Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/kxP2Jjh_VWaAObYEAVg8zPx82rc.roa
File: kxP2Jjh_VWaAObYEAVg8zPx82rc.roa (raw, json)
Hash identifier: eGKSNPaEEdWI4rIgKwytuF92yFXdJ9PYwj5ePttFDUY=
Subject key identifier: 93:13:F6:26:38:7F:55:66:80:39:B6:04:01:58:3C:CC:FC:7C:DA:B7
Certificate issuer: /CN=14da869ba03374a192c8e3bdce950a90027adcaf
Certificate serial: 01856B81202E16365A1AF6CC11C8FC2B21DE
Authority key identifier: 14:DA:86:9B:A0:33:74:A1:92:C8:E3:BD:CE:95:0A:90:02:7A:DC:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNqGm6AzdKGSyOO9zpUKkAJ63K8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/kxP2Jjh_VWaAObYEAVg8zPx82rc.roa
Signing time: Sun 01 Jan 2023 04:05:02 +0000
ROA not before: Sun 01 Jan 2023 04:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12903
IP address blocks: 193.218.113.0/24 maxlen: 24
194.29.208.0/21 maxlen: 24
91.188.192.0/22 maxlen: 24
217.68.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:20:2e:16:36:5a:1a:f6:cc:11:c8:fc:2b:21:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14da869ba03374a192c8e3bdce950a90027adcaf
Validity
Not Before: Jan 1 04:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9313f626387f55668039b60401583cccfc7cdab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:10:08:b3:63:61:2c:f0:96:4d:95:be:e9:8e:
27:a9:e7:18:58:81:b1:72:1d:ca:7b:19:10:d4:7c:
58:8c:23:4b:8e:9b:8b:64:5e:c3:9c:8d:81:76:fa:
d7:c0:2a:11:68:a0:f6:96:4b:58:47:07:5f:09:e0:
d3:ca:24:ab:62:08:a7:ed:3d:b1:4c:fc:cc:37:db:
30:fa:1d:7b:37:5f:7c:e9:39:b5:28:b0:15:75:e5:
7f:29:71:4d:22:5c:17:c2:3e:78:56:63:56:26:aa:
7f:90:f3:e0:1b:65:94:d4:88:29:9c:bf:84:4f:10:
db:b0:2c:df:3b:a8:71:d4:a5:b1:7c:2c:22:3e:52:
e9:d2:3e:59:a1:32:ab:84:e5:6d:fb:d5:ee:64:b6:
88:1c:0d:73:18:26:8e:c1:1e:23:e5:c5:16:63:45:
50:3a:44:c4:61:cb:95:62:77:f3:34:a7:83:79:3a:
40:89:d5:77:15:54:5c:1f:1d:d0:0c:e2:45:fd:d1:
e1:30:44:cd:06:aa:ed:d1:e0:0d:89:ce:c2:c3:ef:
5e:83:11:f6:76:c9:94:19:22:4a:82:de:92:a0:41:
62:8c:ed:13:e3:7a:73:63:51:05:9c:9b:89:64:e9:
d2:f6:bc:f0:95:39:22:b9:95:3f:0d:e3:01:cd:4e:
9e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:13:F6:26:38:7F:55:66:80:39:B6:04:01:58:3C:CC:FC:7C:DA:B7
X509v3 Authority Key Identifier:
keyid:14:DA:86:9B:A0:33:74:A1:92:C8:E3:BD:CE:95:0A:90:02:7A:DC:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNqGm6AzdKGSyOO9zpUKkAJ63K8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/kxP2Jjh_VWaAObYEAVg8zPx82rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/FNqGm6AzdKGSyOO9zpUKkAJ63K8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.192.0/22
193.218.113.0/24
