Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/a352ba-c228-4a15-9168-303b8bc28bfa/1/RgL_QKmWQPF94dTjKg8Nxs7iVgs.roa
File: RgL_QKmWQPF94dTjKg8Nxs7iVgs.roa (raw, json)
Hash identifier: RRsL7ea1szmNm4BYNh8Z1XECVAQYuXPf282TChJdNxQ=
Subject key identifier: 46:02:FF:40:A9:96:40:F1:7D:E1:D4:E3:2A:0F:0D:C6:CE:E2:56:0B
Certificate issuer: /CN=893a58124ce9cc43783955255e7f583905cdb14e
Certificate serial: 018571CC293359E444DC1AB4BE91FF0ECF24
Authority key identifier: 89:3A:58:12:4C:E9:CC:43:78:39:55:25:5E:7F:58:39:05:CD:B1:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iTpYEkzpzEN4OVUlXn9YOQXNsU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/a352ba-c228-4a15-9168-303b8bc28bfa/1/RgL_QKmWQPF94dTjKg8Nxs7iVgs.roa
Signing time: Mon 02 Jan 2023 09:24:43 +0000
ROA not before: Mon 02 Jan 2023 09:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41743
IP address blocks: 193.187.156.0/22 maxlen: 22
2a09:c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:29:33:59:e4:44:dc:1a:b4:be:91:ff:0e:cf:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=893a58124ce9cc43783955255e7f583905cdb14e
Validity
Not Before: Jan 2 09:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4602ff40a99640f17de1d4e32a0f0dc6cee2560b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9d:5b:0a:69:e1:c1:26:82:0d:5d:1d:74:79:
ba:2f:40:eb:03:16:bb:56:84:ff:76:e5:c1:e0:66:
94:d7:99:40:40:c5:49:ab:c2:75:e2:0f:0a:41:5f:
9b:1c:36:d5:fe:98:42:39:77:04:de:0b:7a:1e:c8:
09:84:e7:77:50:4a:f3:95:8d:d4:2c:bc:62:f5:3c:
ab:25:dc:b3:4f:ad:63:09:aa:93:86:bf:e0:00:45:
d0:43:c4:d3:f5:78:10:a3:92:a6:a4:8c:1c:36:18:
d0:19:66:64:96:3a:e2:ba:41:22:48:61:4f:89:4c:
36:d0:3d:a0:cb:c0:aa:f7:d5:d9:8e:b4:5c:40:e5:
a2:af:c8:d6:41:c9:30:98:fa:40:20:b1:76:d7:65:
8c:6a:8c:7b:64:51:f7:6d:70:d7:31:f7:f1:9a:fa:
fa:0b:38:bb:47:51:de:6c:75:11:6a:00:2c:18:a6:
1e:04:67:28:6f:33:dc:72:e6:9e:0a:60:fb:64:43:
2a:a7:ab:a5:1a:49:b5:70:0b:39:3c:ac:56:78:bc:
44:48:0f:58:07:18:00:12:35:50:17:b7:e7:4e:f3:
51:d7:f1:d6:12:0b:c6:07:40:70:f4:0c:72:c2:d7:
59:cc:71:8e:7f:fd:d1:57:86:d2:69:b7:81:29:18:
54:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:02:FF:40:A9:96:40:F1:7D:E1:D4:E3:2A:0F:0D:C6:CE:E2:56:0B
X509v3 Authority Key Identifier:
keyid:89:3A:58:12:4C:E9:CC:43:78:39:55:25:5E:7F:58:39:05:CD:B1:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTpYEkzpzEN4OVUlXn9YOQXNsU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a352ba-c228-4a15-9168-303b8bc28bfa/1/RgL_QKmWQPF94dTjKg8Nxs7iVgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a352ba-c228-4a15-9168-303b8bc28bfa/1/iTpYEkzpzEN4OVUlXn9YOQXNsU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.156.0/22
