Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/Prb0GP93ErVcAOaAOJXf3YEkq1o.roa
File: Prb0GP93ErVcAOaAOJXf3YEkq1o.roa (raw, json)
Hash identifier: 06KqvS0xB7wLBlAMCOzw43uUlO9t6eDuSWMM/ddm+no=
Subject key identifier: 3E:B6:F4:18:FF:77:12:B5:5C:00:E6:80:38:95:DF:DD:81:24:AB:5A
Certificate issuer: /CN=c7a8246f70ae18e736e4e53981480d58616af2e8
Certificate serial: 012FF55A
Authority key identifier: C7:A8:24:6F:70:AE:18:E7:36:E4:E5:39:81:48:0D:58:61:6A:F2:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6gkb3CuGOc25OU5gUgNWGFq8ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/Prb0GP93ErVcAOaAOJXf3YEkq1o.roa
Signing time: Sat 01 Jan 2022 13:06:57 +0000
ROA not before: Sat 01 Jan 2022 13:06:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 194.33.16.0/24 maxlen: 24
194.32.206.0/24 maxlen: 24
194.32.220.0/24 maxlen: 24
194.33.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19920218 (0x12ff55a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a8246f70ae18e736e4e53981480d58616af2e8
Validity
Not Before: Jan 1 13:06:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3eb6f418ff7712b55c00e6803895dfdd8124ab5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:07:d4:cf:a9:bf:16:6a:10:57:70:cc:93:f5:
bd:c0:c3:44:a2:f5:dd:4e:81:9e:7e:9d:86:78:f8:
36:ee:fb:c4:ad:bb:49:d5:79:b9:4f:8a:4b:19:70:
85:6b:03:8b:89:c1:49:16:0b:93:65:69:cf:dd:f1:
d9:59:45:2b:5e:b4:bf:fa:0c:24:72:77:ba:72:bd:
bd:c0:7f:ed:d7:60:38:3d:49:b4:71:42:ff:9f:8e:
c9:83:58:13:ac:ce:eb:3b:2d:70:64:79:ed:aa:f2:
a3:ba:06:35:c2:95:b0:e9:d5:58:7a:bc:86:bd:d5:
cb:59:bd:1d:3d:ef:b4:4d:5b:36:4e:40:21:b1:ed:
77:1d:22:59:6c:42:04:a8:cf:8d:7c:87:55:e7:45:
20:8a:16:ef:9f:2b:ba:a9:20:c3:49:b5:bb:52:9d:
9a:d0:7e:62:09:5e:69:48:ca:e2:26:d6:a6:20:62:
31:15:fa:72:84:b2:6a:10:47:a0:5f:c9:7e:9a:a2:
3d:ab:4e:ff:66:62:e7:ad:a4:35:58:66:60:3f:51:
bf:9c:42:59:9f:33:68:59:e6:90:96:a5:af:30:ab:
d8:4e:33:70:2b:b0:22:f7:24:9a:10:9c:55:8b:1b:
4c:4d:80:83:4d:8a:2e:fa:04:d8:7d:e6:95:ba:b7:
da:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B6:F4:18:FF:77:12:B5:5C:00:E6:80:38:95:DF:DD:81:24:AB:5A
X509v3 Authority Key Identifier:
keyid:C7:A8:24:6F:70:AE:18:E7:36:E4:E5:39:81:48:0D:58:61:6A:F2:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6gkb3CuGOc25OU5gUgNWGFq8ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/Prb0GP93ErVcAOaAOJXf3YEkq1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/x6gkb3CuGOc25OU5gUgNWGFq8ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.206.0/24
194.32.220.0/24
194.33.10.0/24
194.33.16.0/24
