Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/6bb7cb-d0ed-4650-ad0a-27a474505499/1/3qI86RWz2PyHJb-EyXGvOGsuTTI.roa
File: 3qI86RWz2PyHJb-EyXGvOGsuTTI.roa (raw, json)
Hash identifier: Pk00bLLjGVe/WFt+Shtc4AfmOT4nwMvi55VJjwAcFns=
Subject key identifier: DE:A2:3C:E9:15:B3:D8:FC:87:25:BF:84:C9:71:AF:38:6B:2E:4D:32
Certificate issuer: /CN=d0e65bec5c765c850ee8ff97cc41b38031d1d83a
Certificate serial: 0185887FE8080E0450E706E97E9B2DDE6385
Authority key identifier: D0:E6:5B:EC:5C:76:5C:85:0E:E8:FF:97:CC:41:B3:80:31:D1:D8:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OZb7Fx2XIUO6P-XzEGzgDHR2Do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/6bb7cb-d0ed-4650-ad0a-27a474505499/1/3qI86RWz2PyHJb-EyXGvOGsuTTI.roa
Signing time: Fri 06 Jan 2023 19:12:41 +0000
ROA not before: Fri 06 Jan 2023 19:12:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34885
IP address blocks: 193.138.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:88:7f:e8:08:0e:04:50:e7:06:e9:7e:9b:2d:de:63:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e65bec5c765c850ee8ff97cc41b38031d1d83a
Validity
Not Before: Jan 6 19:12:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dea23ce915b3d8fc8725bf84c971af386b2e4d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:05:e6:f8:ee:7b:1e:a6:5e:18:46:a1:a1:eb:
e8:b7:a2:78:b1:8b:1b:23:0c:cc:72:96:f4:1a:00:
73:3c:0a:45:fc:24:fa:5b:e3:99:2a:fd:30:fe:f6:
20:4c:ff:7b:c1:e7:7d:83:25:24:9e:fb:b4:c7:08:
01:a4:0e:df:a5:3a:73:01:ea:cf:d1:28:f1:63:f2:
77:fd:d5:70:52:71:60:18:e0:a4:4e:cc:e5:72:78:
62:ca:32:99:19:9d:89:0a:aa:69:3e:25:8d:95:05:
fe:7e:e4:7b:49:eb:a3:9c:74:2e:fb:58:66:3c:8c:
51:dd:2d:43:78:6e:2d:85:7b:3e:42:f2:03:48:14:
53:db:e1:6b:47:1a:62:1f:bf:13:ea:b1:5c:e1:e6:
1e:a2:8f:65:4f:7a:b9:10:0d:04:f3:13:a4:6e:16:
b9:0c:5a:3f:07:68:9b:bb:b9:2d:d0:b1:ce:c5:77:
5e:c6:91:a7:0e:3d:2e:f0:79:ef:f2:da:51:fc:14:
ab:e3:09:50:d9:5e:d3:79:85:3e:71:fa:a7:29:e5:
00:14:1c:d8:fd:b5:cd:f1:83:97:d3:2c:f5:fa:9c:
41:af:2d:e1:8a:8e:14:2d:2b:eb:ab:91:29:d5:1d:
b6:7c:75:11:51:33:8f:7f:4e:47:60:03:27:05:dd:
cf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A2:3C:E9:15:B3:D8:FC:87:25:BF:84:C9:71:AF:38:6B:2E:4D:32
X509v3 Authority Key Identifier:
keyid:D0:E6:5B:EC:5C:76:5C:85:0E:E8:FF:97:CC:41:B3:80:31:D1:D8:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OZb7Fx2XIUO6P-XzEGzgDHR2Do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/6bb7cb-d0ed-4650-ad0a-27a474505499/1/3qI86RWz2PyHJb-EyXGvOGsuTTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/6bb7cb-d0ed-4650-ad0a-27a474505499/1/0OZb7Fx2XIUO6P-XzEGzgDHR2Do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.0.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f6:e4:a3:f8:c5:ca:22:75:52:6d:57:a0:43:3e:e3:74:30:
