Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/1-nBZaEGYFjsOnDcKB2LKWaPmf3c.roa
File: 1-nBZaEGYFjsOnDcKB2LKWaPmf3c.roa (raw, json)
Hash identifier: hlDjSo7eVR36Hf9NHzFGH/Cg5s7LV1YOTRRwyGorWVc=
Subject key identifier: FA:70:59:68:41:98:16:3B:0E:9C:37:0A:07:62:CA:59:A3:E6:7F:77
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018410522F7497D447BB41B56C398E4E60AE
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/1-nBZaEGYFjsOnDcKB2LKWaPmf3c.roa
Signing time: Tue 25 Oct 2022 18:05:32 +0000
ROA not before: Tue 25 Oct 2022 18:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.254.52.0/24 maxlen: 24
93.190.10.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
193.17.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:52:2f:74:97:d4:47:bb:41:b5:6c:39:8e:4e:60:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 25 18:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa7059684198163b0e9c370a0762ca59a3e67f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:53:e3:d6:cd:cc:0d:c5:af:6f:07:c1:87:a3:
e1:73:c0:83:da:cb:43:c0:bb:18:3f:8a:b6:e1:2b:
b7:4b:70:69:b6:a0:32:f9:ba:8f:56:71:3f:5e:d8:
e8:65:f9:65:87:bb:76:dc:14:c9:35:f1:63:bb:31:
be:24:8d:d3:b1:6f:8a:0b:3e:da:71:3f:ca:34:a9:
ce:48:69:ef:59:b7:50:65:7e:23:29:bc:7e:7e:49:
5d:65:48:8e:21:f6:5f:9f:36:15:b3:90:f8:e4:76:
ba:66:04:56:5b:36:5a:d9:f5:23:84:93:1b:dd:de:
0b:b4:b0:7c:1e:fd:2c:f2:8a:c2:0c:19:67:de:e3:
ae:f3:a9:e4:7d:1e:bf:31:6c:f7:9d:f8:c3:cd:08:
2e:52:08:bb:99:5b:96:29:3a:9e:48:f8:45:25:b2:
5c:da:a7:87:02:5f:d6:3a:22:b0:6e:e0:cf:cc:85:
81:75:c4:07:6e:3c:27:1d:79:80:e8:36:25:2c:4f:
27:46:c8:d8:73:0f:1e:fe:98:a0:2e:6d:99:c9:18:
37:24:39:ac:93:ef:16:4e:54:e2:71:5a:fd:4c:7f:
40:6a:4a:26:8b:c7:24:0e:ba:1d:09:27:b9:36:bd:
14:4e:ec:48:b6:d8:02:37:17:74:69:45:1e:aa:cf:
f9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:70:59:68:41:98:16:3B:0E:9C:37:0A:07:62:CA:59:A3:E6:7F:77
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/1-nBZaEGYFjsOnDcKB2LKWaPmf3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.8.0/24
93.190.10.0/24
185.254.52.0/24
193.17.4.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:60:04:21:e7:24:2c:62:63:48:aa:b2:e4:53:d5:10:52:2e:
5d:0a:5d:33:0e:35:c3:ad:e3:2c:7d:86:33:14:15:14:0f:2a:
37:4f:fd:2d:d5:8e:98:19:ed:bb:84:bd:f9:4e:7d:39:3e:74:
be:02:b8:c6:98:4b:c5:f9:6e:9c:3e:a8:c7:33:24:e3:8c:87:
e5:20:16:9d:93:e8:d3:c8:e7:15:a3:c5:f3:20:ef:79:34:26:
1d:9b:61:2e:2c:c1:d8:29:d7:be:e0:c6:ab:67:41:c8:6c:92:
5f:ff:dc:15:a8:80:34:f8:55:e3:04:8d:04:df:6a:5f:10:dd:
4c:0f:10:f0:39:65:16:39:39:13:f2:40:49:a5:ec:ea:6f:8a:
fa:48:28:a0:54:51:36:6a:df:3a:3f:39:49:24:b8:98:1a:93:
a5:67:62:4e:db:93:e8:b2:1d:dc:42:00:38:a6:19:2d:53:f7:
9b:2b:1c:d6:15:c9:40:ba:c3:24:5b:3b:57:b0:db:53:42:e0:
bd:ad:95:2d:59:8a:1e:83:1a:8f:6a:93:36:8f:d8:ae:1f:44:
12:91:90:bb:c8:71:7f:22:86:f0:9e:99:78:9a:21:a6:b8:41:
6c:8b:b5:3a:2e:04:09:61:ad:b3:d6:7c:33:2d:44:d0:d9:be:
75:9a:d0:06
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYQQUi90l9RHu0G1bDmOTmCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMDI1MTgwNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTcwNTk2ODQxOTgxNjNiMGU5YzM3MGEwNzYyY2E1OWEzZTY3Zjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglPj1s3MDcWvbwfBh6Phc8CD2stD
wLsYP4q24Su3S3BptqAy+bqPVnE/XtjoZfllh7t23BTJNfFjuzG+JI3TsW+KCz7a
cT/KNKnOSGnvWbdQZX4jKbx+fkldZUiOIfZfnzYVs5D45Ha6ZgRWWzZa2fUjhJMb
3d4LtLB8Hv0s8orCDBln3uOu86nkfR6/MWz3nfjDzQguUgi7mVuWKTqeSPhFJbJc
2qeHAl/WOiKwbuDPzIWBdcQHbjwnHXmA6DYlLE8nRsjYcw8e/pigLm2ZyRg3JDms
k+8WTlTicVr9TH9Aakomi8ckDrodCSe5Nr0UTuxIttgCNxd0aUUeqs/53QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPpwWWhBmBY7Dpw3Cgdiylmj5n93MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMS1uQlphRUdZRmpzT25EY0tCMkxLV2FQbWYzYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjYvNmZjMWJjLWE1ZjgtNDJhOC05NWU0LTYwMTA3ZTJiNTEw
OS8xL1Q1VUpzejJsWHo1ZFVvUHJZaDBOTmRldTdWdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAF2+CAME
AF2+CgMEALn+NAMEAMERBDANBgkqhkiG9w0BAQsFAAOCAQEAnWAEIeckLGJjSKqy
5FPVEFIuXQpdMw41w63jLH2GMxQVFA8qN0/9LdWOmBntu4S9+U59OT50vgK4xphL
xflunD6oxzMk44yH5SAWnZPo08jnFaPF8yDveTQmHZthLizB2CnXvuDGq2dByGyS
X//cFaiANPhV4wSNBN9qXxDdTA8Q8DllFjk5E/JASaXs6m+K+kgooFRRNmrfOj85
SSS4mBqTpWdiTtuT6LId3EIAOKYZLVP3mysc1hXJQLrDJFs7V7DbU0Lgva2VLVmK
HoMaj2qTNo/Yrh9EEpGQu8hxfyKG8J6ZeJohprhBbIu1Oi4ECWGts9Z8My1E0Nm+
dZrQBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org