Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/M51eOghM6vRTdhFtBAgYey-RcXc.roa
File: M51eOghM6vRTdhFtBAgYey-RcXc.roa (raw, json)
Hash identifier: 8borC0+/04MIievBU+VqdiX+3tMuKPK1MUMu6V4afpo=
Subject key identifier: 33:9D:5E:3A:08:4C:EA:F4:53:76:11:6D:04:08:18:7B:2F:91:71:77
Certificate issuer: /CN=0bb71e4264ce62c35e1cee64d18765d33290f2a4
Certificate serial: 018570307BC0EA9B8AFB68DB1B755E7F9794
Authority key identifier: 0B:B7:1E:42:64:CE:62:C3:5E:1C:EE:64:D1:87:65:D3:32:90:F2:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/M51eOghM6vRTdhFtBAgYey-RcXc.roa
Signing time: Mon 02 Jan 2023 01:55:03 +0000
ROA not before: Mon 02 Jan 2023 01:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207470
IP address blocks: 193.104.98.0/24 maxlen: 24
193.104.110.0/24 maxlen: 24
193.104.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:7b:c0:ea:9b:8a:fb:68:db:1b:75:5e:7f:97:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb71e4264ce62c35e1cee64d18765d33290f2a4
Validity
Not Before: Jan 2 01:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=339d5e3a084ceaf45376116d0408187b2f917177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:75:a5:42:d5:df:64:8d:18:d4:30:36:4e:46:
26:55:3e:f8:57:34:1e:5b:f5:f2:67:1e:e6:5e:d5:
a7:d9:4f:b5:31:b1:82:1c:6e:9c:34:3b:12:3c:af:
0c:59:dc:61:82:dd:11:c0:8f:5d:2a:67:0a:94:fd:
76:cf:f5:c1:c4:92:9c:3e:5c:3d:23:4f:dd:33:54:
f3:21:b4:ca:2a:99:8e:b8:4f:e0:6c:82:2a:1a:15:
ca:95:8d:d0:3d:f0:5b:c2:59:e4:ac:ce:61:4d:9b:
34:9d:ed:e4:b9:1c:95:0c:bc:d2:91:4a:94:b3:62:
c8:cd:1c:5d:f7:ab:a9:4e:00:79:0e:aa:39:d0:96:
f1:2c:b8:d3:79:df:99:e1:d1:b3:9e:4e:e8:67:67:
d4:ba:80:e3:47:96:e5:f2:f0:2e:28:7e:21:e6:61:
82:2b:77:19:5a:00:58:18:43:ac:38:21:e6:7a:b5:
d2:83:0e:2c:01:a3:84:b8:15:3d:d8:26:d3:06:02:
b8:2a:da:b8:44:94:2f:fe:9f:bd:3c:1f:df:0b:e0:
0f:4c:36:1e:19:1b:dc:a6:f5:05:04:b1:1f:f2:4f:
46:3f:e4:11:c3:8b:ef:c4:a9:eb:36:c2:57:2c:f8:
5b:fd:35:ca:72:fe:99:df:45:d9:c5:b6:9a:57:17:
fe:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9D:5E:3A:08:4C:EA:F4:53:76:11:6D:04:08:18:7B:2F:91:71:77
X509v3 Authority Key Identifier:
keyid:0B:B7:1E:42:64:CE:62:C3:5E:1C:EE:64:D1:87:65:D3:32:90:F2:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/M51eOghM6vRTdhFtBAgYey-RcXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.98.0/24
193.104.110.0/24
193.104.130.0/24
Signature Algorithm: sha256WithRSAEncryption
76:b6:84:fe:6d:13:b3:80:af:ab:f1:ac:38:95:64:24:73:06:
