Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/ldHNtqehV_cyQuuZEX2lxkXaVFo.roa
File: ldHNtqehV_cyQuuZEX2lxkXaVFo.roa (raw, json)
Hash identifier: /7d0RwrOWrugsIdlYPgLfZq4QkHrBZkHyvkDMDVrYRY=
Subject key identifier: 95:D1:CD:B6:A7:A1:57:F7:32:42:EB:99:11:7D:A5:C6:45:DA:54:5A
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018572C37A5B9D7C109899AD605051E09FA8
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/ldHNtqehV_cyQuuZEX2lxkXaVFo.roa
Signing time: Mon 02 Jan 2023 13:54:51 +0000
ROA not before: Mon 02 Jan 2023 13:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206185
IP address blocks: 194.126.164.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:7a:5b:9d:7c:10:98:99:ad:60:50:51:e0:9f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 2 13:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95d1cdb6a7a157f73242eb99117da5c645da545a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:6d:22:9b:a9:89:af:61:2f:88:a8:dd:02:
2c:8e:40:72:d6:47:37:5b:7f:8b:7a:3a:e5:8f:e5:
b1:a8:cb:c8:41:46:8b:0a:55:c2:fc:8a:a6:6c:82:
c9:24:80:1f:6e:c5:87:e5:8c:63:6e:a9:73:b1:7b:
a4:e0:00:1f:1a:ce:7c:68:08:22:f2:56:83:85:51:
c5:e8:48:e4:eb:09:97:29:e5:35:fb:ad:c9:6f:5a:
b6:18:a1:6b:29:8f:e2:f6:bd:3c:f4:67:59:dd:05:
7c:81:47:c3:31:1a:3c:18:51:e8:c3:b2:5f:78:dc:
cb:af:b7:ee:9c:9b:64:13:9b:63:75:a1:27:d3:83:
f3:96:e2:d8:be:d8:6b:ae:a6:98:91:bc:9d:df:64:
0a:99:1d:8d:64:e9:c8:0d:0a:40:44:9c:88:f8:71:
06:b0:2e:26:30:8b:e5:b2:97:4c:4b:5d:25:04:2d:
84:74:77:99:7e:b5:1f:0c:65:f2:14:fe:6f:6a:3f:
c5:cb:63:c2:10:d0:fa:87:f1:e7:e2:4f:9e:e8:cf:
da:b4:11:c4:b7:a1:0c:79:7d:d0:39:ec:45:8b:65:
fa:63:ff:52:3c:4b:a7:a0:1f:6a:2a:7a:61:ed:ce:
c5:4d:f3:ae:fb:1f:55:e3:eb:5b:3c:dc:d5:d9:10:
b9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D1:CD:B6:A7:A1:57:F7:32:42:EB:99:11:7D:A5:C6:45:DA:54:5A
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/ldHNtqehV_cyQuuZEX2lxkXaVFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.164.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:1d:72:1a:3d:c1:82:00:df:7c:e7:5c:33:42:6b:2f:19:7b:
7b:35:0e:f2:29:9a:cd:86:eb:d1:d6:3d:bc:b6:85:16:a6:23:
75:36:f0:27:3f:10:56:c7:ef:9d:9e:6b:6e:fe:25:e0:35:51:
a3:27:4f:8c:fd:05:df:5a:0f:79:89:86:14:5b:03:8d:77:6a:
f7:c1:35:26:92:d0:de:11:51:43:75:b2:50:27:c9:d8:76:24:
9e:3e:8d:35:17:50:80:09:cd:35:d1:7b:62:eb:fa:c7:61:a6:
04:8d:80:13:7e:6d:01:bf:97:c0:f3:ee:d2:b8:81:cd:b8:84:
aa:f5:67:fd:28:d5:a8:59:bc:30:b9:c3:71:d3:6f:ee:3a:08:
70:f7:c8:75:fb:c6:5d:21:30:f8:e2:98:6a:9b:95:92:c0:b3:
88:22:bc:24:dc:82:5d:90:d5:5a:af:f3:a1:bb:17:80:50:44:
db:38:67:43:ae:63:ea:09:8a:4b:d0:9e:a8:40:54:5c:8c:5d:
17:e0:4c:77:a0:c0:0e:5a:e8:fd:ea:19:af:66:45:76:ea:84:
35:5d:ac:c0:25:ad:c7:c5:7b:78:52:41:6f:d4:d5:92:9e:d3:
60:13:48:b1:a1:09:88:39:cc:fc:53:25:b0:50:e3:fe:c2:ff:
a5:04:4c:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw3pbnXwQmJmtYFBR4J+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjMwMTAyMTM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQxY2RiNmE3YTE1N2Y3MzI0MmViOTkxMTdkYTVjNjQ1ZGE1NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjhtIpupia9hL4io3QIsjkBy1kc3
W3+Lejrlj+WxqMvIQUaLClXC/IqmbILJJIAfbsWH5YxjbqlzsXuk4AAfGs58aAgi
8laDhVHF6Ejk6wmXKeU1+63Jb1q2GKFrKY/i9r089GdZ3QV8gUfDMRo8GFHow7Jf
eNzLr7funJtkE5tjdaEn04PzluLYvthrrqaYkbyd32QKmR2NZOnIDQpARJyI+HEG
sC4mMIvlspdMS10lBC2EdHeZfrUfDGXyFP5vaj/Fy2PCEND6h/Hn4k+e6M/atBHE
t6EMeX3QOexFi2X6Y/9SPEunoB9qKnph7c7FTfOu+x9V4+tbPNzV2RC5WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXRzbanoVf3MkLrmRF9pcZF2lRaMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvbGRITnRxZWhWX2N5UXV1WkVYMmx4a1hhVkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwn6kMA0G
CSqGSIb3DQEBCwUAA4IBAQC3HXIaPcGCAN9851wzQmsvGXt7NQ7yKZrNhuvR1j28
toUWpiN1NvAnPxBWx++dnmtu/iXgNVGjJ0+M/QXfWg95iYYUWwONd2r3wTUmktDe
EVFDdbJQJ8nYdiSePo01F1CACc010Xti6/rHYaYEjYATfm0Bv5fA8+7SuIHNuISq
9Wf9KNWoWbwwucNx02/uOghw98h1+8ZdITD44phqm5WSwLOIIrwk3IJdkNVar/Oh
uxeAUETbOGdDrmPqCYpL0J6oQFRcjF0X4Ex3oMAOWuj96hmvZkV26oQ1XazAJa3H
xXt4UkFv1NWSntNgE0ixoQmIOcz8UyWwUOP+wv+lBEzA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:45 2025 by rpki-client