Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/rJ2zT9AKHMDf7yPxOV33fL_5eT8.roa
File: rJ2zT9AKHMDf7yPxOV33fL_5eT8.roa (raw, json)
Hash identifier: rmFcNWCyCHbk1Wf0wZU1koCVvlcGhlioDGXGzi/9Kg8=
Subject key identifier: AC:9D:B3:4F:D0:0A:1C:C0:DF:EF:23:F1:39:5D:F7:7C:BF:F9:79:3F
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 0183EB8AB64C0884667A7E366F913FCB8092
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/rJ2zT9AKHMDf7yPxOV33fL_5eT8.roa
Signing time: Tue 18 Oct 2022 14:41:19 +0000
ROA not before: Tue 18 Oct 2022 14:41:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41926
IP address blocks: 193.34.101.0/24 maxlen: 24
193.34.103.0/24 maxlen: 24
193.34.100.0/24 maxlen: 24
193.34.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:8a:b6:4c:08:84:66:7a:7e:36:6f:91:3f:cb:80:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Oct 18 14:41:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac9db34fd00a1cc0dfef23f1395df77cbff9793f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:76:88:c8:d7:2a:7f:8e:92:c5:c5:58:fa:2d:
93:27:95:11:87:6e:4e:f5:32:f7:09:70:76:e9:fc:
5b:85:4e:ca:55:4d:65:f6:f4:75:47:94:67:b3:8e:
e8:8e:05:72:e0:95:4d:60:f5:1d:d5:00:77:85:37:
b1:09:8d:e6:ba:32:17:1f:5d:fb:75:5a:09:93:c7:
2c:80:53:a0:38:77:f5:71:99:ec:3c:e0:6d:fd:98:
51:74:eb:23:10:5d:c2:08:cf:ba:5f:33:e8:b8:d4:
b1:5f:56:9b:ed:6b:3c:19:64:f2:fa:8e:be:be:c3:
ae:52:b8:a0:3d:c1:72:b3:e8:f5:7e:df:c6:75:cf:
99:86:3b:aa:36:54:79:be:25:6f:e3:0e:65:4b:01:
8b:15:7d:50:47:ec:ee:c6:d4:31:1b:50:ab:e2:9e:
29:7a:77:b6:65:df:75:42:92:c1:03:1e:d8:f6:f5:
39:24:3a:66:21:75:4f:f0:6e:86:42:e1:fc:3e:8f:
36:6e:ef:58:e2:ab:16:a2:60:f9:bf:92:a0:56:e0:
d7:cf:07:2e:8b:9b:4f:c3:41:b9:be:d3:5a:97:cc:
c3:23:40:96:22:50:52:65:5a:28:6c:53:c0:23:0a:
fe:55:ac:2e:49:de:2f:b7:c5:ca:25:ee:cb:65:c8:
60:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9D:B3:4F:D0:0A:1C:C0:DF:EF:23:F1:39:5D:F7:7C:BF:F9:79:3F
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/rJ2zT9AKHMDf7yPxOV33fL_5eT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:fa:1a:29:65:93:1f:eb:66:81:bc:07:7e:12:95:02:84:36:
c2:e4:5d:a1:e7:71:82:54:69:c8:fb:e5:34:1e:3f:9e:87:66:
1f:68:7f:a4:de:01:84:33:0b:9c:13:ec:5c:9f:d6:da:b2:53:
7d:df:59:03:b2:12:38:99:9d:5b:84:24:10:6a:8c:93:14:df:
f1:68:9e:e9:54:33:e4:dd:57:b3:91:81:9a:51:cb:34:39:a6:
d1:e3:dc:27:db:00:89:6f:f0:cd:a3:90:e7:aa:3b:ef:52:b7:
af:dc:59:a1:8f:07:11:82:48:57:e2:9a:d0:2b:ee:5a:02:1c:
50:a2:0f:50:c5:46:93:91:19:76:be:9c:5c:1a:bd:fc:c8:b1:
b8:3a:c8:56:1a:1e:b2:a5:30:f5:e4:75:a7:7d:ca:24:11:b8:
cf:67:ca:59:fc:9e:98:68:fd:ca:c0:c2:d3:25:b3:bf:3d:91:
49:88:59:81:3e:cb:57:7e:c0:ec:5e:10:3d:31:92:35:a2:b9:
1d:09:99:34:32:5e:fd:7c:af:eb:16:3b:f8:2a:98:6b:4f:ba:
91:41:f0:52:e0:9e:27:d8:e9:30:3e:90:92:79:db:1e:c2:7c:
fb:d0:14:75:18:7d:06:55:3c:24:f0:d0:9b:cb:c3:72:9b:c0:
18:3b:58:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPrirZMCIRmen42b5E/y4CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjIxMDE4MTQ0MTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlkYjM0ZmQwMGExY2MwZGZlZjIzZjEzOTVkZjc3Y2JmZjk3OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHaIyNcqf46SxcVY+i2TJ5URh25O
9TL3CXB26fxbhU7KVU1l9vR1R5Rns47ojgVy4JVNYPUd1QB3hTexCY3mujIXH137
dVoJk8csgFOgOHf1cZnsPOBt/ZhRdOsjEF3CCM+6XzPouNSxX1ab7Ws8GWTy+o6+
vsOuUrigPcFys+j1ft/Gdc+ZhjuqNlR5viVv4w5lSwGLFX1QR+zuxtQxG1Cr4p4p
ene2Zd91QpLBAx7Y9vU5JDpmIXVP8G6GQuH8Po82bu9Y4qsWomD5v5KgVuDXzwcu
i5tPw0G5vtNal8zDI0CWIlBSZVoobFPAIwr+VawuSd4vt8XKJe7LZchgIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyds0/QChzA3+8j8Tld93y/+Xk/MB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvckoyelQ5QUtITURmN3lQeE9WMzNmTF81ZVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSJkMA0G
CSqGSIb3DQEBCwUAA4IBAQA9+hopZZMf62aBvAd+EpUChDbC5F2h53GCVGnI++U0
Hj+eh2YfaH+k3gGEMwucE+xcn9baslN931kDshI4mZ1bhCQQaoyTFN/xaJ7pVDPk
3VezkYGaUcs0OabR49wn2wCJb/DNo5DnqjvvUrev3FmhjwcRgkhX4prQK+5aAhxQ
og9QxUaTkRl2vpxcGr38yLG4OshWGh6ypTD15HWnfcokEbjPZ8pZ/J6YaP3KwMLT
JbO/PZFJiFmBPstXfsDsXhA9MZI1orkdCZk0Ml79fK/rFjv4KphrT7qRQfBS4J4n
2OkwPpCSedsewnz70BR1GH0GVTwk8NCby8Nym8AYO1jB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:56 2024 by rpki-client on console-fra.rpki-client.org