Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/35uiac2BkVWRVEDDviFMDN44ryk.roa
File: 35uiac2BkVWRVEDDviFMDN44ryk.roa (raw, json)
Hash identifier: 1UfDvrgfUMZm9VRPuhubpQv2haXecb9VGxyJJpJTGI4=
Subject key identifier: DF:9B:A2:69:CD:81:91:55:91:54:40:C3:BE:21:4C:0C:DE:38:AF:29
Certificate issuer: /CN=2ccb9b89bc0bc21752474e650dc34f069da5c0b3
Certificate serial: 01856F3938BD484B0F26E88A28ECE0C93BB6
Authority key identifier: 2C:CB:9B:89:BC:0B:C2:17:52:47:4E:65:0D:C3:4F:06:9D:A5:C0:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMubibwLwhdSR05lDcNPBp2lwLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/35uiac2BkVWRVEDDviFMDN44ryk.roa
Signing time: Sun 01 Jan 2023 21:24:59 +0000
ROA not before: Sun 01 Jan 2023 21:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213375
IP address blocks: 93.157.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:38:bd:48:4b:0f:26:e8:8a:28:ec:e0:c9:3b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ccb9b89bc0bc21752474e650dc34f069da5c0b3
Validity
Not Before: Jan 1 21:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df9ba269cd819155915440c3be214c0cde38af29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:6b:ed:f9:58:e7:23:f8:71:b1:b5:d3:aa:
38:1d:27:7e:2a:ee:12:d1:c5:26:9e:c4:81:41:93:
29:83:bd:5b:29:c6:e1:66:11:96:d7:ed:9a:e1:a5:
c9:7f:1d:6d:68:1a:86:9b:f1:95:d7:6a:0c:60:38:
b9:f7:74:9a:a3:b7:32:27:9a:5c:f9:09:5c:cc:e1:
a3:82:04:26:96:98:a2:48:31:d4:36:06:75:82:a7:
db:5e:10:df:2b:de:41:13:45:a7:54:7d:79:f3:1c:
f4:24:58:1b:dd:34:f6:41:a3:b9:fb:3e:50:63:c7:
47:55:96:f7:a5:d0:33:42:6b:95:40:72:8b:81:29:
73:88:1c:55:e1:de:b7:e5:be:ad:4a:82:7d:86:43:
5c:02:14:47:c7:f5:79:95:53:ba:e5:c2:9d:47:3b:
90:6d:04:36:cc:b7:f1:8f:0e:2e:6f:93:04:ae:a5:
fe:99:3f:2f:e2:a6:15:11:74:3e:8a:fd:aa:ca:be:
68:78:43:6f:b2:30:b6:1c:1d:09:e9:4d:1f:98:dc:
8a:f8:8e:6f:c3:0a:4b:61:ff:4d:69:76:17:5b:e9:
ef:cb:35:7a:bf:6b:e7:c5:a8:35:97:a2:f1:48:47:
83:8a:47:db:aa:f4:9e:ec:8b:80:a7:98:a3:ac:78:
f7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9B:A2:69:CD:81:91:55:91:54:40:C3:BE:21:4C:0C:DE:38:AF:29
X509v3 Authority Key Identifier:
keyid:2C:CB:9B:89:BC:0B:C2:17:52:47:4E:65:0D:C3:4F:06:9D:A5:C0:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMubibwLwhdSR05lDcNPBp2lwLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/35uiac2BkVWRVEDDviFMDN44ryk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/LMubibwLwhdSR05lDcNPBp2lwLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.12.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:58:86:1c:0c:d2:41:49:6b:21:5d:2e:84:fc:d4:f3:32:38:
b3:0f:bb:9f:d7:f2:5a:13:36:69:61:61:f1:1b:0f:31:64:a6:
5a:0e:39:65:4e:be:da:f5:ff:9f:27:bf:c2:0f:ab:35:0c:24:
47:14:eb:b7:d7:d7:ae:28:bd:a6:0a:f8:f4:87:a9:3b:28:66:
0b:21:ec:9b:ef:de:c8:bb:cd:e4:c3:3c:3b:44:e9:33:96:2b:
52:e6:4e:d7:29:8c:45:56:18:cb:c2:5d:59:66:f3:73:6b:64:
2e:a1:16:7e:10:a4:ae:92:c0:a4:b1:e9:78:5e:02:00:dc:1c:
47:2e:5d:45:78:71:45:50:e1:b1:0a:a7:dd:44:d1:93:6f:7e:
89:8e:aa:06:fc:d9:97:32:35:ea:80:e6:e3:bf:16:f3:7b:e7:
2e:cf:2d:07:46:5e:5e:dc:77:ea:fa:57:12:09:ec:fa:c7:73:
ba:e8:34:d1:c9:2d:ee:c7:fd:03:06:49:98:48:a1:ee:7d:ce:
89:0d:20:c1:13:82:61:58:ea:75:fb:f3:b5:80:20:73:6c:33:
e4:62:48:4c:5e:1e:e2:e6:7f:ef:3c:4c:e9:e9:69:6d:df:62:
cd:46:8a:44:05:b6:69:b0:42:e5:1e:97:03:fd:a3:7d:2f:e5:
1b:30:0d:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOTi9SEsPJuiKKOzgyTu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjY2I5Yjg5YmMwYmMyMTc1MjQ3NGU2NTBkYzM0ZjA2OWRh
NWMwYjMwHhcNMjMwMTAxMjEyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjliYTI2OWNkODE5MTU1OTE1NDQwYzNiZTIxNGMwY2RlMzhhZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8hr7flY5yP4cbG106o4HSd+Ku4S
0cUmnsSBQZMpg71bKcbhZhGW1+2a4aXJfx1taBqGm/GV12oMYDi593Sao7cyJ5pc
+QlczOGjggQmlpiiSDHUNgZ1gqfbXhDfK95BE0WnVH158xz0JFgb3TT2QaO5+z5Q
Y8dHVZb3pdAzQmuVQHKLgSlziBxV4d635b6tSoJ9hkNcAhRHx/V5lVO65cKdRzuQ
bQQ2zLfxjw4ub5MErqX+mT8v4qYVEXQ+iv2qyr5oeENvsjC2HB0J6U0fmNyK+I5v
wwpLYf9NaXYXW+nvyzV6v2vnxag1l6LxSEeDikfbqvSe7IuAp5ijrHj3YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+bomnNgZFVkVRAw74hTAzeOK8pMB8GA1UdIwQY
MBaAFCzLm4m8C8IXUkdOZQ3DTwadpcCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE11Ymlid0x3aGRTUjA1bERjTlBCcDJsd0xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yM2Y3YzQtNmUzYi00ZmRhLTkzMWIt
MDYyYWVkNTEzODFjLzEvMzV1aWFjMkJrVldSVkVERHZpRk1ETjQ0cnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yM2Y3YzQtNmUzYi00ZmRhLTkzMWItMDYyYWVkNTEzODFj
LzEvTE11Ymlid0x3aGRTUjA1bERjTlBCcDJsd0xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXZ0MMA0G
CSqGSIb3DQEBCwUAA4IBAQC5WIYcDNJBSWshXS6E/NTzMjizD7uf1/JaEzZpYWHx
Gw8xZKZaDjllTr7a9f+fJ7/CD6s1DCRHFOu319euKL2mCvj0h6k7KGYLIeyb797I
u83kwzw7ROkzlitS5k7XKYxFVhjLwl1ZZvNza2QuoRZ+EKSuksCksel4XgIA3BxH
Ll1FeHFFUOGxCqfdRNGTb36JjqoG/NmXMjXqgObjvxbze+cuzy0HRl5e3Hfq+lcS
Cez6x3O66DTRyS3ux/0DBkmYSKHufc6JDSDBE4JhWOp1+/O1gCBzbDPkYkhMXh7i
5n/vPEzp6Wlt32LNRopEBbZpsELlHpcD/aN9L+UbMA1F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:45 2025 by rpki-client