Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/RXnf-Lf6It30G4b_U7fw7EkXF3Y.roa
File: RXnf-Lf6It30G4b_U7fw7EkXF3Y.roa (raw, json)
Hash identifier: DxP4hEFtl7P5kNUitxG8ezKOvSc9Q2924Ant4fGvdqU=
Subject key identifier: 45:79:DF:F8:B7:FA:22:DD:F4:1B:86:FF:53:B7:F0:EC:49:17:17:76
Certificate issuer: /CN=07b7a0c1babd621e8220d0d777877a844b413c10
Certificate serial: 01856FD51A3E5CF36384B7C9637147896116
Authority key identifier: 07:B7:A0:C1:BA:BD:62:1E:82:20:D0:D7:77:87:7A:84:4B:41:3C:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B7egwbq9Yh6CINDXd4d6hEtBPBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/RXnf-Lf6It30G4b_U7fw7EkXF3Y.roa
Signing time: Mon 02 Jan 2023 00:15:14 +0000
ROA not before: Mon 02 Jan 2023 00:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50629
IP address blocks: 193.203.2.0/23 maxlen: 23
193.203.16.0/23 maxlen: 23
2a0f:e280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1a:3e:5c:f3:63:84:b7:c9:63:71:47:89:61:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07b7a0c1babd621e8220d0d777877a844b413c10
Validity
Not Before: Jan 2 00:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4579dff8b7fa22ddf41b86ff53b7f0ec49171776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ec:3b:72:86:12:de:ae:f9:eb:c9:23:e5:d4:
ed:99:cd:34:24:20:00:b4:cd:32:f7:a2:d1:21:90:
30:58:d1:db:6e:a4:d1:8b:ff:a7:17:ee:1e:6f:b6:
6c:05:a8:94:69:fb:5e:1a:eb:91:a5:9c:c3:e8:67:
cc:9a:62:16:af:99:da:d9:6c:7a:2e:a1:99:bd:6a:
b9:63:5a:79:72:72:93:08:fe:76:07:5b:5e:be:9d:
ce:8f:3e:91:ec:7d:27:82:0d:3e:49:84:1d:49:b3:
12:8d:56:1b:dc:e8:e7:e3:11:3e:14:41:2e:a5:99:
b3:7a:f0:e3:02:b1:fe:e2:3f:a0:da:00:2e:ca:bf:
7a:ec:41:06:37:61:0a:bf:bb:4e:61:e5:25:2d:69:
95:3d:2b:35:0d:e0:fa:05:2a:61:41:52:7c:5e:d3:
b7:a1:4b:5a:b7:55:a5:3d:a1:09:eb:81:3a:6e:55:
04:7c:01:77:7f:11:b5:74:89:d0:cc:ac:dd:43:39:
33:47:92:6a:9d:9f:e4:a8:13:87:49:57:1c:99:0a:
11:df:69:20:6a:52:c9:96:dd:88:2b:16:14:c2:8c:
20:14:44:b2:0d:9d:0b:7c:56:07:23:70:26:1a:55:
5b:3a:6e:6a:17:5c:15:a8:b5:27:de:ed:4d:ef:76:
dd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:79:DF:F8:B7:FA:22:DD:F4:1B:86:FF:53:B7:F0:EC:49:17:17:76
X509v3 Authority Key Identifier:
keyid:07:B7:A0:C1:BA:BD:62:1E:82:20:D0:D7:77:87:7A:84:4B:41:3C:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B7egwbq9Yh6CINDXd4d6hEtBPBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/RXnf-Lf6It30G4b_U7fw7EkXF3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/B7egwbq9Yh6CINDXd4d6hEtBPBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.2.0/23
193.203.16.0/23
IPv6:
2a0f:e280::/29
