Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/21ec0f-a1ec-4ad4-a749-ddcfe36f433b/1/vq6zSQKOOaCW6cQt_i2CXU1teWo.roa
File: vq6zSQKOOaCW6cQt_i2CXU1teWo.roa (raw, json)
Hash identifier: 63lJs9BUhPKtTLRn6VwK5ppntskz02g4V2rQinvrNGc=
Subject key identifier: BE:AE:B3:49:02:8E:39:A0:96:E9:C4:2D:FE:2D:82:5D:4D:6D:79:6A
Certificate issuer: /CN=a440b85f0f7ba6385cd4fee8a0ec04e81841542c
Certificate serial: 01857230ED3C786429E65F9C7BC2304688A0
Authority key identifier: A4:40:B8:5F:0F:7B:A6:38:5C:D4:FE:E8:A0:EC:04:E8:18:41:54:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEC4Xw97pjhc1P7ooOwE6BhBVCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/21ec0f-a1ec-4ad4-a749-ddcfe36f433b/1/vq6zSQKOOaCW6cQt_i2CXU1teWo.roa
Signing time: Mon 02 Jan 2023 11:14:47 +0000
ROA not before: Mon 02 Jan 2023 11:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44329
IP address blocks: 193.109.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:ed:3c:78:64:29:e6:5f:9c:7b:c2:30:46:88:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a440b85f0f7ba6385cd4fee8a0ec04e81841542c
Validity
Not Before: Jan 2 11:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beaeb349028e39a096e9c42dfe2d825d4d6d796a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:d3:08:aa:f1:b0:e9:85:43:64:c1:d2:fc:
86:20:c9:74:f7:da:7a:1c:8c:36:c5:47:85:a7:d6:
c1:91:31:30:97:52:90:fb:32:c5:23:6d:99:a3:9e:
4e:d3:72:5c:35:c7:fb:d7:b8:7a:35:b5:3c:32:4b:
29:b3:a9:6e:ea:ce:99:18:71:90:d2:7e:78:54:f2:
c7:67:31:e5:59:bc:70:85:4b:3e:3a:e1:6f:fa:85:
0b:7c:01:3b:9a:4f:e5:de:fa:0f:a5:d6:1a:a4:70:
13:81:a1:b4:df:5e:9d:60:3c:c4:b8:eb:b5:f8:35:
7f:3a:6a:66:37:39:85:59:04:f7:0b:92:8f:f0:b9:
f1:88:ea:d1:45:78:45:72:1d:72:a8:2e:44:81:54:
8f:ae:02:19:0c:16:ab:fd:a8:a5:f2:ee:c8:82:23:
98:e7:2c:74:52:f5:16:06:21:5c:69:00:38:a3:0d:
b4:8a:e3:71:72:2d:ae:86:e2:18:c0:ac:29:9c:fb:
c8:bc:90:67:7b:7c:17:92:7e:ef:d6:a4:d9:ec:7a:
37:23:4e:a5:02:56:3e:76:da:ba:f7:83:7d:e9:b9:
30:1f:5b:6c:a9:f3:e1:94:64:c0:55:b6:8f:db:bb:
c9:64:6d:9a:af:6c:6e:1f:26:e5:75:8b:61:c2:4c:
d6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AE:B3:49:02:8E:39:A0:96:E9:C4:2D:FE:2D:82:5D:4D:6D:79:6A
X509v3 Authority Key Identifier:
keyid:A4:40:B8:5F:0F:7B:A6:38:5C:D4:FE:E8:A0:EC:04:E8:18:41:54:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEC4Xw97pjhc1P7ooOwE6BhBVCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/21ec0f-a1ec-4ad4-a749-ddcfe36f433b/1/vq6zSQKOOaCW6cQt_i2CXU1teWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/21ec0f-a1ec-4ad4-a749-ddcfe36f433b/1/pEC4Xw97pjhc1P7ooOwE6BhBVCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.88.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fc:bb:72:b7:e6:05:87:91:a9:fb:35:3b:71:e6:04:63:4e:
