Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/mCCQEZzOoeEb9K9GL7rG4yRvTO8.roa
File: mCCQEZzOoeEb9K9GL7rG4yRvTO8.roa (raw, json)
Hash identifier: Wok7OpceHDX/ZEfj/bJiVE523HFqRQMcvIox0knFsdU=
Subject key identifier: 98:20:90:11:9C:CE:A1:E1:1B:F4:AF:46:2F:BA:C6:E3:24:6F:4C:EF
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 01872A974544A536DCEBF786BD6D96A99FC6
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/mCCQEZzOoeEb9K9GL7rG4yRvTO8.roa
Signing time: Tue 28 Mar 2023 23:39:29 +0000
ROA not before: Tue 28 Mar 2023 23:39:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59645
IP address blocks: 193.104.168.0/24 maxlen: 24
195.191.196.0/23 maxlen: 24
2a06:d1c0:dead::/48 maxlen: 48
2a06:d1c0:deae::/48 maxlen: 48
2a06:d1c0:f761::/48 maxlen: 48
2a06:d1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2a:97:45:44:a5:36:dc:eb:f7:86:bd:6d:96:a9:9f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Mar 28 23:39:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=982090119ccea1e11bf4af462fbac6e3246f4cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:78:e0:8b:55:23:49:4c:e5:37:d2:28:0c:4b:
5e:b6:19:14:86:4e:3d:8b:d6:82:0c:6f:b2:a5:47:
19:29:f4:df:cc:46:0b:a5:85:20:ec:77:c8:6a:90:
ab:dd:7b:6d:cb:4b:52:7d:02:8d:8b:c8:df:67:6a:
e8:83:8a:39:3a:66:23:aa:37:dc:b0:c4:ab:92:7f:
57:4a:5d:a4:01:01:0e:16:42:1f:ef:d3:bc:3c:9b:
4e:5a:2d:4d:58:0e:f4:8f:70:fd:a0:2a:1e:01:08:
df:1f:24:e7:44:9d:ad:1f:91:9b:df:17:1e:10:3f:
5d:f2:5f:95:02:27:bf:49:07:b6:8d:32:c8:3f:4a:
ad:5c:64:d4:f6:7e:3b:fe:13:f8:a7:66:c9:2a:ee:
f7:0d:57:f5:41:80:62:d3:e4:71:e9:f6:52:da:1e:
6f:46:2f:91:17:5f:c8:16:19:57:94:53:f8:45:16:
17:9c:6a:50:72:73:8e:d9:5e:63:cb:27:88:b7:ab:
9d:55:62:3e:2e:0d:7c:01:06:f4:05:67:ff:54:ac:
2f:b5:9b:3f:a5:08:0b:f9:b7:52:3a:bb:f5:4e:0c:
21:7a:e8:c5:1a:8f:63:73:88:90:5b:7f:b5:f3:34:
57:c2:74:b6:c8:b4:63:13:3d:34:14:82:bd:c1:98:
46:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:20:90:11:9C:CE:A1:E1:1B:F4:AF:46:2F:BA:C6:E3:24:6F:4C:EF
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/mCCQEZzOoeEb9K9GL7rG4yRvTO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.168.0/24
195.191.196.0/23
IPv6:
2a06:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:ea:1c:3f:be:af:1b:89:d6:a7:db:0e:e7:ee:9d:19:ff:a4:
17:fc:52:0f:96:50:05:6f:9e:e1:76:46:ed:1e:f5:e3:80:09:
51:13:5f:3c:69:40:ac:01:fd:7e:f8:3c:49:ee:11:72:e2:45:
05:dc:7c:13:85:ed:ec:2f:50:ab:c8:ee:b1:22:28:bc:a6:06:
68:6f:3c:f7:63:50:ca:57:10:e3:df:7c:e7:c0:c9:62:2a:2b:
6d:bf:f8:99:b2:a6:13:c0:f4:a1:70:56:f0:08:6d:b0:6c:d6:
b3:ba:b3:2c:08:81:30:03:6c:41:91:c8:71:fd:04:d5:cf:e6:
11:74:5b:85:b1:e0:1b:bb:83:d2:27:cc:f1:d4:ce:e7:6b:8c:
2a:80:72:8f:d0:61:61:5f:9c:ae:86:3d:5a:a1:e3:61:57:63:
ed:2e:7d:67:01:98:1c:46:c0:22:f1:24:f5:de:b6:a8:28:d5:
a4:b2:df:c7:d1:86:84:8c:42:de:84:7e:0d:a1:21:80:39:7d:
c9:0f:f3:97:52:82:1a:19:76:c8:1e:2d:e0:a1:a9:12:d6:f9:
f1:be:33:db:70:a7:c2:dc:fd:be:db:7b:d2:2d:aa:19:2a:7c:
ad:07:60:cb:fd:72:42:3e:e3:98:a8:f9:b1:d7:8b:40:94:ac:
e1:7b:05:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcql0VEpTbc6/eGvW2WqZ/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjMwMzI4MjMzOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIwOTAxMTljY2VhMWUxMWJmNGFmNDYyZmJhYzZlMzI0NmY0Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnjgi1UjSUzlN9IoDEtethkUhk49
i9aCDG+ypUcZKfTfzEYLpYUg7HfIapCr3Xtty0tSfQKNi8jfZ2rog4o5OmYjqjfc
sMSrkn9XSl2kAQEOFkIf79O8PJtOWi1NWA70j3D9oCoeAQjfHyTnRJ2tH5Gb3xce
ED9d8l+VAie/SQe2jTLIP0qtXGTU9n47/hP4p2bJKu73DVf1QYBi0+Rx6fZS2h5v
Ri+RF1/IFhlXlFP4RRYXnGpQcnOO2V5jyyeIt6udVWI+Lg18AQb0BWf/VKwvtZs/
pQgL+bdSOrv1TgwheujFGo9jc4iQW3+18zRXwnS2yLRjEz00FIK9wZhGzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJggkBGczqHhG/SvRi+6xuMkb0zvMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvbUNDUUVaek9vZUViOUs5R0w3ckc0eVJ2VE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwWioAwQB
w7/EMA0EAgACMAcDBQMqBtHAMA0GCSqGSIb3DQEBCwUAA4IBAQAX6hw/vq8bidan
2w7n7p0Z/6QX/FIPllAFb57hdkbtHvXjgAlRE188aUCsAf1++DxJ7hFy4kUF3HwT
he3sL1CryO6xIii8pgZobzz3Y1DKVxDj33znwMliKittv/iZsqYTwPShcFbwCG2w
bNazurMsCIEwA2xBkchx/QTVz+YRdFuFseAbu4PSJ8zx1M7na4wqgHKP0GFhX5yu
hj1aoeNhV2PtLn1nAZgcRsAi8ST13raoKNWkst/H0YaEjELehH4NoSGAOX3JD/OX
UoIaGXbIHi3goakS1vnxvjPbcKfC3P2+23vSLaoZKnytB2DL/XJCPuOYqPmx14tA
lKzhewUP
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:08:09 2025 by rpki-client