d7:ce:8c:ff:9d:d0:09:ce:3a:64:f7:6c:2b:59:cc:4a:41:2e:
d5:61:d6:08:fc:de:a6:f3:6b:14:dc:f1:b4:a7:f9:9b:3e:40:
2d:8d:0d:1d:c8:cf:18:fd:c4:63:f0:2f:9e:52:df:4f:51:22:
d5:d2:b5:a3:19:d9:60:56:dd:0b:aa:5d:7e:45:d7:1f:02:19:
8e:73:39:d3:7d:78:d2:f3:79:1c:d3:9e:b9:df:27:a3:04:cf:
43:99:81:a7:9d:cb:95:26:42:5f:88:8e:ea:23:8a:4d:90:da:
f1:9a:95:06:6e:7d:55:29:0a:48:5e:5c:a8:d0:f5:be:3e:0e:
71:1e:d2:b6:0b:8c:d2:be:8b:86:8d:99:2f:23:ba:58:75:7e:
dd:6a:12:6d:f2:1c:bc:f6:e5:7a:42:e5:b3:d4:6c:ce:7f:50:
be:ea:4d:29:8a:6d:d4:fd:01:bc:1e:09:f9:54:5d:aa:f1:b7:
a5:93:3c:07:22:0c:25:46:a0:33:ef:91:d9:93:ff:8d:c6:9c:
47:0a:78:1e:a2:93:94:f6:e1:0e:cd:12:30:cc:55:f2:c0:6a:
30:96:5e:92:71:ab:15:1c:5a:30:b8:c9:ef:60:f1:bc:cf:11:
1f:dc:89:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwMHvA6puK+2jbG3Vef5eUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjcxZTQyNjRjZTYyYzM1ZTFjZWU2NGQxODc2NWQzMzI5
MGYyYTQwHhcNMjMwMTAyMDE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzlkNWUzYTA4NGNlYWY0NTM3NjExNmQwNDA4MTg3YjJmOTE3MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXWlQtXfZI0Y1DA2TkYmVT74VzQe
W/XyZx7mXtWn2U+1MbGCHG6cNDsSPK8MWdxhgt0RwI9dKmcKlP12z/XBxJKcPlw9
I0/dM1TzIbTKKpmOuE/gbIIqGhXKlY3QPfBbwlnkrM5hTZs0ne3kuRyVDLzSkUqU
s2LIzRxd96upTgB5Dqo50JbxLLjTed+Z4dGznk7oZ2fUuoDjR5bl8vAuKH4h5mGC
K3cZWgBYGEOsOCHmerXSgw4sAaOEuBU92CbTBgK4Ktq4RJQv/p+9PB/fC+APTDYe
GRvcpvUFBLEf8k9GP+QRw4vvxKnrNsJXLPhb/TXKcv6Z30XZxbaaVxf+jwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDOdXjoITOr0U3YRbQQIGHsvkXF3MB8GA1UdIwQY
MBaAFAu3HkJkzmLDXhzuZNGHZdMykPKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdjZVFtVE9Zc05lSE81azBZZGwwektROHFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xM2RhMDktNWUwZS00NWNiLTk1YTMt
Y2E1NDU4MzhhZmMwLzEvTTUxZU9naE02dlJUZGhGdEJBZ1lleS1SY1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xM2RhMDktNWUwZS00NWNiLTk1YTMtY2E1NDU4MzhhZmMw
LzEvQzdjZVFtVE9Zc05lSE81azBZZGwwektROHFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwWhiAwQA
wWhuAwQAwWiCMA0GCSqGSIb3DQEBCwUAA4IBAQB2toT+bROzgK+r8aw4lWQkcwbX
zoz/ndAJzjpk92wrWcxKQS7VYdYI/N6m82sU3PG0p/mbPkAtjQ0dyM8Y/cRj8C+e
Ut9PUSLV0rWjGdlgVt0Lql1+RdcfAhmOcznTfXjS83kc05653yejBM9DmYGnncuV
JkJfiI7qI4pNkNrxmpUGbn1VKQpIXlyo0PW+Pg5xHtK2C4zSvouGjZkvI7pYdX7d
ahJt8hy89uV6QuWz1GzOf1C+6k0pim3U/QG8Hgn5VF2q8belkzwHIgwlRqAz75HZ
k/+NxpxHCngeopOU9uEOzRIwzFXywGowll6ScasVHFowuMnvYPG8zxEf3Il4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:10 2025 by rpki-client