c1:c3:b8:f8:89:57:96:3a:49:
d6:85:ef:cb:62:24:a9:a8:2a:67:e0:c9:79:7e:75:be:01:66:
bb:7d:a6:2b:41:bd:8b:a9:53:44:1f:e7:b9:6d:13:67:7a:79:
5d:45:c2:95:a5:c1:36:8f:4c:4c:57:b2:95:17:08:8e:ec:43:
06:d0:14:67:db:f6:49:ab:3d:66:3f:61:c2:c8:8d:af:c7:fd:
ab:17:a4:47:10:13:e3:5c:01:12:4e:de:cc:21:94:b0:7d:6c:
04:8b:a1:92:c0:8e:56:1c:5e:a4:5b:68:64:8d:1f:87:a4:16:
a4:9d:ed:b1:e8:01:b5:2b:3c:35:75:e1:bb:35:a6:0d:90:c7:
ef:68:f4:a7:14:1c:79:fa:c6:aa:bb:31:e7:49:cb:31:89:ff:
56:9f:d4:c3:01:17:99:49:5d:39:67:2a:85:a3:3b:aa:46:94:
84:f4:e4:86:34:62:37:77:8b:3f:79:10:c8:4c:ce:e5:e9:de:
f3:9c:2b:61:8c:a2:90:3b:68:39:09:e6:1e:41:45:a7:52:8b:
92:be:6e:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx3nt4l7IFxqw+x8UiyXbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYWE4ZGQxMTg3NjZhZWQzYjA5ZWQ2OWYyZTQ3ZGMxZDJj
MTYxNTkwHhcNMjMwMTAyMDk0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDIzZGI0YTUwNGE3NWM4MGFjYjE0Y2VlNjYwY2YyMDdmZDYwNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8laS2YLPxYrbXQXH9bz4ujTzpInT
M+7ZX4uzR7fdm7QMmJzfoYHaGCo3KUw1k85xuf9OGvS/NP0MwmvBoPNX/S0UFuVY
bsD5ua0Gtggqhkk90YYLCNBgVg0pW0yALWsKX5/yQ58z91pewIbUN0LApYAhx07c
W/aaqkTyYWBdIaveZkggsVnBVYCLTJZgPVwDaupTvVlQOJWcqtqfApPOeGkkElxo
Gs8Aocn9gpl3hEO9MTNZJrdn4Aehkfw+NhJm/3GnXtOE7KeoFKzGxFoa3+khQGIc
IkGBR3tgoXZEleW73gUETGpr7NYxiLgA09cv25Lni0WxgfTcKxKR5y8iBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKQj20pQSnXICssUzuZgzyB/1geMMB8GA1UdIwQY
MBaAFKOqjdEYdmrtOwntafLkfcHSwWFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZxTjBSaDJhdTA3Q2UxcDh1Ujl3ZExCWVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zOTFlNTQtYzIxYS00MDVhLTg4YWEt
NjA3OTc4OTEwMGNhLzEvcENQYlNsQktkY2dLeXhUTzVtRFBJSF9XQjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zOTFlNTQtYzIxYS00MDVhLTg4YWEtNjA3OTc4OTEwMGNh
LzEvbzZxTjBSaDJhdTA3Q2UxcDh1Ujl3ZExCWVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBXnzMMA0E
AgACMAcDBQAqDb2HMA0GCSqGSIb3DQEBCwUAA4IBAQCNvvdpMxT7Y86BoAx8I4pJ
Kelp8nWt9IMXIfjFCnmQAkXxPTDOYJeKNuydmLDBw7j4iVeWOknWhe/LYiSpqCpn
4Ml5fnW+AWa7faYrQb2LqVNEH+e5bRNnenldRcKVpcE2j0xMV7KVFwiO7EMG0BRn
2/ZJqz1mP2HCyI2vx/2rF6RHEBPjXAESTt7MIZSwfWwEi6GSwI5WHF6kW2hkjR+H
pBakne2x6AG1Kzw1deG7NaYNkMfvaPSnFBx5+saquzHnScsxif9Wn9TDAReZSV05
ZyqFozuqRpSE9OSGNGI3d4s/eRDITM7l6d7znCthjKKQO2g5CeYeQUWnUouSvm4j
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:22 2025 by rpki-client