IPv6:
2a09:c80::/29
Signature Algorithm: sha256WithRSAEncryption
57:54:2f:d7:5b:be:d6:bb:81:58:cf:dd:8e:6e:c0:cc:73:76:
d1:04:8c:b4:28:fd:93:e0:45:25:dd:5e:05:11:36:ee:39:3a:
e0:30:80:5c:23:19:2e:f4:78:68:89:9e:6d:d3:e9:2f:c3:cc:
39:30:d0:7c:6b:b9:c0:0f:73:4b:30:92:97:30:44:50:3c:07:
09:a5:e8:ef:75:8e:84:8f:86:12:77:2e:ab:a5:73:f1:c1:cb:
05:9c:f4:08:32:ec:a8:fa:36:a4:31:e4:78:79:31:0e:2e:52:
59:70:09:0d:f6:54:eb:c4:d4:ad:25:5b:2a:f6:85:0c:00:bb:
02:f6:e8:bc:0d:b7:88:3d:e0:b1:c8:e5:fe:7c:f8:06:de:c9:
1d:4b:3e:55:33:ed:cb:bc:52:78:18:52:d6:f9:fd:b7:a1:b7:
7f:3d:06:19:e3:6e:4a:d8:5a:f3:01:e8:37:71:f1:71:a5:5e:
b3:84:b0:ff:0d:19:31:20:b6:f0:18:20:81:a8:8a:0f:c1:61:
25:05:3a:24:de:7c:4a:7d:91:ef:6f:17:82:94:2a:5f:fe:39:
e8:92:82:4a:b9:6e:78:01:fc:f1:bc:9d:ac:61:f6:52:a8:7a:
ec:81:36:3c:d2:17:30:64:06:b0:93:db:b8:d7:8a:bb:ad:b0:
c1:fe:dc:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxzCkzWeRE3Bq0vpH/Ds8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5M2E1ODEyNGNlOWNjNDM3ODM5NTUyNTVlN2Y1ODM5MDVj
ZGIxNGUwHhcNMjMwMTAyMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjAyZmY0MGE5OTY0MGYxN2RlMWQ0ZTMyYTBmMGRjNmNlZTI1NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp1bCmnhwSaCDV0ddHm6L0DrAxa7
VoT/duXB4GaU15lAQMVJq8J14g8KQV+bHDbV/phCOXcE3gt6HsgJhOd3UErzlY3U
LLxi9TyrJdyzT61jCaqThr/gAEXQQ8TT9XgQo5KmpIwcNhjQGWZkljriukEiSGFP
iUw20D2gy8Cq99XZjrRcQOWir8jWQckwmPpAILF212WMaox7ZFH3bXDXMffxmvr6
Czi7R1HebHURagAsGKYeBGcobzPccuaeCmD7ZEMqp6ulGkm1cAs5PKxWeLxESA9Y
BxgAEjVQF7fnTvNR1/HWEgvGB0Bw9AxywtdZzHGOf/3RV4bSabeBKRhUbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEYC/0CplkDxfeHU4yoPDcbO4lYLMB8GA1UdIwQY
MBaAFIk6WBJM6cxDeDlVJV5/WDkFzbFOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRwWUVrenB6RU40T1ZVbFhuOVlPUVhOc1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hMzUyYmEtYzIyOC00YTE1LTkxNjgt
MzAzYjhiYzI4YmZhLzEvUmdMX1FLbVdRUEY5NGRUaktnOE54czdpVmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hMzUyYmEtYzIyOC00YTE1LTkxNjgtMzAzYjhiYzI4YmZh
LzEvaVRwWUVrenB6RU40T1ZVbFhuOVlPUVhOc1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbucMA0E
AgACMAcDBQMqCQyAMA0GCSqGSIb3DQEBCwUAA4IBAQBXVC/XW77Wu4FYz92ObsDM
c3bRBIy0KP2T4EUl3V4FETbuOTrgMIBcIxku9HhoiZ5t0+kvw8w5MNB8a7nAD3NL
MJKXMERQPAcJpejvdY6Ej4YSdy6rpXPxwcsFnPQIMuyo+jakMeR4eTEOLlJZcAkN
9lTrxNStJVsq9oUMALsC9ui8DbeIPeCxyOX+fPgG3skdSz5VM+3LvFJ4GFLW+f23
obd/PQYZ425K2FrzAeg3cfFxpV6zhLD/DRkxILbwGCCBqIoPwWElBTok3nxKfZHv
bxeClCpf/jnokoJKuW54AfzxvJ2sYfZSqHrsgTY80hcwZAawk9u414q7rbDB/txd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:44 2025 by rpki-client