Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/fAsa0EY_JuJnzA1Ed8quiRoTIJY.roa
File: fAsa0EY_JuJnzA1Ed8quiRoTIJY.roa (raw, json)
Hash identifier: hJMkDpEHjZ3wBMtPR/pJqpA/L/SxPaz4pI5j+INWnJI=
Subject key identifier: 7C:0B:1A:D0:46:3F:26:E2:67:CC:0D:44:77:CA:AE:89:1A:13:20:96
Certificate issuer: /CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Certificate serial: 01856E8217692F05810B02B02616C88D42B5
Authority key identifier: DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/fAsa0EY_JuJnzA1Ed8quiRoTIJY.roa
Signing time: Sun 01 Jan 2023 18:04:57 +0000
ROA not before: Sun 01 Jan 2023 18:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54574
IP address blocks: 193.41.248.0/24 maxlen: 24
193.41.250.0/24 maxlen: 24
193.110.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:17:69:2f:05:81:0b:02:b0:26:16:c8:8d:42:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Validity
Not Before: Jan 1 18:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c0b1ad0463f26e267cc0d4477caae891a132096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:89:4f:60:7f:ac:94:06:fa:e1:f3:93:b6:
da:61:4f:35:65:5f:98:ac:a5:84:f4:c7:a2:a5:f8:
31:0f:8b:56:6a:04:ad:fb:81:77:34:cf:f9:a2:08:
58:48:9c:cc:bc:e7:13:d2:af:70:b5:58:3c:69:9a:
fa:04:8d:f2:c0:14:54:c7:40:82:c5:e6:8d:d8:04:
40:45:ed:5e:d1:d6:87:7d:3a:78:f4:8f:0a:1d:09:
a9:38:54:b8:dc:ab:51:c1:9e:d8:77:6b:c4:f5:49:
88:47:86:85:03:56:39:d7:a7:b4:f3:ef:41:b7:c0:
31:c5:76:03:c9:db:5e:1d:4e:9e:ff:38:71:f7:18:
b4:da:65:12:c3:4e:c5:71:fa:dc:bf:f3:1d:3c:b3:
79:1b:d6:3c:eb:e8:4e:8e:f7:3d:a9:83:52:2c:f2:
72:42:70:59:54:ff:2b:e0:9c:8c:f1:b0:9a:8d:4f:
7b:50:12:a2:01:d5:e6:e3:a8:a5:4e:c2:55:6d:62:
7b:86:d8:ef:0d:19:1f:47:6c:92:3b:13:9f:cd:2c:
ca:6b:49:00:94:d3:f7:68:31:21:8d:60:f8:62:ab:
07:ff:46:bf:36:83:a4:7f:db:a6:53:8c:70:e9:6f:
a7:32:ae:66:48:24:26:8f:39:dc:9f:9a:dd:30:39:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:0B:1A:D0:46:3F:26:E2:67:CC:0D:44:77:CA:AE:89:1A:13:20:96
X509v3 Authority Key Identifier:
keyid:DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/fAsa0EY_JuJnzA1Ed8quiRoTIJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/3L-wBIqNpVb9nT3xB3QC-EP11wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.248.0/24
193.41.250.0/24
193.110.200.0/22
Signature Algorithm: sha256WithRSAEncryption
78:7e:27:3b:30:be:eb:af:5c:8b:c7:59:f8:85:82:4d:ec:d2:
6e:f1:20:49:2b:e2:66:b0:76:0c:f6:62:4c:41:76:4e:a5:92:
