Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/51885b-5693-4892-a1d4-1a19792a1d26/1/qe8Z_8l6rNlbcaN_0p5VBv07k-g.roa
File: qe8Z_8l6rNlbcaN_0p5VBv07k-g.roa (raw, json)
Hash identifier: K5k8TromXVp5dYi8M20eyymMSW1fXlHaqOEqjNXmk4Y=
Subject key identifier: A9:EF:19:FF:C9:7A:AC:D9:5B:71:A3:7F:D2:9E:55:06:FD:3B:93:E8
Certificate issuer: /CN=cd2d0e39d78fc6202255a5b4adb54583d9deddce
Certificate serial: 0186FE51ED20519B5A51605BAB8A3AD0091B
Authority key identifier: CD:2D:0E:39:D7:8F:C6:20:22:55:A5:B4:AD:B5:45:83:D9:DE:DD:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zS0OOdePxiAiVaW0rbVFg9ne3c4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/51885b-5693-4892-a1d4-1a19792a1d26/1/qe8Z_8l6rNlbcaN_0p5VBv07k-g.roa
Signing time: Mon 20 Mar 2023 09:20:27 +0000
ROA not before: Mon 20 Mar 2023 09:20:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12611
IP address blocks: 193.23.119.0/24 maxlen: 24
194.150.226.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:51:ed:20:51:9b:5a:51:60:5b:ab:8a:3a:d0:09:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd2d0e39d78fc6202255a5b4adb54583d9deddce
Validity
Not Before: Mar 20 09:20:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ef19ffc97aacd95b71a37fd29e5506fd3b93e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:57:64:36:35:6d:33:68:99:ec:68:3f:f7:d5:
6e:e2:02:d1:7e:2c:75:86:77:6b:42:79:c1:67:a3:
8f:e4:b3:ce:0a:49:6c:6e:e8:8d:31:4e:5c:5e:52:
8d:f3:2e:f6:f3:ac:f8:b3:66:eb:ea:72:f0:4d:b0:
f1:53:34:41:41:98:be:30:30:ef:ef:3e:ba:25:24:
f2:98:c2:0e:3a:e2:ef:6b:6b:9d:5a:58:47:35:6c:
be:29:e7:15:50:8c:56:58:87:8a:fb:e9:bc:a9:2c:
07:14:8d:c2:34:97:f6:9f:b2:72:c9:5c:8a:db:ae:
ab:32:d4:3b:db:06:5e:78:cf:d1:35:3a:c6:44:40:
1c:fd:ef:85:b0:d2:04:a9:8b:31:7a:af:f0:72:56:
86:10:2a:36:7a:16:2b:33:84:97:e2:b9:29:c1:c0:
22:66:d3:8d:58:1f:f0:a6:c1:a2:ed:d8:39:5b:a8:
f0:08:d1:16:61:6d:2e:e4:53:f9:68:27:79:f3:e9:
75:b4:c7:92:6e:fc:03:5d:36:f7:90:07:a1:f3:d6:
1b:18:af:2b:1c:3e:f5:c1:53:7c:89:6f:57:fa:00:
7c:20:8d:b8:77:aa:4e:0b:70:4a:ea:71:f1:0d:c0:
04:7e:ab:36:58:1e:b8:a4:18:d6:17:bc:41:0a:f9:
a3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:EF:19:FF:C9:7A:AC:D9:5B:71:A3:7F:D2:9E:55:06:FD:3B:93:E8
X509v3 Authority Key Identifier:
keyid:CD:2D:0E:39:D7:8F:C6:20:22:55:A5:B4:AD:B5:45:83:D9:DE:DD:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zS0OOdePxiAiVaW0rbVFg9ne3c4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/51885b-5693-4892-a1d4-1a19792a1d26/1/qe8Z_8l6rNlbcaN_0p5VBv07k-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/51885b-5693-4892-a1d4-1a19792a1d26/1/zS0OOdePxiAiVaW0rbVFg9ne3c4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.119.0/24
