Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/_kNn17qRzdR3aIFkqfkEkqqMqHo.roa
File: _kNn17qRzdR3aIFkqfkEkqqMqHo.roa (raw, json)
Hash identifier: icetcQ8034m6P/JOE6qTmiMN7E4jSbJ4C8G9wlmraZE=
Subject key identifier: FE:43:67:D7:BA:91:CD:D4:77:68:81:64:A9:F9:04:92:AA:8C:A8:7A
Certificate issuer: /CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Certificate serial: 0183C28F04CD2DD42BC3838D4F03CD90CF9C
Authority key identifier: B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/_kNn17qRzdR3aIFkqfkEkqqMqHo.roa
Signing time: Mon 10 Oct 2022 15:41:36 +0000
ROA not before: Mon 10 Oct 2022 15:41:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2607
IP address blocks: 193.87.0.0/16 maxlen: 17
194.160.0.0/16 maxlen: 17
2001:4118::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:8f:04:cd:2d:d4:2b:c3:83:8d:4f:03:cd:90:cf:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Validity
Not Before: Oct 10 15:41:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe4367d7ba91cdd477688164a9f90492aa8ca87a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:19:65:35:86:6a:ff:ba:52:74:3e:41:9e:13:
7a:3c:81:c6:db:ab:88:dc:89:bf:a2:8f:c1:08:9c:
20:56:e8:7c:2c:f3:fb:d8:6d:b6:e0:6a:f7:bc:21:
13:c3:13:17:cf:f5:f2:1b:51:92:44:23:eb:f1:c8:
ac:29:44:ae:2b:21:13:01:bc:a0:36:89:bb:b7:16:
30:37:d7:d7:93:4b:be:af:87:a5:28:93:cf:a9:63:
39:3b:c6:98:a5:82:50:2d:d1:da:67:52:e1:3a:93:
9e:68:2a:ee:e5:af:1c:94:d4:07:48:20:14:e2:85:
fc:fe:1e:c8:2a:b8:51:71:cf:f1:a7:d4:80:e7:8a:
09:bf:47:cb:5d:9b:b7:9c:3b:fe:8a:55:29:68:9b:
31:b2:09:b0:64:ef:79:12:e9:08:8c:85:52:73:53:
2e:cb:3b:89:93:84:68:55:af:b9:0a:03:f3:c6:84:
40:a8:91:10:8f:7d:f7:f2:e2:e3:11:ee:e2:8f:2c:
d7:aa:da:e4:b1:0f:14:37:19:f0:70:5c:51:87:4c:
8f:e0:0a:9b:6d:79:e5:0d:15:d4:0b:bc:6b:77:39:
d8:7f:6e:25:27:8c:0c:0b:e7:cc:d6:4b:78:97:e4:
bf:61:79:eb:20:3f:b0:36:71:6b:ec:bd:d3:49:1d:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:43:67:D7:BA:91:CD:D4:77:68:81:64:A9:F9:04:92:AA:8C:A8:7A
X509v3 Authority Key Identifier:
keyid:B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/_kNn17qRzdR3aIFkqfkEkqqMqHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.87.0.0/16
194.160.0.0/16
IPv6:
2001:4118::/32
Signature Algorithm: sha256WithRSAEncryption
39:3f:12:3d:73:6b:61:44:cb:d2:bd:0c:f8:46:d6:9a:83:6e:
d4:17:b3:ec:28:94:93:68:0e:0c:e5:90:db:6f:02:38:2c:49:
50:f0:d7:46:15:1a:93:c5:31:a1:f5:f0:bb:01:0e:6e:86:6c:
52:c8:4b:1b:a4:e8:4c:b6:a3:05:40:ac:b3:08:e2:40:d7:8d:
59:6f:8a:d8:73:2d:a9:82:ba:6e:a4:d1:68:1b:71:f1:f5:56:
7b:2b:23:35:0f:56:3e:ce:d1:7c:70:69:b3:e9:ed:2c:e0:0f:
83:97:00:fa:f6:e1:b1:41:b2:e8:9b:d2:ac:a1:e8:b0:d5:ad:
10:d8:48:20:5c:2a:41:d7:a9:f8:6f:7a:ab:d9:ef:69:b5:e1:
d8:d4:69:c3:3d:7e:e1:66:88:e2:8f:36:7c:3c:d9:38:b5:26:
51:62:ab:53:c0:17:8c:40:b8:c3:c2:a6:9f:9b:8f:6b:73:f6:
1e:07:8c:05:e3:1b:61:88:41:57:55:12:29:9b:2c:73:f6:c5:
d3:a6:25:b4:8e:d2:f6:0b:20:5b:c3:dd:2a:19:fa:1f:ed:69:
93:f8:3b:77:7f:31:59:96:c6:37:83:44:9b:94:43:52:9b:cd:
22:f8:d4:6a:6a:36:b6:c6:ed:7a:a3:29:d8:f3:c5:cc:60:74:
f2:ac:61:74
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYPCjwTNLdQrw4ONTwPNkM+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWU2MjI3MGQyMGY5NDY3YTZhZmM3ODk2M2RiY2ZiODBm
YmY1MmEwHhcNMjIxMDEwMTU0MTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQzNjdkN2JhOTFjZGQ0Nzc2ODgxNjRhOWY5MDQ5MmFhOGNhODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxllNYZq/7pSdD5BnhN6PIHG26uI
3Im/oo/BCJwgVuh8LPP72G224Gr3vCETwxMXz/XyG1GSRCPr8cisKUSuKyETAbyg
Nom7txYwN9fXk0u+r4elKJPPqWM5O8aYpYJQLdHaZ1LhOpOeaCru5a8clNQHSCAU
4oX8/h7IKrhRcc/xp9SA54oJv0fLXZu3nDv+ilUpaJsxsgmwZO95EukIjIVSc1Mu
yzuJk4RoVa+5CgPzxoRAqJEQj3338uLjEe7ijyzXqtrksQ8UNxnwcFxRh0yP4Aqb
bXnlDRXUC7xrdznYf24lJ4wMC+fM1kt4l+S/YXnrID+wNnFr7L3TSR1hEQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFP5DZ9e6kc3Ud2iBZKn5BJKqjKh6MB8GA1UdIwQY
MBaAFLReYicNIPlGemr8eJY9vPuA+/UqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEt
MDU5NjI5NmYxMmRlLzEvX2tObjE3cVJ6ZFIzYUlGa3Fma0VrcXFNcUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEtMDU5NjI5NmYxMmRl
LzEvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAQBAIAATAKAwMAwVcDAwDC
oDANBAIAAjAHAwUAIAFBGDANBgkqhkiG9w0BAQsFAAOCAQEAOT8SPXNrYUTL0r0M
+EbWmoNu1Bez7CiUk2gODOWQ228COCxJUPDXRhUak8UxofXwuwEOboZsUshLG6To
TLajBUCsswjiQNeNWW+K2HMtqYK6bqTRaBtx8fVWeysjNQ9WPs7RfHBps+ntLOAP
g5cA+vbhsUGy6JvSrKHosNWtENhIIFwqQdep+G96q9nvabXh2NRpwz1+4WaI4o82
fDzZOLUmUWKrU8AXjEC4w8Kmn5uPa3P2HgeMBeMbYYhBV1USKZssc/bF06YltI7S
9gsgW8PdKhn6H+1pk/g7d38xWZbGN4NEm5RDUpvNIvjUamo2tsbteqMp2PPFzGB0
8qxhdA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:56 2025 by rpki-client