Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/iXExfSrMhGmw9x_BiGvEeMDiWXc.roa
File: iXExfSrMhGmw9x_BiGvEeMDiWXc.roa (raw, json)
Hash identifier: dBCdZ2rqJsjr2Dl75pM+Jjts+3bNngD1tAqsGNaPxjM=
Subject key identifier: 89:71:31:7D:2A:CC:84:69:B0:F7:1F:C1:88:6B:C4:78:C0:E2:59:77
Certificate issuer: /CN=2ccb9b89bc0bc21752474e650dc34f069da5c0b3
Certificate serial: 01859DEA0B06E94ADD0D8052A03908F658AF
Authority key identifier: 2C:CB:9B:89:BC:0B:C2:17:52:47:4E:65:0D:C3:4F:06:9D:A5:C0:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMubibwLwhdSR05lDcNPBp2lwLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/iXExfSrMhGmw9x_BiGvEeMDiWXc.roa
Signing time: Tue 10 Jan 2023 23:00:39 +0000
ROA not before: Tue 10 Jan 2023 23:00:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12773
IP address blocks: 93.157.13.0/24 maxlen: 24
93.157.12.0/24 maxlen: 24
93.157.15.0/24 maxlen: 24
93.157.14.0/24 maxlen: 24
193.254.232.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9d:ea:0b:06:e9:4a:dd:0d:80:52:a0:39:08:f6:58:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ccb9b89bc0bc21752474e650dc34f069da5c0b3
Validity
Not Before: Jan 10 23:00:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8971317d2acc8469b0f71fc1886bc478c0e25977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cb:53:fe:a1:6d:7d:f0:a1:16:47:17:b7:04:
50:ad:00:06:49:ce:dd:46:a7:83:8f:64:51:2a:29:
ff:73:9d:ec:6f:ab:d3:8e:40:09:cc:c2:67:42:cd:
2f:51:c0:5d:af:f9:62:bf:a5:52:ab:ef:4b:17:51:
6d:d8:3f:7d:9a:83:b5:19:f7:2d:67:3c:f3:40:28:
63:7e:ea:e5:01:a0:18:18:76:86:7e:85:a7:80:23:
17:b4:b9:8a:6e:70:4d:ea:6e:34:e3:c9:8a:41:5e:
f3:6c:e0:84:16:fc:8d:1f:03:df:e1:7e:74:3b:4e:
4f:18:a5:97:65:81:a9:c8:70:91:5a:3f:8d:e9:7d:
b3:04:a6:61:3e:c4:ac:89:d3:56:8e:d0:66:ac:a8:
c2:3d:96:17:5d:db:92:09:60:a9:c0:e5:f0:72:7c:
a4:5a:79:c5:48:8c:f5:04:c4:00:bd:9f:63:b0:b7:
72:88:8f:dc:81:73:c9:9c:20:23:8d:cd:e6:89:b4:
90:26:9a:40:d2:d1:d8:7d:7b:f3:5b:d3:61:b0:d3:
7e:fc:c9:72:b8:e6:8c:62:e1:4b:d9:9c:70:3b:6e:
60:0e:e2:3e:1a:63:be:5b:b5:4d:6a:91:17:61:93:
6b:cd:87:09:7d:23:de:25:36:cc:ec:a8:15:f6:d9:
86:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:71:31:7D:2A:CC:84:69:B0:F7:1F:C1:88:6B:C4:78:C0:E2:59:77
X509v3 Authority Key Identifier:
keyid:2C:CB:9B:89:BC:0B:C2:17:52:47:4E:65:0D:C3:4F:06:9D:A5:C0:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMubibwLwhdSR05lDcNPBp2lwLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/iXExfSrMhGmw9x_BiGvEeMDiWXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/LMubibwLwhdSR05lDcNPBp2lwLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.12.0/22
