Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/B3jPreS_pHwxjfyAIP7iyvRbRfM.roa
File: B3jPreS_pHwxjfyAIP7iyvRbRfM.roa (raw, json)
Hash identifier: yDjeMl6X2jqoVAHex4JHch63/KXaDwYHu4/rrw+4QLY=
Subject key identifier: 07:78:CF:AD:E4:BF:A4:7C:31:8D:FC:80:20:FE:E2:CA:F4:5B:45:F3
Certificate issuer: /CN=ce94c31e15df4b7a60e5d40df3aac1852e8da74b
Certificate serial: 01890ACD5AA980629C472EA57610E4532B89
Authority key identifier: CE:94:C3:1E:15:DF:4B:7A:60:E5:D4:0D:F3:AA:C1:85:2E:8D:A7:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpTDHhXfS3pg5dQN86rBhS6Np0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/B3jPreS_pHwxjfyAIP7iyvRbRfM.roa
Signing time: Fri 30 Jun 2023 05:36:17 +0000
ROA not before: Fri 30 Jun 2023 05:36:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 193.178.157.0/24 maxlen: 24
193.178.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0a:cd:5a:a9:80:62:9c:47:2e:a5:76:10:e4:53:2b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce94c31e15df4b7a60e5d40df3aac1852e8da74b
Validity
Not Before: Jun 30 05:36:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0778cfade4bfa47c318dfc8020fee2caf45b45f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:19:df:37:b5:17:e7:17:8b:d2:80:63:01:e4:
c9:d9:0c:ae:c0:2c:ee:85:e3:61:07:d2:88:c2:89:
1c:af:8a:2b:8f:f3:b2:b3:20:79:3f:9e:05:1f:b5:
d1:cd:6e:8a:7d:5a:44:4c:a4:52:fd:3e:fb:b6:c4:
89:16:d7:38:3e:2f:48:83:93:13:59:21:2b:36:09:
48:57:94:e1:6f:e2:f6:c7:ad:94:e8:56:5c:9f:be:
e1:98:68:49:70:99:d9:4a:66:a2:e4:2a:d1:ab:8f:
49:1b:16:96:27:c9:f1:72:dd:10:3c:77:93:65:c1:
b8:c7:38:09:e9:13:e3:72:27:c9:62:28:10:d5:d0:
7e:45:d8:12:54:01:c9:e9:a8:d9:6e:d3:26:03:04:
9d:3c:46:91:50:b5:b2:ad:70:28:9c:00:53:2a:2d:
5c:be:7f:7b:64:dd:db:42:6f:57:3f:a9:d9:c7:bd:
89:be:27:08:36:af:62:dd:3e:8b:26:eb:f9:d3:91:
9a:0d:81:15:71:5a:77:58:4e:35:dc:29:40:06:6a:
bd:25:be:d1:35:e3:9b:c7:8e:4b:e3:9a:48:48:ea:
fd:b9:17:72:e0:e7:cd:10:b5:2f:b3:16:34:63:9a:
97:c3:49:7f:34:4c:70:51:10:c3:e5:ad:98:f6:f2:
b3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:78:CF:AD:E4:BF:A4:7C:31:8D:FC:80:20:FE:E2:CA:F4:5B:45:F3
X509v3 Authority Key Identifier:
keyid:CE:94:C3:1E:15:DF:4B:7A:60:E5:D4:0D:F3:AA:C1:85:2E:8D:A7:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpTDHhXfS3pg5dQN86rBhS6Np0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/B3jPreS_pHwxjfyAIP7iyvRbRfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/zpTDHhXfS3pg5dQN86rBhS6Np0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.156.0/23
Signature Algorithm: sha256WithRSAEncryption