194.29.208.0/21
217.68.208.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:fa:25:93:9e:23:57:16:a9:1c:0e:42:e4:c5:66:ab:3b:16:
ca:12:60:24:13:04:9e:0a:10:a0:58:4b:d7:ef:67:3f:08:72:
79:e9:e6:0c:ee:e6:db:e7:c8:e2:be:1d:a1:a3:69:31:e5:93:
5e:8a:36:9c:e9:e7:7f:52:cc:2a:bb:0c:cc:0e:99:0c:3f:97:
53:92:e2:4a:64:1c:36:ea:f1:0c:90:ea:e5:7c:bf:d3:cf:5f:
f1:24:e1:9f:eb:47:ef:dc:4f:86:c6:a1:f5:b8:bd:c6:23:9d:
80:ea:7f:08:6e:b4:04:ef:b4:52:3b:bf:10:b0:e3:b2:6a:91:
88:32:96:42:2e:7a:db:8e:f7:e3:62:31:d0:52:96:ea:f7:a1:
26:e8:f8:6f:50:59:22:8b:90:9c:1d:c4:38:34:f1:2d:90:03:
e1:a1:ce:fa:98:62:1b:18:66:24:b8:c6:ef:b6:5b:a3:a1:18:
8e:36:42:e3:19:58:82:4d:8f:4f:20:60:85:51:4a:d2:75:a7:
08:93:7c:ee:1f:3f:7d:80:71:39:93:61:f2:07:b5:9b:06:1b:
25:3a:4f:3e:a4:8e:57:94:d9:00:52:90:30:f7:c1:3f:7d:68:
29:f4:8c:85:0f:3e:b9:14:a0:ee:e7:7c:7c:b8:2f:88:34:4f:
d4:88:45:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVrgSAuFjZaGvbMEcj8KyHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZGE4NjliYTAzMzc0YTE5MmM4ZTNiZGNlOTUwYTkwMDI3
YWRjYWYwHhcNMjMwMTAxMDQwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzEzZjYyNjM4N2Y1NTY2ODAzOWI2MDQwMTU4M2NjY2ZjN2NkYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhAIs2NhLPCWTZW+6Y4nqecYWIGx
ch3KexkQ1HxYjCNLjpuLZF7DnI2BdvrXwCoRaKD2lktYRwdfCeDTyiSrYgin7T2x
TPzMN9sw+h17N1986Tm1KLAVdeV/KXFNIlwXwj54VmNWJqp/kPPgG2WU1IgpnL+E
TxDbsCzfO6hx1KWxfCwiPlLp0j5ZoTKrhOVt+9XuZLaIHA1zGCaOwR4j5cUWY0VQ
OkTEYcuVYnfzNKeDeTpAidV3FVRcHx3QDOJF/dHhMETNBqrt0eANic7Cw+9egxH2
dsmUGSJKgt6SoEFijO0T43pzY1EFnJuJZOnS9rzwlTkiuZU/DeMBzU6eNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJMT9iY4f1VmgDm2BAFYPMz8fNq3MB8GA1UdIwQY
MBaAFBTahpugM3Shksjjvc6VCpACetyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk5xR202QXpkS0dTeU9POXpwVUtrQUo2M0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8xOGU1YTktMTIzZi00OGFkLTkxYzUt
ZjYwMDc0ODJmYTkzLzEva3hQMkpqaF9WV2FBT2JZRUFWZzh6UHg4MnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8xOGU1YTktMTIzZi00OGFkLTkxYzUtZjYwMDc0ODJmYTkz
LzEvRk5xR202QXpkS0dTeU9POXpwVUtrQUo2M0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW7zAAwQA
wdpxAwQDwh3QAwQE2UTQMA0GCSqGSIb3DQEBCwUAA4IBAQBc+iWTniNXFqkcDkLk
xWarOxbKEmAkEwSeChCgWEvX72c/CHJ56eYM7ubb58jivh2ho2kx5ZNeijac6ed/
UswquwzMDpkMP5dTkuJKZBw26vEMkOrlfL/Tz1/xJOGf60fv3E+GxqH1uL3GI52A
6n8IbrQE77RSO78QsOOyapGIMpZCLnrbjvfjYjHQUpbq96Em6PhvUFkii5CcHcQ4
NPEtkAPhoc76mGIbGGYkuMbvtlujoRiONkLjGViCTY9PIGCFUUrSdacIk3zuHz99
gHE5k2HyB7WbBhslOk8+pI5XlNkAUpAw98E/fWgp9IyFDz65FKDu53x8uC+INE/U
iEUj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:11 2025 by rpki-client