Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/CRtGp2MsNulhzJM4h4mecsGwI10.roa
File: CRtGp2MsNulhzJM4h4mecsGwI10.roa (raw, json)
Hash identifier: oWDDwURVfu6Uo6hFb1zJol7+RLYdSTfDbUwRok8hz2w=
Subject key identifier: 09:1B:46:A7:63:2C:36:E9:61:CC:93:38:87:89:9E:72:C1:B0:23:5D
Certificate issuer: /CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Certificate serial: 06B1D74E
Authority key identifier: BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/CRtGp2MsNulhzJM4h4mecsGwI10.roa
Signing time: Sat 01 Jan 2022 00:52:44 +0000
ROA not before: Sat 01 Jan 2022 00:52:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207811
IP address blocks: 194.31.93.0/24 maxlen: 24
194.31.220.0/24 maxlen: 24
194.31.193.0/24 maxlen: 24
194.31.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112318286 (0x6b1d74e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Validity
Not Before: Jan 1 00:52:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=091b46a7632c36e961cc933887899e72c1b0235d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cf:e7:ac:8d:1d:18:6e:f2:e1:c8:90:e7:0c:
a5:86:4e:44:3f:18:10:4c:97:e1:b7:e3:ea:bf:c7:
cf:d3:24:09:b6:44:f1:01:f8:ec:1f:5b:2f:9f:75:
cb:e3:39:6c:88:94:cf:32:c6:1b:68:08:35:ab:f2:
51:3d:02:1e:50:0b:dd:3a:f3:8c:f3:80:a7:63:1a:
02:52:8c:cf:c5:b6:0d:39:b1:bb:10:9e:1e:93:08:
29:9b:83:42:46:3d:bb:a3:36:42:3f:90:f0:3c:d7:
ff:c7:f6:c8:a8:69:9e:3b:dc:a9:20:e4:9c:50:1f:
af:c9:dc:a7:50:4f:09:a8:8f:3d:d8:79:43:52:ae:
8e:76:21:1d:a3:89:56:c8:89:e4:2e:4c:d2:56:16:
ad:36:ae:22:7b:e6:00:61:e0:5e:1d:a5:1e:7e:3b:
e8:ba:ae:74:45:82:b4:5b:62:0f:23:30:51:5f:15:
ec:6a:ba:11:0e:b4:f3:4c:c9:2d:cd:8d:2f:67:c0:
cf:05:d6:f4:fe:17:da:c3:93:6c:da:47:72:90:dc:
89:10:1d:16:b9:d8:55:65:77:44:6f:f8:08:ae:89:
f5:7e:1f:39:39:14:8f:23:19:4f:4a:ee:50:6f:2e:
c1:e8:14:41:fa:95:d4:5c:5c:b6:21:88:3c:82:26:
a9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1B:46:A7:63:2C:36:E9:61:CC:93:38:87:89:9E:72:C1:B0:23:5D
X509v3 Authority Key Identifier:
keyid:BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/CRtGp2MsNulhzJM4h4mecsGwI10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.93.0/24
194.31.193.0/24
194.31.199.0/24
194.31.220.0/24
Signature Algorithm: sha256WithRSAEncryption
36:bc:63:f2:b7:00:ab:79:95:4b:bc:2e:e4:d6:f5:84:a9:c2:
f2:fd:ed:98:e8:70:c0:68:4a:25:ec:bc:ad:4e:ee:59:06:10:
39:09:0c:70:d0:9d:b0:9d:38:7d:da:9a:6a:57:68:48:ae:44:
27:8e:20:3f:8f:73:ef:ca:c3:38:ed:ef:dc:08:41:fa:ce:82:
2d:14:02:5e:9e:94:14:5d:a4:dd:21:eb:7e:aa:2d:da:78:1a:
42:0d:15:3e:69:59:f6:7d:61:ce:fe:f8:2b:17:23:00:40:0a:
3e:0f:6b:73:5f:fc:2f:27:2b:55:89:6d:af:2c:98:02:97:67:
84:65:48:ab:51:02:7b:5f:c9:82:3e:73:4f:df:38:27:ac:71:
97:8b:33:1b:1c:74:f3:d7:ef:66:0a:bd:9e:28:2c:62:45:db:
9f:ed:f9:5b:33:3c:ab:d6:78:9f:be:fe:d9:5e:7a:38:a7:b9:
7c:8c:b5:73:11:13:e2:dc:25:f6:4a:bc:b5:de:ef:e0:af:27:
ae:12:23:51:7f:b3:7b:f1:8b:a2:4e:29:f1:7c:54:dd:d8:11:
a3:ee:3d:27:86:c6:e2:4f:3c:bf:1f:9a:fc:eb:9b:c3:5f:a8:
31:05:75:9a:3d:b3:7d:69:42:7c:3d:da:72:1b:6d:be:99:f2:
e7:47:e3:09
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBrHXTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmJiMmE0MzAyMDk0ZjRjM2Y1YmFkYTU0N2VmNGY3ZWRlMThlOTAzMB4XDTIyMDEw
MTAwNTI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDkxYjQ2YTc2MzJj
MzZlOTYxY2M5MzM4ODc4OTllNzJjMWIwMjM1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7P56yNHRhu8uHIkOcMpYZORD8YEEyX4bfj6r/Hz9MkCbZE
8QH47B9bL591y+M5bIiUzzLGG2gINavyUT0CHlAL3TrzjPOAp2MaAlKMz8W2DTmx
uxCeHpMIKZuDQkY9u6M2Qj+Q8DzX/8f2yKhpnjvcqSDknFAfr8ncp1BPCaiPPdh5
Q1KujnYhHaOJVsiJ5C5M0lYWrTauInvmAGHgXh2lHn476LqudEWCtFtiDyMwUV8V
7Gq6EQ6080zJLc2NL2fAzwXW9P4X2sOTbNpHcpDciRAdFrnYVWV3RG/4CK6J9X4f
OTkUjyMZT0ruUG8uwegUQfqV1FxctiGIPIImqesCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQJG0anYyw26WHMkziHiZ5ywbAjXTAfBgNVHSMEGDAWgBS7uypDAglPTD9b
raVH709+3hjpAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U3c3FRd0lKVDB3X1c2MmxSLTlQZnQ0WTZRTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYzM5OWE0LTUzYjYtNDI3MS05YjkwLTMyYmYxNjQxZmIzYi8x
L0NSdEdwMk1zTnVsaHpKTTRoNG1lY3NHd0kxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YzM5OWE0LTUzYjYtNDI3MS05YjkwLTMyYmYxNjQxZmIzYi8xL3U3c3FRd0lKVDB3
X1c2MmxSLTlQZnQ0WTZRTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMIfXQMEAMIfwQMEAMIfxwMEAMIf
3DANBgkqhkiG9w0BAQsFAAOCAQEANrxj8rcAq3mVS7wu5Nb1hKnC8v3tmOhwwGhK
Jey8rU7uWQYQOQkMcNCdsJ04fdqaaldoSK5EJ44gP49z78rDOO3v3AhB+s6CLRQC
Xp6UFF2k3SHrfqot2ngaQg0VPmlZ9n1hzv74KxcjAEAKPg9rc1/8LycrVYltryyY
ApdnhGVIq1ECe1/Jgj5zT984J6xxl4szGxx089fvZgq9nigsYkXbn+35WzM8q9Z4
n77+2V56OKe5fIy1cxET4twl9kq8td7v4K8nrhIjUX+ze/GLok4p8XxU3dgRo+49
J4bG4k88vx+a/Oubw1+oMQV1mj2zfWlCfD3achttvpny50fjCQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:15 2025 by rpki-client