ec:71:3f:b1:36:47:82:6a:b4:d7:aa:11:2f:bc:b5:67:c7:c3:
01:cc:66:ab:77:23:30:9c:97:22:47:ce:65:f5:1e:4d:7a:c8:
34:9d:cc:ae:0e:34:88:c9:1c:cf:a3:e8:b6:8c:4e:d9:ba:b0:
4e:26:1f:54:ba:0d:b4:ee:1c:6b:c5:f0:ac:df:19:6e:72:13:
5a:d3:60:93:8d:51:5b:a8:fd:d4:ee:c9:4a:4d:5b:cd:90:e6:
3b:a6:6d:76:78:49:a5:14:9a:b9:2e:95:e2:f4:55:b7:0b:e7:
a0:47:40:c8:80:c2:a3:ba:e0:7a:c6:08:e2:8f:d5:e2:29:7a:
5d:47:29:99:7c:21:ba:ea:80:0a:f5:2b:6c:6f:7b:28:bc:6f:
ce:11:e6:03:7a:36:20:3f:a8:87:76:3d:41:d2:74:48:eb:9a:
5d:bf:49:f0:5a:89:7c:89:a9:71:53:27:f2:3b:13:27:2c:60:
f6:0a:74:d2:8e:0b:2f:74:f4:24:c0:ef:a8:73:c4:4b:20:22:
b8:19:7c:91:02:34:f7:c7:b0:53:59:14:33:66:d8:d7:8b:e1:
b8:67:c9:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVughdpLwWBCwKwJhbIjUK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYmZiMDA0OGE4ZGE1NTZmZDlkM2RmMTA3NzQwMmY4NDNm
NWQ3MDMwHhcNMjMwMTAxMTgwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzBiMWFkMDQ2M2YyNmUyNjdjYzBkNDQ3N2NhYWU4OTFhMTMyMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHCJT2B/rJQG+uHzk7baYU81ZV+Y
rKWE9MeipfgxD4tWagSt+4F3NM/5oghYSJzMvOcT0q9wtVg8aZr6BI3ywBRUx0CC
xeaN2ARARe1e0daHfTp49I8KHQmpOFS43KtRwZ7Yd2vE9UmIR4aFA1Y516e08+9B
t8AxxXYDydteHU6e/zhx9xi02mUSw07Fcfrcv/MdPLN5G9Y86+hOjvc9qYNSLPJy
QnBZVP8r4JyM8bCajU97UBKiAdXm46ilTsJVbWJ7htjvDRkfR2ySOxOfzSzKa0kA
lNP3aDEhjWD4YqsH/0a/NoOkf9umU4xw6W+nMq5mSCQmjzncn5rdMDlA2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHwLGtBGPybiZ8wNRHfKrokaEyCWMB8GA1UdIwQY
MBaAFNy/sASKjaVW/Z098Qd0AvhD9dcDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0wtd0JJcU5wVmI5blQzeEIzUUMtRVAxMXdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9kY2I3MGQtNzk0Ny00NTY5LWJjODQt
ZTA2MGI0ZmNiY2NiLzEvZkFzYTBFWV9KdUpuekExRWQ4cXVpUm9USUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9kY2I3MGQtNzk0Ny00NTY5LWJjODQtZTA2MGI0ZmNiY2Ni
LzEvM0wtd0JJcU5wVmI5blQzeEIzUUMtRVAxMXdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwSn4AwQA
wSn6AwQCwW7IMA0GCSqGSIb3DQEBCwUAA4IBAQB4fic7ML7rr1yLx1n4hYJN7NJu
8SBJK+JmsHYM9mJMQXZOpZLscT+xNkeCarTXqhEvvLVnx8MBzGardyMwnJciR85l
9R5Nesg0ncyuDjSIyRzPo+i2jE7ZurBOJh9Uug207hxrxfCs3xluchNa02CTjVFb
qP3U7slKTVvNkOY7pm12eEmlFJq5LpXi9FW3C+egR0DIgMKjuuB6xgjij9XiKXpd
RymZfCG66oAK9Stsb3sovG/OEeYDejYgP6iHdj1B0nRI65pdv0nwWol8ialxUyfy
OxMnLGD2CnTSjgsvdPQkwO+oc8RLICK4GXyRAjT3x7BTWRQzZtjXi+G4Z8nI
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:02:33 2025 by rpki-client