Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/N89jrqchord0eULhRiTBE9k8IG0.roa
File: N89jrqchord0eULhRiTBE9k8IG0.roa (raw, json)
Hash identifier: /66LhhZYJpahasduDQlGogUAdk7qKPrWRM8qs9c0hNI=
Subject key identifier: 37:CF:63:AE:A7:21:A2:B7:74:79:42:E1:46:24:C1:13:D9:3C:20:6D
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0185726B78318F0C1CA37E5BC4660E2E4774
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/N89jrqchord0eULhRiTBE9k8IG0.roa
Signing time: Mon 02 Jan 2023 12:18:43 +0000
ROA not before: Mon 02 Jan 2023 12:18:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212326
IP address blocks: 193.38.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6b:78:31:8f:0c:1c:a3:7e:5b:c4:66:0e:2e:47:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 12:18:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37cf63aea721a2b7747942e14624c113d93c206d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:e8:70:00:e4:8a:a7:55:cc:ec:08:85:75:
b5:3c:c1:f1:97:8f:91:af:f8:4f:94:ea:5a:1a:ed:
a2:b9:8c:60:51:1c:fb:5c:6c:35:dc:00:d9:f7:d6:
a3:df:fe:88:cd:25:67:c2:f9:29:6f:d9:b6:aa:fc:
e3:4d:30:64:3a:c8:df:d7:4a:cf:65:9e:5c:ef:c6:
3b:96:e5:45:0b:7e:c1:5a:e7:af:86:34:d4:ff:e8:
97:5b:b1:c6:ed:99:8c:b7:0e:01:bf:bd:ec:7c:6f:
c0:d0:ec:62:fd:e0:bd:eb:41:46:93:9c:44:42:76:
ec:46:37:73:fe:48:a9:fd:45:e2:39:31:2a:87:dd:
ac:4f:07:d5:1a:60:3b:e0:85:ee:3b:59:30:ec:1e:
a1:94:3f:98:cc:e1:5f:6f:9b:07:06:b6:cd:1e:f2:
53:3e:6b:e2:52:3f:85:d0:41:85:8e:df:2b:36:9f:
8f:32:41:41:e3:f7:57:9d:3e:00:0f:d3:23:f4:ec:
e8:e0:59:98:6f:2c:6d:d2:fe:14:6d:af:74:54:6e:
bf:fa:99:1e:e6:1c:eb:27:f3:8a:9c:a9:cb:58:f4:
e7:6d:6e:66:f5:75:04:10:23:68:43:3b:a4:ff:32:
ab:26:e7:03:6d:0d:97:cd:5d:6b:77:8f:9f:a7:5e:
6a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CF:63:AE:A7:21:A2:B7:74:79:42:E1:46:24:C1:13:D9:3C:20:6D
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/N89jrqchord0eULhRiTBE9k8IG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.253.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:60:91:21:bf:4b:5a:0d:5c:8a:5e:56:00:cf:36:04:fe:4a:
d6:23:0f:58:00:05:4a:57:59:58:1b:c7:be:2d:8b:d8:12:21:
80:2d:1d:7a:6f:66:3e:71:f0:b9:39:3f:33:8e:27:43:6c:d8:
eb:72:6d:c4:73:4d:40:a6:5b:6b:5e:73:ec:90:89:69:bd:f5:
74:d7:a5:76:fe:72:a7:cf:9c:56:0c:bb:c9:40:59:b4:40:d1:
ea:13:62:53:8f:b0:ec:14:be:eb:88:0f:ef:a2:fb:37:e9:71:
3e:78:91:c7:42:11:5a:43:f6:7e:12:57:c7:2a:47:27:63:aa:
18:3b:4e:87:b1:1e:ea:78:4e:44:f8:95:af:66:6f:af:a1:64:
da:72:9b:3b:de:9c:5e:74:81:77:c0:18:4f:61:c1:66:7d:28:
44:9c:81:af:e1:fb:5b:b4:06:31:8d:a6:fa:f7:0d:d4:8f:5d:
5e:84:79:64:74:1d:9e:46:e2:d9:36:7d:d5:6d:1e:b7:bd:6d:
07:0c:2f:9a:94:26:ec:43:18:17:7d:da:5a:f5:7e:99:8e:1d:
73:14:3d:a2:43:f1:a5:17:52:83:62:97:07:3c:e6:02:25:14:
11:df:39:f8:62:08:d3:ad:34:d8:74:6e:6b:e2:f5:c3:1b:61:
dd:d3:a4:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVya3gxjwwco35bxGYOLkd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjMwMTAyMTIxODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NmNjNhZWE3MjFhMmI3NzQ3OTQyZTE0NjI0YzExM2Q5M2MyMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve7ocADkiqdVzOwIhXW1PMHxl4+R
r/hPlOpaGu2iuYxgURz7XGw13ADZ99aj3/6IzSVnwvkpb9m2qvzjTTBkOsjf10rP
ZZ5c78Y7luVFC37BWuevhjTU/+iXW7HG7ZmMtw4Bv73sfG/A0Oxi/eC960FGk5xE
QnbsRjdz/kip/UXiOTEqh92sTwfVGmA74IXuO1kw7B6hlD+YzOFfb5sHBrbNHvJT
PmviUj+F0EGFjt8rNp+PMkFB4/dXnT4AD9Mj9Ozo4FmYbyxt0v4Uba90VG6/+pke
5hzrJ/OKnKnLWPTnbW5m9XUEECNoQzuk/zKrJucDbQ2XzV1rd4+fp15q2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfPY66nIaK3dHlC4UYkwRPZPCBtMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvTjg5anJxY2hvcmQwZVVMaFJpVEJFOWs4SUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSb9MA0G
CSqGSIb3DQEBCwUAA4IBAQAOYJEhv0taDVyKXlYAzzYE/krWIw9YAAVKV1lYG8e+
LYvYEiGALR16b2Y+cfC5OT8zjidDbNjrcm3Ec01ApltrXnPskIlpvfV016V2/nKn
z5xWDLvJQFm0QNHqE2JTj7DsFL7riA/vovs36XE+eJHHQhFaQ/Z+ElfHKkcnY6oY
O06HsR7qeE5E+JWvZm+voWTacps73pxedIF3wBhPYcFmfShEnIGv4ftbtAYxjab6
9w3Uj11ehHlkdB2eRuLZNn3VbR63vW0HDC+alCbsQxgXfdpa9X6Zjh1zFD2iQ/Gl
F1KDYpcHPOYCJRQR3zn4YgjTrTTYdG5r4vXDG2Hd06T1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:47 2025 by rpki-client