Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/66e032-ab6a-4d3a-a12b-510cfa455640/1/tDFaefWqP-L9oxDTxVj8j80sFNg.roa
File: tDFaefWqP-L9oxDTxVj8j80sFNg.roa (raw, json)
Hash identifier: ngggTVvKsPyjk83j7Rdo4C66u7/Nkh4BJZMNP9v00xs=
Subject key identifier: B4:31:5A:79:F5:AA:3F:E2:FD:A3:10:D3:C5:58:FC:8F:CD:2C:14:D8
Certificate issuer: /CN=be65b30dad74ac769d4b5b32312da8fa81ab33d1
Certificate serial: 018321CD410D099585BA581E06D37736DA1D
Authority key identifier: BE:65:B3:0D:AD:74:AC:76:9D:4B:5B:32:31:2D:A8:FA:81:AB:33:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmWzDa10rHadS1syMS2o-oGrM9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/66e032-ab6a-4d3a-a12b-510cfa455640/1/tDFaefWqP-L9oxDTxVj8j80sFNg.roa
Signing time: Fri 09 Sep 2022 10:30:43 +0000
ROA not before: Fri 09 Sep 2022 10:30:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 193.201.122.0/23 maxlen: 23
193.150.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:cd:41:0d:09:95:85:ba:58:1e:06:d3:77:36:da:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be65b30dad74ac769d4b5b32312da8fa81ab33d1
Validity
Not Before: Sep 9 10:30:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4315a79f5aa3fe2fda310d3c558fc8fcd2c14d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:f7:a2:d2:88:d4:b8:11:a1:f6:5f:f9:1f:
4f:a4:18:01:e7:5d:ff:18:94:8c:19:50:de:18:b7:
a1:c5:99:b9:4f:75:ca:f0:90:0c:97:be:fb:92:ff:
9c:16:fc:c2:ed:9c:f1:50:0d:c6:f0:b3:7c:74:4a:
2b:78:be:44:54:62:89:97:82:92:b3:e7:b9:39:26:
61:06:e2:3f:5d:6b:44:29:64:06:eb:ca:8e:bc:55:
09:a7:47:69:4c:16:5b:23:b4:52:24:07:e3:3a:93:
7d:b7:f9:87:0e:4d:49:67:a3:6c:ed:8a:96:be:c6:
83:77:ec:08:9c:e5:2e:5b:59:52:dd:5e:53:25:6b:
7f:72:f4:99:fc:f6:f1:bd:c2:8a:65:45:5a:99:24:
94:e9:d6:5d:66:92:b5:43:0a:7e:c3:4f:81:92:4a:
a0:7f:43:f1:c0:f0:73:ff:91:ff:ef:2c:57:56:72:
7e:56:6f:16:f7:b5:cf:47:04:50:75:9c:9f:d1:20:
de:d8:29:14:a6:5a:a6:7b:13:8d:b1:c8:3c:fe:68:
3d:89:23:ae:98:94:20:05:c6:e6:03:0d:24:a4:ae:
93:4f:94:e0:04:f2:b8:13:38:02:da:95:b2:a8:b8:
7a:e2:e9:40:19:7f:36:34:d8:c9:9f:01:58:c3:54:
93:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:31:5A:79:F5:AA:3F:E2:FD:A3:10:D3:C5:58:FC:8F:CD:2C:14:D8
X509v3 Authority Key Identifier:
keyid:BE:65:B3:0D:AD:74:AC:76:9D:4B:5B:32:31:2D:A8:FA:81:AB:33:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmWzDa10rHadS1syMS2o-oGrM9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/66e032-ab6a-4d3a-a12b-510cfa455640/1/tDFaefWqP-L9oxDTxVj8j80sFNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/66e032-ab6a-4d3a-a12b-510cfa455640/1/vmWzDa10rHadS1syMS2o-oGrM9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.48.0/24