193.254.232.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:36:90:ba:fd:90:d6:13:69:56:0f:e2:dc:fa:34:60:77:a9:
cc:5a:89:3c:94:b5:f8:ec:0d:d3:63:86:c7:52:de:3a:c4:d0:
27:2c:bb:6a:22:de:c3:79:81:c0:f7:32:61:c1:6f:88:6e:07:
1d:b0:11:f7:90:ab:2d:07:0d:fa:8a:77:e5:a3:76:44:68:b4:
f5:76:11:9e:ae:eb:64:1c:27:26:84:4a:e4:79:4c:43:9d:68:
ed:13:8e:d0:bc:14:17:3e:16:36:71:47:58:0d:82:6c:82:6b:
ef:4b:2e:85:d0:84:fd:fc:18:83:ab:6c:de:75:1e:12:8a:0f:
71:ad:93:f1:ef:18:72:d9:55:f3:e5:a4:d1:46:45:b4:7a:fe:
88:44:0b:4f:76:96:82:41:4e:77:18:0e:20:63:b1:c4:1a:aa:
d4:dd:3b:8e:71:9d:56:09:cf:61:1d:8e:14:71:02:74:b1:33:
f7:4a:5a:ad:9c:0a:b3:92:54:31:b2:7d:9c:94:ed:2c:92:d1:
95:42:67:b2:f2:8a:87:19:e2:c6:24:28:f7:6f:47:9b:b4:62:
28:17:b7:7a:f0:3a:0c:08:79:64:c6:19:d5:9c:83:2f:64:10:
a1:88:09:ab:57:6f:ac:59:56:9b:ee:06:47:b4:bf:00:1b:6e:
f5:67:9a:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWd6gsG6UrdDYBSoDkI9livMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjY2I5Yjg5YmMwYmMyMTc1MjQ3NGU2NTBkYzM0ZjA2OWRh
NWMwYjMwHhcNMjMwMTEwMjMwMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTcxMzE3ZDJhY2M4NDY5YjBmNzFmYzE4ODZiYzQ3OGMwZTI1OTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMtT/qFtffChFkcXtwRQrQAGSc7d
RqeDj2RRKin/c53sb6vTjkAJzMJnQs0vUcBdr/liv6VSq+9LF1Ft2D99moO1Gfct
ZzzzQChjfurlAaAYGHaGfoWngCMXtLmKbnBN6m4048mKQV7zbOCEFvyNHwPf4X50
O05PGKWXZYGpyHCRWj+N6X2zBKZhPsSsidNWjtBmrKjCPZYXXduSCWCpwOXwcnyk
WnnFSIz1BMQAvZ9jsLdyiI/cgXPJnCAjjc3mibSQJppA0tHYfXvzW9NhsNN+/Mly
uOaMYuFL2ZxwO25gDuI+GmO+W7VNapEXYZNrzYcJfSPeJTbM7KgV9tmGXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIlxMX0qzIRpsPcfwYhrxHjA4ll3MB8GA1UdIwQY
MBaAFCzLm4m8C8IXUkdOZQ3DTwadpcCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE11Ymlid0x3aGRTUjA1bERjTlBCcDJsd0xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yM2Y3YzQtNmUzYi00ZmRhLTkzMWIt
MDYyYWVkNTEzODFjLzEvaVhFeGZTck1oR213OXhfQmlHdkVlTURpV1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yM2Y3YzQtNmUzYi00ZmRhLTkzMWItMDYyYWVkNTEzODFj
LzEvTE11Ymlid0x3aGRTUjA1bERjTlBCcDJsd0xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXZ0MAwQB
wf7oMA0GCSqGSIb3DQEBCwUAA4IBAQC5NpC6/ZDWE2lWD+Lc+jRgd6nMWok8lLX4
7A3TY4bHUt46xNAnLLtqIt7DeYHA9zJhwW+IbgcdsBH3kKstBw36inflo3ZEaLT1
dhGerutkHCcmhErkeUxDnWjtE47QvBQXPhY2cUdYDYJsgmvvSy6F0IT9/BiDq2ze
dR4Sig9xrZPx7xhy2VXz5aTRRkW0ev6IRAtPdpaCQU53GA4gY7HEGqrU3TuOcZ1W
Cc9hHY4UcQJ0sTP3SlqtnAqzklQxsn2clO0sktGVQmey8oqHGeLGJCj3b0ebtGIo
F7d68DoMCHlkxhnVnIMvZBChiAmrV2+sWVab7gZHtL8AG271Z5q0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:19 2025 by rpki-client