Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/0v8N9GHbuyCF_4nRMid4MdIx2fg.roa
File: 0v8N9GHbuyCF_4nRMid4MdIx2fg.roa (raw, json)
Hash identifier: NNLDXu+NjOzWh1jP+4sfav4zQeDARIjPaFqlChgexBs=
Subject key identifier: D2:FF:0D:F4:61:DB:BB:20:85:FF:89:D1:32:27:78:31:D2:31:D9:F8
Certificate issuer: /CN=3ead19096b0ee080fe43810500b718a947fed229
Certificate serial: 018538FE57902DDED1B60186E050689AF1DC
Authority key identifier: 3E:AD:19:09:6B:0E:E0:80:FE:43:81:05:00:B7:18:A9:47:FE:D2:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pq0ZCWsO4ID-Q4EFALcYqUf-0ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/0v8N9GHbuyCF_4nRMid4MdIx2fg.roa
Signing time: Thu 22 Dec 2022 08:41:10 +0000
ROA not before: Thu 22 Dec 2022 08:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42346
IP address blocks: 193.108.136.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:38:fe:57:90:2d:de:d1:b6:01:86:e0:50:68:9a:f1:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ead19096b0ee080fe43810500b718a947fed229
Validity
Not Before: Dec 22 08:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2ff0df461dbbb2085ff89d132277831d231d9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:77:5f:32:99:57:03:71:42:d4:59:3e:fb:56:
e3:32:14:0d:40:c7:73:9f:74:a1:4b:a1:92:93:7e:
0b:46:ea:d9:29:09:ad:69:48:e0:42:d3:2c:c2:b1:
d9:2f:a4:1c:61:19:88:db:05:92:5e:0b:54:ef:86:
b2:ac:22:ed:88:71:c7:4d:dd:f6:4b:47:a7:ad:da:
5f:f1:24:7e:e5:12:ab:36:9d:e8:8a:eb:ca:fd:03:
75:d8:28:a2:be:de:8b:2d:07:ac:ce:2f:28:9d:4e:
51:83:00:bc:84:4e:d3:9c:a8:eb:46:ca:09:20:66:
7b:39:b4:eb:3b:15:6c:d7:6a:aa:da:52:92:a9:cd:
06:b2:fd:f3:22:6e:f4:a2:78:23:c8:0a:68:e7:cb:
2c:c8:9b:6b:95:7d:12:9d:36:2f:8b:be:da:0b:9a:
43:4d:4b:26:b4:80:7d:49:60:9c:dc:86:d5:94:e0:
55:2f:67:ef:d6:14:f7:c6:a6:68:19:c8:c5:f1:c0:
11:7f:00:a2:84:e3:5a:e7:1e:56:1b:44:ad:c1:c9:
1f:d9:c9:0e:0e:b6:83:ec:62:3b:54:d6:a4:f6:d3:
64:d4:20:19:5b:6b:61:1f:b3:36:97:b7:d7:e2:38:
07:7a:20:c4:a2:88:3c:5c:0b:8e:10:a6:07:dc:bd:
e5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FF:0D:F4:61:DB:BB:20:85:FF:89:D1:32:27:78:31:D2:31:D9:F8
X509v3 Authority Key Identifier:
keyid:3E:AD:19:09:6B:0E:E0:80:FE:43:81:05:00:B7:18:A9:47:FE:D2:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq0ZCWsO4ID-Q4EFALcYqUf-0ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/0v8N9GHbuyCF_4nRMid4MdIx2fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/Pq0ZCWsO4ID-Q4EFALcYqUf-0ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.136.0/23
