Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/41aIA9cMfgWtNSicsAXn4LRmfjQ.roa
File: 41aIA9cMfgWtNSicsAXn4LRmfjQ.roa (raw, json)
Hash identifier: RXo4OwO7KCukSCoeD6Jrd3SwxzAJ91PJQ6ofI1PdKVc=
Subject key identifier: E3:56:88:03:D7:0C:7E:05:AD:35:28:9C:B0:05:E7:E0:B4:66:7E:34
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 06D35767
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/41aIA9cMfgWtNSicsAXn4LRmfjQ.roa
Signing time: Sat 01 Jan 2022 14:07:45 +0000
ROA not before: Sat 01 Jan 2022 14:07:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35478
IP address blocks: 193.32.162.0/24 maxlen: 24
193.29.14.0/24 maxlen: 24
193.47.69.0/24 maxlen: 24
193.47.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114513767 (0x6d35767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 1 14:07:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3568803d70c7e05ad35289cb005e7e0b4667e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6a:26:bd:ba:f6:5b:71:f5:4c:3a:c7:67:82:
06:43:d6:c9:b5:97:67:d9:ee:20:c2:dc:36:7e:7a:
23:1b:8b:78:72:b6:cd:98:63:ec:da:86:5f:af:02:
d3:1c:e9:9d:6d:57:f8:52:92:b6:e0:0f:9c:f3:3f:
9d:41:10:4b:37:f3:eb:fb:b2:10:a0:2e:00:ff:6a:
50:42:9e:8f:6c:6c:17:3a:cd:62:96:ea:cb:5f:d8:
f1:70:b2:cd:9b:7e:37:ab:06:ca:aa:70:55:0e:c9:
d1:2b:fc:20:b7:8c:fe:14:53:f8:70:c2:f9:e7:fa:
fb:03:81:65:f6:79:b3:62:03:58:4c:71:de:cd:65:
b9:5d:1b:67:4b:7f:f1:7e:a4:26:1e:4a:73:f9:37:
58:0b:c9:a4:fa:48:8a:b3:c9:c4:5f:07:a7:6e:45:
c3:c2:5b:65:4b:76:56:05:76:8f:66:00:17:d4:b8:
84:4b:02:f1:5f:41:e8:85:1a:7c:a5:41:1c:6f:35:
3a:00:4e:39:43:95:8a:88:66:8c:73:1e:33:a4:e5:
1f:c2:7f:02:e0:13:14:c4:e7:81:76:0c:ec:49:0f:
5a:e3:77:1b:2a:fb:ec:ac:88:6c:b4:54:d3:4b:8e:
86:a7:26:9c:36:8b:ed:f5:e4:6c:bd:d7:ce:34:85:
e6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:56:88:03:D7:0C:7E:05:AD:35:28:9C:B0:05:E7:E0:B4:66:7E:34
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/41aIA9cMfgWtNSicsAXn4LRmfjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.14.0/24
193.32.162.0/24
193.47.68.0/23
Signature Algorithm: sha256WithRSAEncryption
68:d7:dd:2d:79:46:ac:bd:66:a6:25:d4:cc:3d:53:61:be:34:
a2:df:6a:15:3d:75:ce:1e:c8:e0:66:3d:f7:cb:b4:1a:99:55:
af:fd:83:78:96:51:e5:02:4b:12:2b:b9:e0:61:2f:da:54:22:
ee:26:cd:db:93:79:64:06:be:e0:8d:bb:38:89:9b:e1:1a:f6:
af:8e:3b:82:2d:12:80:71:46:36:76:44:23:cd:89:0a:39:7b:
f3:1b:fe:de:80:e2:5d:e7:65:0a:4e:ff:59:38:d0:32:20:aa:
a2:ec:ab:cb:d8:c0:0e:c9:0e:14:25:ea:01:82:12:84:9e:c1:
5c:24:7d:bd:4c:b8:fa:ce:22:1c:aa:25:36:88:c8:45:fd:02:
eb:44:04:e4:11:b7:f3:dc:73:61:ed:50:a5:51:97:89:5d:16:
0c:2e:0c:b2:49:4a:62:f5:ae:74:d4:18:67:89:b0:d5:b4:10:
e1:22:d5:04:8a:3a:99:5f:91:f4:f3:29:86:2e:ed:1a:f6:fc:
cc:76:43:80:e5:cb:db:3e:af:72:81:95:23:14:8a:bd:d8:69:
2b:31:a3:b0:5c:5c:bd:08:c9:9b:98:92:fc:78:b4:45:01:e9:
b2:3e:c6:35:b4:28:63:da:32:56:60:31:3a:3f:b6:d1:48:68:
39:ed:61:91
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBtNXZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmMxMmI1MjdhNWQxZjhiOGJjZjIzMGViNjExZjUyZjExZDUyYmJmMB4XDTIyMDEw
MTE0MDc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM1Njg4MDNkNzBj
N2UwNWFkMzUyODljYjAwNWU3ZTBiNDY2N2UzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVqJr269ltx9Uw6x2eCBkPWybWXZ9nuIMLcNn56IxuLeHK2
zZhj7NqGX68C0xzpnW1X+FKStuAPnPM/nUEQSzfz6/uyEKAuAP9qUEKej2xsFzrN
Ypbqy1/Y8XCyzZt+N6sGyqpwVQ7J0Sv8ILeM/hRT+HDC+ef6+wOBZfZ5s2IDWExx
3s1luV0bZ0t/8X6kJh5Kc/k3WAvJpPpIirPJxF8Hp25Fw8JbZUt2VgV2j2YAF9S4
hEsC8V9B6IUafKVBHG81OgBOOUOViohmjHMeM6TlH8J/AuATFMTngXYM7EkPWuN3
Gyr77KyIbLRU00uOhqcmnDaL7fXkbL3XzjSF5tcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTjVogD1wx+Ba01KJywBefgtGZ+NDAfBgNVHSMEGDAWgBTCwStSel0fi4vP
Iw62EfUvEdUrvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dzRXJVbnBkSDR1THp5TU90aEgxTHhIVks3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvM2ViYjQ2LWI5ZGQtNDY5NS04MTVjLTQ2ZWU1NzhhMGJmZS8x
LzQxYUlBOWNNZmdXdE5TaWNzQVhuNExSbWZqUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
M2ViYjQ2LWI5ZGQtNDY5NS04MTVjLTQ2ZWU1NzhhMGJmZS8xL3dzRXJVbnBkSDR1
THp5TU90aEgxTHhIVks3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMEdDgMEAMEgogMEAcEvRDANBgkq
hkiG9w0BAQsFAAOCAQEAaNfdLXlGrL1mpiXUzD1TYb40ot9qFT11zh7I4GY998u0
GplVr/2DeJZR5QJLEiu54GEv2lQi7ibN25N5ZAa+4I27OImb4Rr2r447gi0SgHFG
NnZEI82JCjl78xv+3oDiXedlCk7/WTjQMiCqouyry9jADskOFCXqAYIShJ7BXCR9
vUy4+s4iHKolNojIRf0C60QE5BG389xzYe1QpVGXiV0WDC4MsklKYvWudNQYZ4mw
1bQQ4SLVBIo6mV+R9PMphi7tGvb8zHZDgOXL2z6vcoGVIxSKvdhpKzGjsFxcvQjJ
m5iS/Hi0RQHpsj7GNbQoY9oyVmAxOj+20UhoOe1hkQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:20 2025 by rpki-client