76:07:4f:55:6e:11:93:6d:02:bf:e9:42:11:9c:89:28:8b:35:
c7:4e:65:db:28:21:52:e3:e4:d7:de:d3:5c:e2:2f:95:f9:f9:
f8:2e:db:a4:05:32:94:b6:5e:c8:c4:10:14:a8:6c:f3:7a:54:
a1:9c:57:93:43:7f:4f:c4:4a:d9:42:58:6e:cc:9a:70:0a:c3:
2c:09:c7:83:2d:18:88:78:f6:2e:5d:ba:6b:82:a7:c6:3e:2b:
4a:5f:9e:2c:0d:e3:67:80:c7:3e:91:3c:2c:55:2c:46:8e:15:
56:48:ec:a2:39:33:7a:9a:7e:71:f4:3a:f5:a5:74:08:49:2a:
24:54:34:a2:8b:cc:08:f8:4d:1b:4f:43:e3:3e:27:5f:15:ec:
55:07:99:02:10:55:47:dc:68:48:72:a4:c5:3f:77:12:32:b0:
32:bd:c6:f8:ab:64:38:00:11:64:48:98:25:c6:4c:3d:bc:54:
49:de:b8:12:2c:8c:4b:e2:05:86:9b:50:7e:d3:75:77:ce:15:
d8:2d:51:44:a5:5a:bb:28:fe:9d:0d:bf:3a:76:cf:08:28:0b:
27:34:ee:13:18:60:9d:6f:dc:f4:ac:ad:74:b5:ab:53:62:ce:
24:a6:8d:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWIf+gIDgRQ5wbpfpst3mOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZTY1YmVjNWM3NjVjODUwZWU4ZmY5N2NjNDFiMzgwMzFk
MWQ4M2EwHhcNMjMwMTA2MTkxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWEyM2NlOTE1YjNkOGZjODcyNWJmODRjOTcxYWYzODZiMmU0ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wXm+O57HqZeGEahoevot6J4sYsb
IwzMcpb0GgBzPApF/CT6W+OZKv0w/vYgTP97wed9gyUknvu0xwgBpA7fpTpzAerP
0SjxY/J3/dVwUnFgGOCkTszlcnhiyjKZGZ2JCqppPiWNlQX+fuR7SeujnHQu+1hm
PIxR3S1DeG4thXs+QvIDSBRT2+FrRxpiH78T6rFc4eYeoo9lT3q5EA0E8xOkbha5
DFo/B2ibu7kt0LHOxXdexpGnDj0u8Hnv8tpR/BSr4wlQ2V7TeYU+cfqnKeUAFBzY
/bXN8YOX0yz1+pxBry3hio4ULSvrq5Ep1R22fHURUTOPf05HYAMnBd3PRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6iPOkVs9j8hyW/hMlxrzhrLk0yMB8GA1UdIwQY
MBaAFNDmW+xcdlyFDuj/l8xBs4Ax0dg6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME9aYjdGeDJYSVVPNlAtWHpFR3pnREhSMkRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82YmI3Y2ItZDBlZC00NjUwLWFkMGEt
MjdhNDc0NTA1NDk5LzEvM3FJODZSV3oyUHlISmItRXlYR3ZPR3N1VFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82YmI3Y2ItZDBlZC00NjUwLWFkMGEtMjdhNDc0NTA1NDk5
LzEvME9aYjdGeDJYSVVPNlAtWHpFR3pnREhSMkRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYoAMA0G
CSqGSIb3DQEBCwUAA4IBAQBs9uSj+MXKInVSbVegQz7jdDB2B09VbhGTbQK/6UIR
nIkoizXHTmXbKCFS4+TX3tNc4i+V+fn4LtukBTKUtl7IxBAUqGzzelShnFeTQ39P
xErZQlhuzJpwCsMsCceDLRiIePYuXbprgqfGPitKX54sDeNngMc+kTwsVSxGjhVW
SOyiOTN6mn5x9Dr1pXQISSokVDSii8wI+E0bT0PjPidfFexVB5kCEFVH3GhIcqTF
P3cSMrAyvcb4q2Q4ABFkSJglxkw9vFRJ3rgSLIxL4gWGm1B+03V3zhXYLVFEpVq7
KP6dDb86ds8IKAsnNO4TGGCdb9z0rK10tatTYs4kpo0y
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:34:13 2025 by rpki-client