194.150.226.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:ed:cd:30:29:11:0c:0c:59:33:62:98:d7:be:e5:25:33:49:
6a:1e:8a:06:b4:fe:7a:5d:f0:f1:46:27:43:fc:e5:ea:46:48:
dc:07:ab:29:c4:e4:7b:d9:8b:55:f1:c2:39:da:f0:fa:a2:61:
78:14:e9:f2:ea:ad:cb:fd:5b:24:c1:4f:1f:ba:88:5f:1d:0c:
64:58:d7:a5:10:5e:9c:25:5f:af:f3:a5:a7:c0:d8:e8:0b:5a:
7f:51:15:66:62:d8:8f:46:2f:7c:a4:4f:61:c7:9d:ab:64:f0:
f6:e8:5e:af:a2:0f:d4:da:1c:3d:83:60:31:7c:a4:dd:4b:f5:
0b:a2:b3:9b:74:b4:4b:10:ee:26:3f:7c:ba:e7:e3:3a:89:03:
d5:58:e4:b9:58:3e:e2:80:b9:f7:01:5c:2d:24:dc:ea:3c:e6:
e2:85:a7:cd:22:59:ba:66:04:10:c1:3f:e5:88:c4:45:36:f4:
e6:ae:05:a1:35:de:27:79:29:c9:f2:d5:ec:40:f4:85:98:5d:
87:e7:24:27:a0:d8:76:71:36:1a:d5:a6:bb:0d:d1:7b:f3:8b:
4e:63:20:91:2c:55:99:1a:11:f7:4b:4a:5e:2b:51:7d:c3:1f:
34:43:d0:02:4b:33:3a:88:4a:c4:53:4b:c7:83:3e:6f:db:6a:
c2:f4:cc:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYb+Ue0gUZtaUWBbq4o60AkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMmQwZTM5ZDc4ZmM2MjAyMjU1YTViNGFkYjU0NTgzZDlk
ZWRkY2UwHhcNMjMwMzIwMDkyMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWVmMTlmZmM5N2FhY2Q5NWI3MWEzN2ZkMjllNTUwNmZkM2I5M2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVdkNjVtM2iZ7Gg/99Vu4gLRfix1
hndrQnnBZ6OP5LPOCklsbuiNMU5cXlKN8y7286z4s2br6nLwTbDxUzRBQZi+MDDv
7z66JSTymMIOOuLva2udWlhHNWy+KecVUIxWWIeK++m8qSwHFI3CNJf2n7JyyVyK
266rMtQ72wZeeM/RNTrGREAc/e+FsNIEqYsxeq/wclaGECo2ehYrM4SX4rkpwcAi
ZtONWB/wpsGi7dg5W6jwCNEWYW0u5FP5aCd58+l1tMeSbvwDXTb3kAeh89YbGK8r
HD71wVN8iW9X+gB8II24d6pOC3BK6nHxDcAEfqs2WB64pBjWF7xBCvmj7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKnvGf/JeqzZW3Gjf9KeVQb9O5PoMB8GA1UdIwQY
MBaAFM0tDjnXj8YgIlWltK21RYPZ3t3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelMwT09kZVB4aUFpVmFXMHJiVkZnOW5lM2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS81MTg4NWItNTY5My00ODkyLWExZDQt
MWExOTc5MmExZDI2LzEvcWU4Wl84bDZyTmxiY2FOXzBwNVZCdjA3ay1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS81MTg4NWItNTY5My00ODkyLWExZDQtMWExOTc5MmExZDI2
LzEvelMwT09kZVB4aUFpVmFXMHJiVkZnOW5lM2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRd3AwQB
wpbiMA0GCSqGSIb3DQEBCwUAA4IBAQCt7c0wKREMDFkzYpjXvuUlM0lqHooGtP56
XfDxRidD/OXqRkjcB6spxOR72YtV8cI52vD6omF4FOny6q3L/VskwU8fuohfHQxk
WNelEF6cJV+v86WnwNjoC1p/URVmYtiPRi98pE9hx52rZPD26F6vog/U2hw9g2Ax
fKTdS/ULorObdLRLEO4mP3y65+M6iQPVWOS5WD7igLn3AVwtJNzqPObihafNIlm6
ZgQQwT/liMRFNvTmrgWhNd4neSnJ8tXsQPSFmF2H5yQnoNh2cTYa1aa7DdF784tO
YyCRLFWZGhH3S0peK1F9wx80Q9ACSzM6iErEU0vHgz5v22rC9My6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:45 2025 by rpki-client