Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/ArQUDoqhxd6LeGfD6qu0eQhN3V8.roa
File: ArQUDoqhxd6LeGfD6qu0eQhN3V8.roa (raw, json)
Hash identifier: o+xhsXOHAOCxluyUXbc/UI8aQbChbzyoXnpDQWx4SdI=
Subject key identifier: 02:B4:14:0E:8A:A1:C5:DE:8B:78:67:C3:EA:AB:B4:79:08:4D:DD:5F
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 0181D3879B25246D4A4271E17E180C64CE2D
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/ArQUDoqhxd6LeGfD6qu0eQhN3V8.roa
Signing time: Wed 06 Jul 2022 12:41:28 +0000
ROA not before: Wed 06 Jul 2022 12:41:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19330
IP address blocks: 193.58.199.0/24 maxlen: 24
212.121.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:87:9b:25:24:6d:4a:42:71:e1:7e:18:0c:64:ce:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jul 6 12:41:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02b4140e8aa1c5de8b7867c3eaabb479084ddd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:15:00:78:db:c3:ff:50:4d:ba:ad:04:b1:4c:
73:d4:20:ea:d7:c6:5f:ce:d6:3b:27:f3:04:21:96:
48:0c:a7:3d:7b:67:4a:16:03:16:40:e7:b7:66:6a:
09:ac:8d:7d:84:bd:c2:8c:85:b0:a1:28:71:da:29:
59:6e:55:c4:29:94:78:79:e5:9a:0f:d3:d7:4c:c4:
e4:26:30:37:8a:50:37:ab:7e:2d:5e:b4:1b:59:ea:
db:4e:be:ac:8e:f0:45:02:9e:f5:c2:6d:92:fe:ef:
c9:0b:b9:b2:c6:a7:9e:15:57:d4:23:90:35:e0:dd:
df:6b:55:87:fc:92:0d:92:19:00:12:b7:52:2a:35:
fe:f3:8b:c8:3c:42:dc:af:4d:2e:a1:bb:13:61:82:
e0:ea:b4:64:fa:21:4f:2d:d2:2e:8e:fb:23:74:44:
ac:ac:bb:2e:c6:fa:69:38:fc:37:6c:60:0a:e8:08:
f7:96:e4:3a:41:99:fe:9c:ae:e2:b7:3a:59:c3:68:
46:1f:42:28:74:3b:04:e4:f5:c9:3b:f5:d3:fb:b0:
44:e7:79:7f:54:73:06:11:04:7a:59:60:c0:01:15:
64:d2:e3:78:f3:6a:f9:16:cd:55:6d:b4:e8:8c:fa:
34:ad:89:ff:0f:49:dd:81:ab:9c:8f:c9:6f:21:0e:
00:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B4:14:0E:8A:A1:C5:DE:8B:78:67:C3:EA:AB:B4:79:08:4D:DD:5F
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/ArQUDoqhxd6LeGfD6qu0eQhN3V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.199.0/24
212.121.37.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:82:85:d4:7d:aa:8d:df:15:77:e4:68:3e:77:c2:23:79:f5:
51:8a:9a:05:63:48:fe:13:d6:f3:f7:a6:1b:31:12:8f:01:4c:
f9:00:08:56:19:36:61:1e:5a:d5:ea:d1:2a:2d:6a:e0:be:c7:
c2:6c:fd:82:1b:72:24:3f:d2:bf:b4:07:73:13:55:0b:05:10:
4a:79:67:9d:3e:cb:8a:36:f9:88:49:5f:f7:58:ba:4d:35:2f:
14:90:48:6d:d2:b1:69:cc:22:da:8b:85:af:18:71:6a:35:97:
fc:6f:58:e6:42:73:78:70:d0:b8:62:ed:cd:cd:54:41:73:08:
9a:57:9b:ed:b7:f2:0e:ff:86:b0:21:18:5b:74:ca:80:2a:d5:
5d:bb:06:8c:33:ff:7e:47:d1:36:b4:46:e5:5a:ef:dc:e2:1c:
25:34:97:3f:14:ff:eb:4d:a9:cb:79:ad:9e:f1:9d:5e:c9:38:
f7:74:4e:a1:cb:c0:67:f3:37:66:54:ec:7c:7f:fe:1d:2b:90:
1f:07:4c:bf:b4:dc:e2:85:5e:f6:cf:00:64:a4:cf:b1:96:29:
77:1a:70:19:a2:f4:b6:85:35:6c:57:a7:61:7f:b9:8a:08:84:
43:69:df:54:1c:a4:f6:bd:26:aa:c3:6f:5a:2c:74:b2:0b:d5:
6f:0d:d8:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHTh5slJG1KQnHhfhgMZM4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjIwNzA2MTI0MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmI0MTQwZThhYTFjNWRlOGI3ODY3YzNlYWFiYjQ3OTA4NGRkZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRUAeNvD/1BNuq0EsUxz1CDq18Zf
ztY7J/MEIZZIDKc9e2dKFgMWQOe3ZmoJrI19hL3CjIWwoShx2ilZblXEKZR4eeWa
D9PXTMTkJjA3ilA3q34tXrQbWerbTr6sjvBFAp71wm2S/u/JC7myxqeeFVfUI5A1
4N3fa1WH/JINkhkAErdSKjX+84vIPELcr00uobsTYYLg6rRk+iFPLdIujvsjdESs
rLsuxvppOPw3bGAK6Aj3luQ6QZn+nK7itzpZw2hGH0IodDsE5PXJO/XT+7BE53l/
VHMGEQR6WWDAARVk0uN482r5Fs1VbbTojPo0rYn/D0ndgaucj8lvIQ4A/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAK0FA6KocXei3hnw+qrtHkITd1fMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvQXJRVURvcWh4ZDZMZUdmRDZxdTBlUWhOM1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwTrHAwQA
1HklMA0GCSqGSIb3DQEBCwUAA4IBAQDCgoXUfaqN3xV35Gg+d8IjefVRipoFY0j+
E9bz96YbMRKPAUz5AAhWGTZhHlrV6tEqLWrgvsfCbP2CG3IkP9K/tAdzE1ULBRBK
eWedPsuKNvmISV/3WLpNNS8UkEht0rFpzCLai4WvGHFqNZf8b1jmQnN4cNC4Yu3N
zVRBcwiaV5vtt/IO/4awIRhbdMqAKtVduwaMM/9+R9E2tEblWu/c4hwlNJc/FP/r
TanLea2e8Z1eyTj3dE6hy8Bn8zdmVOx8f/4dK5AfB0y/tNzihV72zwBkpM+xlil3
GnAZovS2hTVsV6dhf7mKCIRDad9UHKT2vSaqw29aLHSyC9VvDdiG
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:12 2025 by rpki-client