Signature Algorithm: sha256WithRSAEncryption
00:43:da:af:9d:6e:44:4d:a1:c5:9b:ea:22:37:46:c4:7d:c3:
7f:97:50:d5:66:f2:c6:b1:e6:e4:85:09:d1:fd:da:b2:02:f1:
54:cf:7e:35:7c:2a:aa:a8:62:54:f6:cb:38:fd:85:59:2e:a9:
72:fb:8a:df:96:2f:ca:41:a9:68:37:aa:4c:d7:e8:f4:6e:48:
c2:c9:84:d0:55:a8:46:6d:79:4a:f2:5d:16:f9:5a:08:f8:21:
8d:2a:c3:45:af:57:bb:58:15:eb:70:e1:74:ba:1f:e8:18:34:
c4:0b:cd:36:88:58:d0:bc:64:38:e3:80:2f:f7:4c:2c:0a:93:
ae:69:98:79:31:b3:ca:0e:72:a0:13:d4:44:d5:2f:30:90:32:
b4:a8:04:6b:4f:d7:88:d9:67:93:02:47:e0:f3:bc:4f:b2:5f:
45:cc:61:1c:e6:c9:bd:54:a9:b5:e3:0e:58:9e:26:0a:78:ff:
6c:d6:45:f3:0f:83:0a:99:3d:e7:1e:92:c0:d5:6b:70:59:36:
05:c0:17:1f:42:81:21:fb:6f:85:87:fd:d1:13:2c:76:b1:3f:
28:f4:74:32:66:29:68:1d:58:3f:7e:d4:55:ca:e8:c4:8c:29:
b7:98:4c:98:9c:06:64:ff:89:55:b9:c2:a3:87:d4:37:16:c0:
f5:c9:43:57
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAS/1WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2E4MjQ2ZjcwYWUxOGU3MzZlNGU1Mzk4MTQ4MGQ1ODYxNmFmMmU4MB4XDTIyMDEw
MTEzMDY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ViNmY0MThmZjc3
MTJiNTVjMDBlNjgwMzg5NWRmZGQ4MTI0YWI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUH1M+pvxZqEFdwzJP1vcDDRKL13U6Bnn6dhnj4Nu77xK27
SdV5uU+KSxlwhWsDi4nBSRYLk2Vpz93x2VlFK160v/oMJHJ3unK9vcB/7ddgOD1J
tHFC/5+OyYNYE6zO6zstcGR57aryo7oGNcKVsOnVWHq8hr3Vy1m9HT3vtE1bNk5A
IbHtdx0iWWxCBKjPjXyHVedFIIoW758ruqkgw0m1u1KdmtB+YgleaUjK4ibWpiBi
MRX6coSyahBHoF/JfpqiPatO/2Zi562kNVhmYD9Rv5xCWZ8zaFnmkJalrzCr2E4z
cCuwIvckmhCcVYsbTE2Ag02KLvoE2H3mlbq32nMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ+tvQY/3cStVwA5oA4ld/dgSSrWjAfBgNVHSMEGDAWgBTHqCRvcK4Y5zbk
5TmBSA1YYWry6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g2Z2tiM0N1R09jMjVPVTVnVWdOV0dGcTh1Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvYWQ1NjNlLTVjYmUtNGUxNS04MjRkLWUzZDI4NmQyMGU1Mi8x
L1ByYjBHUDkzRXJWY0FPYUFPSlhmM1lFa3Exby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
YWQ1NjNlLTVjYmUtNGUxNS04MjRkLWUzZDI4NmQyMGU1Mi8xL3g2Z2tiM0N1R09j
MjVPVTVnVWdOV0dGcTh1Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMIgzgMEAMIg3AMEAMIhCgMEAMIh
EDANBgkqhkiG9w0BAQsFAAOCAQEAAEPar51uRE2hxZvqIjdGxH3Df5dQ1WbyxrHm
5IUJ0f3asgLxVM9+NXwqqqhiVPbLOP2FWS6pcvuK35YvykGpaDeqTNfo9G5IwsmE
0FWoRm15SvJdFvlaCPghjSrDRa9Xu1gV63DhdLof6Bg0xAvNNohY0LxkOOOAL/dM
LAqTrmmYeTGzyg5yoBPURNUvMJAytKgEa0/XiNlnkwJH4PO8T7JfRcxhHObJvVSp
teMOWJ4mCnj/bNZF8w+DCpk95x6SwNVrcFk2BcAXH0KBIftvhYf90RMsdrE/KPR0
MmYpaB1YP37UVcroxIwpt5hMmJwGZP+JVbnCo4fUNxbA9clDVw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:00 2025 by rpki-client