Signature Algorithm: sha256WithRSAEncryption
20:54:ce:9d:0d:f4:6f:19:03:a2:09:b9:d7:a8:73:ce:84:15:
f2:c4:4d:c6:91:b4:67:19:5b:fa:96:52:6c:ef:f7:c7:9c:2d:
0e:c1:6b:40:f5:d1:b3:de:ec:7e:fb:d8:f6:e8:a1:42:66:cd:
f0:c4:a1:b2:4a:9a:d0:1f:8d:b4:19:14:1d:c4:22:b7:d8:82:
66:08:a4:4c:3c:be:bd:59:cb:d1:21:9f:7d:f6:82:db:16:43:
c0:80:90:79:22:87:55:f9:6b:c8:43:0d:07:23:12:05:4c:11:
1c:c7:44:d8:e9:fc:64:52:e9:77:1d:6d:7f:ef:c1:4e:d7:c9:
07:94:29:88:6e:8c:b7:ee:1a:19:01:e3:e1:1e:b1:e3:61:2c:
0c:c0:7f:5f:81:b7:f4:36:98:f7:6c:35:e8:b9:2e:51:39:59:
e7:04:fc:a0:59:a1:d8:51:28:b4:3b:5d:3d:b7:67:d2:d9:13:
14:bc:d5:86:4a:6c:90:fc:a5:21:c7:4d:92:62:56:05:e0:33:
7c:f3:09:e1:ce:36:da:bd:78:e5:dd:2b:6c:ae:99:90:0a:68:
50:52:37:9f:9e:15:0b:c2:a7:b6:ec:c5:10:32:0c:cd:85:14:
e5:7a:8f:8c:eb:91:99:ab:98:dc:41:df:32:eb:4c:c2:d1:cc:
3e:c1:df:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU4/leQLd7RtgGG4FBomvHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWQxOTA5NmIwZWUwODBmZTQzODEwNTAwYjcxOGE5NDdm
ZWQyMjkwHhcNMjIxMjIyMDg0MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZmMGRmNDYxZGJiYjIwODVmZjg5ZDEzMjI3NzgzMWQyMzFkOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnndfMplXA3FC1Fk++1bjMhQNQMdz
n3ShS6GSk34LRurZKQmtaUjgQtMswrHZL6QcYRmI2wWSXgtU74ayrCLtiHHHTd32
S0enrdpf8SR+5RKrNp3oiuvK/QN12Ciivt6LLQeszi8onU5RgwC8hE7TnKjrRsoJ
IGZ7ObTrOxVs12qq2lKSqc0Gsv3zIm70ongjyApo58ssyJtrlX0SnTYvi77aC5pD
TUsmtIB9SWCc3IbVlOBVL2fv1hT3xqZoGcjF8cARfwCihONa5x5WG0Stwckf2ckO
DraD7GI7VNak9tNk1CAZW2thH7M2l7fX4jgHeiDEoog8XAuOEKYH3L3lVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL/DfRh27sghf+J0TIneDHSMdn4MB8GA1UdIwQY
MBaAFD6tGQlrDuCA/kOBBQC3GKlH/tIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHEwWkNXc080SUQtUTRFRkFMY1lxVWYtMGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82M2JiNzktOTNiMC00OTlmLTk3OGQt
MTBmZTQ0NzI2OTA4LzEvMHY4TjlHSGJ1eUNGXzRuUk1pZDRNZEl4MmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82M2JiNzktOTNiMC00OTlmLTk3OGQtMTBmZTQ0NzI2OTA4
LzEvUHEwWkNXc080SUQtUTRFRkFMY1lxVWYtMGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWyIMA0G
CSqGSIb3DQEBCwUAA4IBAQAgVM6dDfRvGQOiCbnXqHPOhBXyxE3GkbRnGVv6llJs
7/fHnC0OwWtA9dGz3ux++9j26KFCZs3wxKGySprQH420GRQdxCK32IJmCKRMPL69
WcvRIZ999oLbFkPAgJB5IodV+WvIQw0HIxIFTBEcx0TY6fxkUul3HW1/78FO18kH
lCmIboy37hoZAePhHrHjYSwMwH9fgbf0Npj3bDXouS5ROVnnBPygWaHYUSi0O109
t2fS2RMUvNWGSmyQ/KUhx02SYlYF4DN88wnhzjbavXjl3StsrpmQCmhQUjefnhUL
wqe27MUQMgzNhRTleo+M65GZq5jcQd8y60zC0cw+wd8c
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:53 2025 by rpki-client