00:f2:c5:b7:e5:0b:7b:43:cb:1a:f2:b5:bd:a9:81:5d:33:be:
78:84:7b:be:ac:88:37:77:ba:32:8c:31:53:71:c7:51:14:71:
ff:15:bd:64:66:5e:07:88:93:2b:98:34:e2:b2:b0:be:bd:fa:
8d:1f:61:30:ac:f6:82:4d:43:ed:4a:2c:56:1a:b1:44:a4:ac:
13:f7:fa:b7:e0:ab:00:c5:ff:44:76:d1:f0:00:5a:fe:62:33:
cd:d1:7e:bd:1c:16:98:1a:78:03:1e:a6:72:6b:d6:0c:4d:1f:
1c:2b:68:c5:78:da:20:34:b0:7b:e9:05:9e:ef:33:bf:10:71:
8a:b9:5f:35:4d:f6:ca:39:52:32:cb:fc:25:be:33:93:e1:c3:
c2:85:d3:05:10:2e:d0:39:61:0e:16:98:17:34:2e:1c:70:e2:
aa:22:9e:c8:7f:9d:5a:0a:72:7b:bd:48:cc:eb:72:65:2b:a7:
fd:96:84:7e:c6:e3:5e:61:25:8c:d2:a3:a5:ce:af:ba:b1:15:
05:08:89:d0:12:5d:dd:f2:b9:93:d4:70:8c:e2:b5:4d:ca:98:
05:7d:95:b7:c5:42:85:88:8a:ff:2c:49:ac:7b:fd:1b:bb:65:
90:6e:fb:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMO08eGQp5l+ce8IwRoigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NDBiODVmMGY3YmE2Mzg1Y2Q0ZmVlOGEwZWMwNGU4MTg0
MTU0MmMwHhcNMjMwMTAyMTExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFlYjM0OTAyOGUzOWEwOTZlOWM0MmRmZTJkODI1ZDRkNmQ3OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZHTCKrxsOmFQ2TB0vyGIMl099p6
HIw2xUeFp9bBkTEwl1KQ+zLFI22Zo55O03JcNcf717h6NbU8Mksps6lu6s6ZGHGQ
0n54VPLHZzHlWbxwhUs+OuFv+oULfAE7mk/l3voPpdYapHATgaG0316dYDzEuOu1
+DV/OmpmNzmFWQT3C5KP8LnxiOrRRXhFch1yqC5EgVSPrgIZDBar/ail8u7IgiOY
5yx0UvUWBiFcaQA4ow20iuNxci2uhuIYwKwpnPvIvJBne3wXkn7v1qTZ7Ho3I06l
AlY+dtq694N96bkwH1tsqfPhlGTAVbaP27vJZG2ar2xuHybldYthwkzWWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL6us0kCjjmglunELf4tgl1NbXlqMB8GA1UdIwQY
MBaAFKRAuF8Pe6Y4XNT+6KDsBOgYQVQsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEVDNFh3OTdwamhjMVA3b29Pd0U2QmhCVkN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8yMWVjMGYtYTFlYy00YWQ0LWE3NDkt
ZGRjZmUzNmY0MzNiLzEvdnE2elNRS09PYUNXNmNRdF9pMkNYVTF0ZVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8yMWVjMGYtYTFlYy00YWQ0LWE3NDktZGRjZmUzNmY0MzNi
LzEvcEVDNFh3OTdwamhjMVA3b29Pd0U2QmhCVkN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW1YMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ/Ltyt+YFh5Gp+zU7ceYEY04A8sW35Qt7Q8sa8rW9
qYFdM754hHu+rIg3d7oyjDFTccdRFHH/Fb1kZl4HiJMrmDTisrC+vfqNH2EwrPaC
TUPtSixWGrFEpKwT9/q34KsAxf9EdtHwAFr+YjPN0X69HBaYGngDHqZya9YMTR8c
K2jFeNogNLB76QWe7zO/EHGKuV81TfbKOVIyy/wlvjOT4cPChdMFEC7QOWEOFpgX
NC4ccOKqIp7If51aCnJ7vUjM63JlK6f9loR+xuNeYSWM0qOlzq+6sRUFCInQEl3d
8rmT1HCM4rVNypgFfZW3xUKFiIr/LEmse/0bu2WQbvsk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:39 2025 by rpki-client