Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/IpOLtAz7PRPE2lWU3v9N6xLfprA.roa
File: IpOLtAz7PRPE2lWU3v9N6xLfprA.roa (raw, json)
Hash identifier: Y2NeUinASZ46UTkUSQRVlAbg5nzA2XeIMqjWfbwfXfY=
Subject key identifier: 22:93:8B:B4:0C:FB:3D:13:C4:DA:55:94:DE:FF:4D:EB:12:DF:A6:B0
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 37FB0994
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/IpOLtAz7PRPE2lWU3v9N6xLfprA.roa
Signing time: Mon 03 Jan 2022 14:59:36 +0000
ROA not before: Mon 03 Jan 2022 14:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207886
IP address blocks: 193.104.67.0/24 maxlen: 24
193.104.7.0/24 maxlen: 24
193.104.12.0/24 maxlen: 24
193.104.41.0/24 maxlen: 24
2a10:8140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939198868 (0x37fb0994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 3 14:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22938bb40cfb3d13c4da5594deff4deb12dfa6b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0a:34:4d:e7:b4:71:85:03:dc:59:fa:24:92:
82:3f:88:55:ec:31:15:ef:d7:d8:3c:86:3b:3e:34:
c3:b5:b2:95:6d:40:c7:c9:1a:1d:7f:3d:76:71:4b:
fe:0c:7a:82:5a:8c:1d:b0:b0:19:9e:8c:57:86:64:
13:7c:cf:45:65:82:b6:17:7e:05:02:97:bb:be:ec:
f6:86:7b:23:17:8a:5b:eb:71:a7:81:8e:d0:52:bc:
58:08:be:40:07:43:b2:02:60:d7:ad:68:65:95:54:
7a:79:7f:a2:a3:3b:c6:b6:c1:49:04:e8:62:cf:28:
78:be:c4:1f:76:2d:11:51:1a:64:af:18:64:01:83:
87:72:a1:96:86:5f:02:0a:ba:27:2d:5e:0e:dc:2c:
dc:8a:12:1e:4e:fc:1b:63:6d:d5:76:3a:dd:71:ee:
d7:08:1a:10:8e:c7:b2:b9:03:5a:d2:79:8f:d3:4e:
37:7f:5e:09:ae:97:d3:94:fb:68:14:19:ad:18:ff:
90:84:23:63:c3:21:09:91:4d:4f:7c:9e:e8:0a:86:
99:0e:4c:13:13:c2:b1:9e:6a:81:7f:29:db:2f:f7:
ad:47:a7:98:56:53:e8:b0:7a:bd:6b:9b:15:af:3d:
86:c9:49:8a:89:b0:dd:9c:4a:b6:de:e0:5b:07:f1:
37:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:93:8B:B4:0C:FB:3D:13:C4:DA:55:94:DE:FF:4D:EB:12:DF:A6:B0
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/IpOLtAz7PRPE2lWU3v9N6xLfprA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.7.0/24
193.104.12.0/24
193.104.41.0/24
193.104.67.0/24
IPv6:
2a10:8140::/29
Signature Algorithm: sha256WithRSAEncryption
a1:67:48:be:61:eb:17:d0:e2:cf:f9:d3:6d:b2:1e:46:71:75:
07:72:e7:c3:d6:cb:c6:4e:f6:cc:45:41:8b:24:51:27:e7:73:
1d:93:8a:5a:e3:1e:26:90:56:aa:3f:d2:35:24:b4:4f:e6:ce:
a6:59:57:d8:29:35:b5:d3:cb:d1:c9:e9:49:91:b1:a1:15:3a:
9a:c3:c7:72:f3:97:e9:b3:c9:b3:f9:a3:58:e8:e2:b4:81:17:
0b:71:0d:f5:f4:65:a4:c2:a8:14:26:60:cc:f5:e1:8d:81:d0:
db:3c:e0:9e:8b:23:4c:88:03:fd:42:1f:26:e7:b8:2d:f3:c7:
4f:bd:d0:a4:62:8a:89:d0:93:e7:61:ee:2b:db:57:c2:fa:6a:
71:4c:07:73:e5:6d:50:1d:71:45:3c:38:66:e2:c8:9d:d6:d7:
e5:34:54:bb:3b:9c:1f:77:74:84:76:ef:74:74:bc:27:98:f5:
c2:d8:02:35:88:9c:62:f0:bd:59:2c:4b:76:14:d1:b5:19:c9:
ee:7d:16:97:22:cb:6a:94:5c:05:ea:3f:fc:3d:3f:b8:1a:0a:
eb:16:64:ef:ac:72:7c:e2:54:5b:7c:5f:63:c0:17:7b:41:43:
f1:11:96:cc:40:a5:7b:1e:cb:63:ae:90:86:5c:3f:ce:b8:4e:
f2:c3:e2:b0
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEN/sJlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTlmMGY1ZmY2MjBlMGRiNTMxMWY2NDczNjkwOTk3M2FjNjBmNmYzMB4XDTIyMDEw
MzE0NTkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI5MzhiYjQwY2Zi
M2QxM2M0ZGE1NTk0ZGVmZjRkZWIxMmRmYTZiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYKNE3ntHGFA9xZ+iSSgj+IVewxFe/X2DyGOz40w7WylW1A
x8kaHX89dnFL/gx6glqMHbCwGZ6MV4ZkE3zPRWWCthd+BQKXu77s9oZ7IxeKW+tx
p4GO0FK8WAi+QAdDsgJg161oZZVUenl/oqM7xrbBSQToYs8oeL7EH3YtEVEaZK8Y
ZAGDh3KhloZfAgq6Jy1eDtws3IoSHk78G2Nt1XY63XHu1wgaEI7HsrkDWtJ5j9NO
N39eCa6X05T7aBQZrRj/kIQjY8MhCZFNT3ye6AqGmQ5MExPCsZ5qgX8p2y/3rUen
mFZT6LB6vWubFa89hslJiomw3ZxKtt7gWwfxN3MCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQik4u0DPs9E8TaVZTe/03rEt+msDAfBgNVHSMEGDAWgBQ1nw9f9iDg21MR
9kc2kJlzrGD28zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05aOFBYX1lnNE50VEVmWkhOcENaYzZ4Zzl2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8x
L0lwT0x0QXo3UFJQRTJsV1UzdjlONnhMZnByQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8xL05aOFBYX1lnNE50
VEVmWkhOcENaYzZ4Zzl2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAMFoBwMEAMFoDAMEAMFoKQMEAMFo
QzANBAIAAjAHAwUDKhCBQDANBgkqhkiG9w0BAQsFAAOCAQEAoWdIvmHrF9Diz/nT
bbIeRnF1B3Lnw9bLxk72zEVBiyRRJ+dzHZOKWuMeJpBWqj/SNSS0T+bOpllX2Ck1
tdPL0cnpSZGxoRU6msPHcvOX6bPJs/mjWOjitIEXC3EN9fRlpMKoFCZgzPXhjYHQ
2zzgnosjTIgD/UIfJue4LfPHT73QpGKKidCT52HuK9tXwvpqcUwHc+VtUB1xRTw4
ZuLIndbX5TRUuzucH3d0hHbvdHS8J5j1wtgCNYicYvC9WSxLdhTRtRnJ7n0WlyLL
apRcBeo//D0/uBoK6xZk76xyfOJUW3xfY8AXe0FD8RGWzEClex7LY66Qhlw/zrhO
8sPisA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:32 2024 by rpki-client on console-ams.rpki-client.org