Signature Algorithm: sha256WithRSAEncryption
35:c8:08:1e:92:3b:01:eb:a7:90:47:89:e7:e4:33:c7:ba:c6:
2e:9b:a6:d2:b8:bd:90:28:bb:6e:77:f0:40:1b:d9:e1:9b:c9:
f4:69:07:f9:c5:a4:ed:8d:f7:fb:cd:fc:cf:1c:78:c6:64:8a:
dd:26:3a:b8:da:48:16:bc:e2:83:72:c5:e8:60:c8:7b:11:5d:
04:fc:f4:be:d9:06:56:50:f9:f3:37:49:0a:e6:b4:12:2a:fa:
41:52:48:5a:cb:4e:08:d1:61:d4:44:f1:82:70:ab:cd:80:0a:
a8:b8:0f:ca:0b:fa:52:19:45:02:0f:b6:ac:a7:94:21:36:ce:
1f:3e:28:c6:4c:1e:77:b1:33:fe:e8:d3:8a:d1:cd:5c:61:66:
07:1c:d7:11:14:5c:d3:8e:f2:ec:22:2a:4c:72:bf:1d:20:af:
74:e1:b5:e6:3f:96:16:82:d0:6b:46:a1:2d:80:04:2f:06:7c:
42:cb:24:26:12:bd:76:fe:c7:2f:0a:32:42:7d:b9:fc:1b:d7:
8c:9c:26:d1:0c:1c:0f:c3:0f:87:f9:b5:52:12:65:08:29:55:
68:81:29:96:f3:36:51:86:2c:a6:10:b0:70:e1:93:77:5c:61:
0a:31:20:9c:41:ca:63:12:72:b1:87:e6:8e:71:ca:9b:5b:e2:
02:e8:78:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv1Ro+XPNjhLfJY3FHiWEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YjdhMGMxYmFiZDYyMWU4MjIwZDBkNzc3ODc3YTg0NGI0
MTNjMTAwHhcNMjMwMTAyMDAxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTc5ZGZmOGI3ZmEyMmRkZjQxYjg2ZmY1M2I3ZjBlYzQ5MTcxNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtew7coYS3q7568kj5dTtmc00JCAA
tM0y96LRIZAwWNHbbqTRi/+nF+4eb7ZsBaiUafteGuuRpZzD6GfMmmIWr5na2Wx6
LqGZvWq5Y1p5cnKTCP52B1tevp3Ojz6R7H0ngg0+SYQdSbMSjVYb3Ojn4xE+FEEu
pZmzevDjArH+4j+g2gAuyr967EEGN2EKv7tOYeUlLWmVPSs1DeD6BSphQVJ8XtO3
oUtat1WlPaEJ64E6blUEfAF3fxG1dInQzKzdQzkzR5JqnZ/kqBOHSVccmQoR32kg
alLJlt2IKxYUwowgFESyDZ0LfFYHI3AmGlVbOm5qF1wVqLUn3u1N73bdKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEV53/i3+iLd9BuG/1O38OxJFxd2MB8GA1UdIwQY
MBaAFAe3oMG6vWIegiDQ13eHeoRLQTwQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjdlZ3dicTlZaDZDSU5EWGQ0ZDZoRXRCUEJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS81YzNmYzMtMzVlOC00YTBjLWEzMGYt
ZmI5MjE3MDI4YzVjLzEvUlhuZi1MZjZJdDMwRzRiX1U3Znc3RWtYRjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS81YzNmYzMtMzVlOC00YTBjLWEzMGYtZmI5MjE3MDI4YzVj
LzEvQjdlZ3dicTlZaDZDSU5EWGQ0ZDZoRXRCUEJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwcsCAwQB
wcsQMA0EAgACMAcDBQMqD+KAMA0GCSqGSIb3DQEBCwUAA4IBAQA1yAgekjsB66eQ
R4nn5DPHusYum6bSuL2QKLtud/BAG9nhm8n0aQf5xaTtjff7zfzPHHjGZIrdJjq4
2kgWvOKDcsXoYMh7EV0E/PS+2QZWUPnzN0kK5rQSKvpBUkhay04I0WHURPGCcKvN
gAqouA/KC/pSGUUCD7asp5QhNs4fPijGTB53sTP+6NOK0c1cYWYHHNcRFFzTjvLs
IipMcr8dIK904bXmP5YWgtBrRqEtgAQvBnxCyyQmEr12/scvCjJCfbn8G9eMnCbR
DBwPww+H+bVSEmUIKVVogSmW8zZRhiymELBw4ZN3XGEKMSCcQcpjEnKxh+aOccqb
W+IC6Hh/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:05 2025 by rpki-client