19:fc:4d:c7:74:a6:e7:a5:f0:44:31:02:1d:77:46:9d:38:c9:
c5:2a:e5:d3:55:27:d3:94:1f:5a:df:57:47:5f:3c:4d:07:09:
13:3f:98:09:f9:63:77:76:6d:44:41:50:ae:84:c3:73:1c:fb:
a5:fb:1a:42:d2:63:01:f0:c0:3e:59:b3:ec:20:62:8c:66:96:
ab:32:5a:c2:9f:52:24:71:b5:83:77:be:c1:11:2e:ae:fc:1f:
a0:3f:2b:1d:60:75:45:c6:c1:ff:d3:21:16:27:32:5e:50:10:
5f:aa:a4:54:fc:67:76:fe:ee:51:e5:e1:d7:c6:30:7b:d6:3b:
78:59:7e:e3:8c:a4:e4:47:fd:e4:7a:3c:fc:cf:a4:1c:4f:ca:
b3:7f:09:29:74:62:2d:95:35:51:62:c6:22:62:40:60:d5:49:
dd:69:d1:9d:c6:90:24:3e:f9:e3:b5:01:dd:83:aa:fb:18:71:
30:eb:77:a5:43:53:9d:b2:f3:d1:cb:ed:8c:cd:11:00:f7:8d:
ae:66:8a:4c:c4:70:a3:bd:46:44:c3:59:3e:04:c6:11:23:1f:
23:ce:54:fe:f2:f5:b2:9a:e9:de:3b:02:78:77:73:fe:4c:ea:
18:16:83:60:80:e3:91:76:ad:10:51:04:fa:b6:d8:d4:c1:e5:
57:47:4c:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkKzVqpgGKcRy6ldhDkUyuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOTRjMzFlMTVkZjRiN2E2MGU1ZDQwZGYzYWFjMTg1MmU4
ZGE3NGIwHhcNMjMwNjMwMDUzNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzc4Y2ZhZGU0YmZhNDdjMzE4ZGZjODAyMGZlZTJjYWY0NWI0NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRnfN7UX5xeL0oBjAeTJ2QyuwCzu
heNhB9KIwokcr4orj/OysyB5P54FH7XRzW6KfVpETKRS/T77tsSJFtc4Pi9Ig5MT
WSErNglIV5Thb+L2x62U6FZcn77hmGhJcJnZSmai5CrRq49JGxaWJ8nxct0QPHeT
ZcG4xzgJ6RPjcifJYigQ1dB+RdgSVAHJ6ajZbtMmAwSdPEaRULWyrXAonABTKi1c
vn97ZN3bQm9XP6nZx72JvicINq9i3T6LJuv505GaDYEVcVp3WE413ClABmq9Jb7R
NeObx45L45pISOr9uRdy4OfNELUvsxY0Y5qXw0l/NExwURDD5a2Y9vKzCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAd4z63kv6R8MY38gCD+4sr0W0XzMB8GA1UdIwQY
MBaAFM6Uwx4V30t6YOXUDfOqwYUujadLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenBUREhoWGZTM3BnNWRRTjg2ckJoUzZOcDBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lZDdjYjItZTM4Ny00N2JmLWJlNGEt
MDhmMjI2M2E0MTNjLzEvQjNqUHJlU19wSHd4amZ5QUlQN2l5dlJiUmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lZDdjYjItZTM4Ny00N2JmLWJlNGEtMDhmMjI2M2E0MTNj
LzEvenBUREhoWGZTM3BnNWRRTjg2ckJoUzZOcDBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwbKcMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ/E3HdKbnpfBEMQIdd0adOMnFKuXTVSfTlB9a31dH
XzxNBwkTP5gJ+WN3dm1EQVCuhMNzHPul+xpC0mMB8MA+WbPsIGKMZparMlrCn1Ik
cbWDd77BES6u/B+gPysdYHVFxsH/0yEWJzJeUBBfqqRU/Gd2/u5R5eHXxjB71jt4
WX7jjKTkR/3kejz8z6QcT8qzfwkpdGItlTVRYsYiYkBg1UndadGdxpAkPvnjtQHd
g6r7GHEw63elQ1OdsvPRy+2MzREA942uZopMxHCjvUZEw1k+BMYRIx8jzlT+8vWy
muneOwJ4d3P+TOoYFoNggOORdq0QUQT6ttjUweVXR0yO
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:02:23 2025 by rpki-client