Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/RQBNUyiYaVaog7jsQTAStTHioDE.roa
File: RQBNUyiYaVaog7jsQTAStTHioDE.roa (raw, json)
Hash identifier: 0vY0RrFMfmXEA0vpJy26azNqM0O8fSbaavKRf9mWh9E=
Subject key identifier: 45:00:4D:53:28:98:69:56:A8:83:B8:EC:41:30:12:B5:31:E2:A0:31
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 0185A1F93EB66E19CCF84885CFC0B7B34C45
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/RQBNUyiYaVaog7jsQTAStTHioDE.roa
Signing time: Wed 11 Jan 2023 17:55:44 +0000
ROA not before: Wed 11 Jan 2023 17:55:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60353
IP address blocks: 193.19.96.0/23 maxlen: 23
193.19.96.0/24 maxlen: 24
193.19.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:f9:3e:b6:6e:19:cc:f8:48:85:cf:c0:b7:b3:4c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 11 17:55:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45004d5328986956a883b8ec413012b531e2a031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a5:fa:99:21:b6:22:9c:de:b8:0e:3b:d2:35:
1a:48:96:7d:0e:3e:55:89:81:2c:01:76:66:41:4d:
7f:38:f5:45:b3:06:53:e9:d5:4b:d6:30:fd:23:93:
6f:d8:a4:48:60:04:56:d4:bb:ec:ba:46:5c:31:fa:
17:51:5f:85:3e:b1:0d:66:20:11:be:cc:44:31:85:
39:0e:f6:f2:86:53:23:49:8b:5e:4a:f3:50:8e:ac:
0c:85:00:c5:52:98:bf:9f:38:64:f3:f5:8b:bd:8d:
41:ca:b4:fe:ff:f5:0b:4e:84:c7:90:28:b4:bb:0f:
45:de:90:ea:f5:51:15:99:73:a3:94:4b:c4:59:5f:
ec:56:15:2f:9f:49:16:12:36:ff:d8:46:d5:13:57:
c5:e6:79:72:52:8d:d4:b3:2a:e1:1b:3e:7e:bf:2a:
37:3a:d6:18:5a:56:2d:4c:4f:95:e3:77:4a:81:21:
b1:91:b7:c6:79:e5:6c:3d:89:d8:0e:cc:62:6e:0e:
3b:3a:ab:82:a3:a2:02:94:e5:4f:84:a4:71:7a:30:
f1:0d:e3:88:d3:87:1b:c2:95:e0:dc:0b:3d:56:5f:
89:d9:88:79:83:5b:c5:1f:48:d0:9d:2a:9d:39:b0:
ef:3f:11:e7:bb:f4:e5:db:11:28:30:b1:06:23:bc:
00:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:00:4D:53:28:98:69:56:A8:83:B8:EC:41:30:12:B5:31:E2:A0:31
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/RQBNUyiYaVaog7jsQTAStTHioDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.96.0/23
Signature Algorithm: sha256WithRSAEncryption
04:3f:b1:e7:28:70:ae:e1:3f:e4:3e:78:5b:56:86:88:d2:d4:
a8:81:ef:c1:ef:7a:3c:e5:96:66:80:8d:67:c4:06:70:55:cd:
59:f8:ca:d7:3a:b5:f9:ba:44:1a:e6:23:5c:f4:20:b8:87:d7:
db:6c:6b:86:3e:eb:6d:f8:65:25:31:b4:f4:08:86:ed:22:cd:
4c:6c:44:80:da:ee:63:d2:46:ba:a5:fb:05:56:86:31:21:24:
79:b2:65:c6:a4:86:10:78:ec:e6:17:67:99:95:27:19:5d:4b:
38:00:12:a0:ad:fc:07:b7:8d:76:7e:76:7b:c8:b6:3a:d6:b4:
41:62:7f:8d:de:4b:b4:04:6c:3e:6e:c0:d9:93:37:2e:75:27:
6c:96:a8:0d:30:32:ca:d9:ac:45:29:28:6a:5c:67:9f:e0:76:
b4:ba:2f:18:c5:b3:03:44:28:b7:85:ac:ba:15:9a:46:56:6b:
5f:f7:09:17:62:80:51:ba:fc:bc:6a:1e:47:12:44:17:0f:89:
fa:4d:6b:ac:a7:a7:19:0b:f6:a7:27:7d:90:dd:f0:ba:80:0e:
61:66:b8:aa:ce:b3:21:91:47:8b:ce:73:80:53:9f:cc:b2:93:
63:81:8d:d7:33:d2:f0:f7:8d:c2:f7:ed:0a:c3:af:d4:55:19:
35:fa:39:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWh+T62bhnM+EiFz8C3s0xFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMTExMTc1NTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTAwNGQ1MzI4OTg2OTU2YTg4M2I4ZWM0MTMwMTJiNTMxZTJhMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaX6mSG2IpzeuA470jUaSJZ9Dj5V
iYEsAXZmQU1/OPVFswZT6dVL1jD9I5Nv2KRIYARW1LvsukZcMfoXUV+FPrENZiAR
vsxEMYU5DvbyhlMjSYteSvNQjqwMhQDFUpi/nzhk8/WLvY1ByrT+//ULToTHkCi0
uw9F3pDq9VEVmXOjlEvEWV/sVhUvn0kWEjb/2EbVE1fF5nlyUo3UsyrhGz5+vyo3
OtYYWlYtTE+V43dKgSGxkbfGeeVsPYnYDsxibg47OquCo6IClOVPhKRxejDxDeOI
04cbwpXg3As9Vl+J2Yh5g1vFH0jQnSqdObDvPxHnu/Tl2xEoMLEGI7wApwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEUATVMomGlWqIO47EEwErUx4qAxMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvUlFCTlV5aVlhVmFvZzdqc1FUQVN0VEhpb0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRNgMA0G
CSqGSIb3DQEBCwUAA4IBAQAEP7HnKHCu4T/kPnhbVoaI0tSoge/B73o85ZZmgI1n
xAZwVc1Z+MrXOrX5ukQa5iNc9CC4h9fbbGuGPutt+GUlMbT0CIbtIs1MbESA2u5j
0ka6pfsFVoYxISR5smXGpIYQeOzmF2eZlScZXUs4ABKgrfwHt412fnZ7yLY61rRB
Yn+N3ku0BGw+bsDZkzcudSdslqgNMDLK2axFKShqXGef4Ha0ui8YxbMDRCi3hay6
FZpGVmtf9wkXYoBRuvy8ah5HEkQXD4n6TWusp6cZC/anJ32Q3fC6gA5hZriqzrMh
kUeLznOAU5/MspNjgY3XM9Lw943C9+0Kw6/UVRk1+jnr
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:09 2025 by rpki-client