193.201.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:da:f0:28:7e:5b:3a:b2:31:c8:64:55:72:60:87:39:22:0b:
48:7b:eb:8b:08:3b:1c:7b:75:41:cf:7a:0a:88:2c:63:b7:1f:
c5:85:ec:db:5e:73:0b:19:a5:c4:b4:56:1e:89:03:63:aa:36:
fc:21:63:5e:36:67:9e:3b:83:7c:87:b7:01:77:bb:0e:9f:34:
ee:6d:3f:32:c8:f6:6d:bf:a3:58:e6:13:ce:44:28:04:b3:f8:
dd:f8:5f:98:da:fa:fe:83:da:03:fc:6e:f9:20:8c:22:f4:7c:
a0:09:0a:00:0d:5d:9c:bf:77:1c:6c:a8:2f:d7:c3:6f:ba:51:
4a:da:79:83:26:b5:ba:42:13:c4:86:b1:43:dc:d9:a0:1c:ed:
11:55:9c:b6:3e:5a:7d:50:c9:28:5e:7a:89:75:1d:4f:b0:91:
62:d2:28:14:15:0c:50:ad:12:30:24:9c:74:b2:43:92:38:98:
28:8e:99:c6:06:77:ab:f1:0b:12:0f:7c:e5:87:fd:16:54:d2:
b9:52:48:0f:c7:89:31:2b:12:b4:37:17:ad:9b:2b:42:19:b5:
1a:4c:fb:06:ae:4d:eb:2b:40:fa:42:0a:d8:3e:d2:39:9e:6c:
31:d8:37:9a:d4:e8:10:82:60:57:19:6c:73:9e:be:73:58:d0:
24:5b:43:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMhzUENCZWFulgeBtN3NtodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjViMzBkYWQ3NGFjNzY5ZDRiNWIzMjMxMmRhOGZhODFh
YjMzZDEwHhcNMjIwOTA5MTAzMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDMxNWE3OWY1YWEzZmUyZmRhMzEwZDNjNTU4ZmM4ZmNkMmMxNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf73otKI1LgRofZf+R9PpBgB513/
GJSMGVDeGLehxZm5T3XK8JAMl777kv+cFvzC7ZzxUA3G8LN8dEoreL5EVGKJl4KS
s+e5OSZhBuI/XWtEKWQG68qOvFUJp0dpTBZbI7RSJAfjOpN9t/mHDk1JZ6Ns7YqW
vsaDd+wInOUuW1lS3V5TJWt/cvSZ/PbxvcKKZUVamSSU6dZdZpK1Qwp+w0+Bkkqg
f0PxwPBz/5H/7yxXVnJ+Vm8W97XPRwRQdZyf0SDe2CkUplqmexONscg8/mg9iSOu
mJQgBcbmAw0kpK6TT5TgBPK4EzgC2pWyqLh64ulAGX82NNjJnwFYw1STDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQxWnn1qj/i/aMQ08VY/I/NLBTYMB8GA1UdIwQY
MBaAFL5lsw2tdKx2nUtbMjEtqPqBqzPRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1XekRhMTBySGFkUzFzeU1TMm8tb0dyTTlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82NmUwMzItYWI2YS00ZDNhLWExMmIt
NTEwY2ZhNDU1NjQwLzEvdERGYWVmV3FQLUw5b3hEVHhWajhqODBzRk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82NmUwMzItYWI2YS00ZDNhLWExMmItNTEwY2ZhNDU1NjQw
LzEvdm1XekRhMTBySGFkUzFzeU1TMm8tb0dyTTlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwZYwAwQB
wcl6MA0GCSqGSIb3DQEBCwUAA4IBAQCn2vAofls6sjHIZFVyYIc5IgtIe+uLCDsc
e3VBz3oKiCxjtx/FhezbXnMLGaXEtFYeiQNjqjb8IWNeNmeeO4N8h7cBd7sOnzTu
bT8yyPZtv6NY5hPORCgEs/jd+F+Y2vr+g9oD/G75IIwi9HygCQoADV2cv3ccbKgv
18NvulFK2nmDJrW6QhPEhrFD3NmgHO0RVZy2Plp9UMkoXnqJdR1PsJFi0igUFQxQ
rRIwJJx0skOSOJgojpnGBner8QsSD3zlh/0WVNK5UkgPx4kxKxK0NxetmytCGbUa
TPsGrk3rK0D6QgrYPtI5nmwx2Dea1OgQgmBXGWxznr5zWNAkW0Of
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:37 2025 by rpki-client