Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/sNJ_NhTKqFLacHrZscLijdBGyvY.roa
File: sNJ_NhTKqFLacHrZscLijdBGyvY.roa (raw, json)
Hash identifier: lIt34pD+K9HOwQZOpctJ7WbOyEWXC7UBeHzyf/h14+I=
Subject key identifier: B0:D2:7F:36:14:CA:A8:52:DA:70:7A:D9:B1:C2:E2:8D:D0:46:CA:F6
Certificate issuer: /CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Certificate serial: 0185A08661AFC012D08F14C2BFAF2B46B3F2
Authority key identifier: 13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/sNJ_NhTKqFLacHrZscLijdBGyvY.roa
Signing time: Wed 11 Jan 2023 11:10:39 +0000
ROA not before: Wed 11 Jan 2023 11:10:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 692
IP address blocks: 193.41.58.0/24 maxlen: 24
185.178.20.0/22 maxlen: 22
64.224.12.0/22 maxlen: 22
185.101.140.0/22 maxlen: 22
2a10:5940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:86:61:af:c0:12:d0:8f:14:c2:bf:af:2b:46:b3:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Validity
Not Before: Jan 11 11:10:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0d27f3614caa852da707ad9b1c2e28dd046caf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:59:fc:b8:55:3a:ce:51:53:5b:8d:94:68:6c:
29:e5:ed:c6:6d:21:3d:d7:77:93:14:47:fe:43:ec:
39:19:ea:e4:55:ad:91:16:79:54:2f:8d:61:70:1e:
1a:e8:31:21:28:e7:a4:14:a4:86:9c:3a:4f:01:3a:
f2:d0:ce:11:39:e6:1b:18:cc:f5:3e:87:b1:f5:73:
45:e1:8b:dd:30:7e:78:d6:97:fd:af:25:e3:19:37:
fd:c2:bd:66:f3:8b:b1:b8:6a:4f:9c:7b:dd:8b:59:
91:d4:4f:0b:ab:33:09:0c:5c:23:e6:55:18:31:c1:
84:a2:8c:2b:ed:fb:4e:bc:47:ec:a7:60:e9:c5:4e:
46:07:ac:85:52:86:3c:bb:ef:c9:8b:aa:c9:40:32:
6e:a6:13:d0:d2:75:95:ef:40:ec:1a:b0:e0:cc:bc:
0c:e6:cf:1e:98:2d:0f:7e:a5:ee:a2:a5:46:85:36:
8b:5b:49:66:26:ec:83:c1:24:41:e0:c3:ed:e4:9c:
4f:0f:d2:d2:a8:67:2b:1e:c9:12:15:41:40:40:41:
7f:29:c8:92:cc:8f:06:0f:10:eb:61:c8:e0:be:9e:
0f:9f:1b:59:07:e4:6f:99:57:11:62:dc:bc:95:ba:
c7:dd:95:da:3a:28:a9:30:5f:39:ec:d6:9d:e7:7e:
73:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:D2:7F:36:14:CA:A8:52:DA:70:7A:D9:B1:C2:E2:8D:D0:46:CA:F6
X509v3 Authority Key Identifier:
keyid:13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/sNJ_NhTKqFLacHrZscLijdBGyvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.224.12.0/22
185.101.140.0/22
185.178.20.0/22
193.41.58.0/24
IPv6:
2a10:5940::/29
Signature Algorithm: sha256WithRSAEncryption
b4:86:d7:2c:a6:62:4c:11:3a:af:37:4c:7e:2d:83:bc:59:07:
df:2b:bc:6a:6a:d8:fa:35:1c:1a:17:7b:6f:33:57:a7:86:e4:
83:48:02:87:76:2b:03:c2:7a:84:6f:c9:9d:43:6f:20:7d:2b:
a3:d5:fa:2b:8e:dc:77:f9:ef:bf:18:1b:29:dc:c8:b0:ae:fd:
82:28:7a:e5:4e:31:bd:85:0d:58:9d:a9:5b:40:f0:33:11:9f:
86:05:e5:20:c9:85:0a:26:88:28:12:6f:8f:e6:e0:5b:0c:1b:
74:c5:87:5b:a3:32:67:b3:a4:30:16:f1:62:28:f6:98:cb:6a:
87:71:62:27:d8:be:20:e4:23:6d:a7:d6:7a:b7:12:8b:49:ab:
b4:44:7e:c4:71:56:41:dc:6b:3e:70:02:f0:29:64:a1:a2:e9:
45:ed:19:69:cb:12:e3:03:4d:d6:ae:22:2f:c2:7b:4c:a6:31:
ec:af:78:c9:55:2b:6f:62:08:6d:78:0a:9f:5d:fb:ff:b1:45:
15:51:ab:73:f6:99:64:af:4e:d7:5d:f5:8d:b9:82:c2:c9:db:
b6:70:1d:9f:54:99:6a:f4:c1:3b:54:fe:ee:10:82:8d:04:19:
0a:c7:d8:0e:04:54:83:d7:39:54:67:26:7b:e0:65:6e:8b:28:
cb:fe:a5:ef
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYWghmGvwBLQjxTCv68rRrPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjQzZGFjZTg2NjM0NDdlZTQ3MjU1MjBkNzhjNTRhYjdi
OTlhZDQwHhcNMjMwMTExMTExMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGQyN2YzNjE0Y2FhODUyZGE3MDdhZDliMWMyZTI4ZGQwNDZjYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnln8uFU6zlFTW42UaGwp5e3GbSE9
13eTFEf+Q+w5GerkVa2RFnlUL41hcB4a6DEhKOekFKSGnDpPATry0M4ROeYbGMz1
Poex9XNF4YvdMH541pf9ryXjGTf9wr1m84uxuGpPnHvdi1mR1E8LqzMJDFwj5lUY
McGEoowr7ftOvEfsp2DpxU5GB6yFUoY8u+/Ji6rJQDJuphPQ0nWV70DsGrDgzLwM
5s8emC0PfqXuoqVGhTaLW0lmJuyDwSRB4MPt5JxPD9LSqGcrHskSFUFAQEF/KciS
zI8GDxDrYcjgvp4PnxtZB+RvmVcRYty8lbrH3ZXaOiipMF857Nad535zVwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLDSfzYUyqhS2nB62bHC4o3QRsr2MB8GA1UdIwQY
MBaAFBO0PazoZjRH7kclUg14xUq3uZrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMt
MmI0YTI3MTQyMTRhLzEvc05KX05oVEtxRkxhY0hyWnNjTGlqZEJHeXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMtMmI0YTI3MTQyMTRh
LzEvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCQOAMAwQC
uWWMAwQCubIUAwQAwSk6MA0EAgACMAcDBQMqEFlAMA0GCSqGSIb3DQEBCwUAA4IB
AQC0htcspmJMETqvN0x+LYO8WQffK7xqatj6NRwaF3tvM1enhuSDSAKHdisDwnqE
b8mdQ28gfSuj1forjtx3+e+/GBsp3Miwrv2CKHrlTjG9hQ1YnalbQPAzEZ+GBeUg
yYUKJogoEm+P5uBbDBt0xYdbozJns6QwFvFiKPaYy2qHcWIn2L4g5CNtp9Z6txKL
Sau0RH7EcVZB3Gs+cALwKWShoulF7RlpyxLjA03WriIvwntMpjHsr3jJVStvYght
eAqfXfv/sUUVUatz9plkr07XXfWNuYLCydu2cB2fVJlq9ME7VP7uEIKNBBkKx9gO
BFSD1zlUZyZ74GVuiyjL/qXv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:12 2025 by rpki-client