Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ca68e8-5157-46b6-b584-ea92d80ab188/1/0q9H4XE_dpQQa17q4idu7i_a85s.roa
File: 0q9H4XE_dpQQa17q4idu7i_a85s.roa (raw, json)
Hash identifier: uSD1+6qYxZwpfJkqyySzN53WCgSqqtJ6qAwHcSwxed0=
Subject key identifier: D2:AF:47:E1:71:3F:76:94:10:6B:5E:EA:E2:27:6E:EE:2F:DA:F3:9B
Certificate issuer: /CN=230e9ac64510fa391846bb139ab52b8001d58038
Certificate serial: 01856D13B5970DC50920A7808F7E051C54C2
Authority key identifier: 23:0E:9A:C6:45:10:FA:39:18:46:BB:13:9A:B5:2B:80:01:D5:80:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iw6axkUQ-jkYRrsTmrUrgAHVgDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/ca68e8-5157-46b6-b584-ea92d80ab188/1/0q9H4XE_dpQQa17q4idu7i_a85s.roa
Signing time: Sun 01 Jan 2023 11:24:46 +0000
ROA not before: Sun 01 Jan 2023 11:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 193.30.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:b5:97:0d:c5:09:20:a7:80:8f:7e:05:1c:54:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=230e9ac64510fa391846bb139ab52b8001d58038
Validity
Not Before: Jan 1 11:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2af47e1713f7694106b5eeae2276eee2fdaf39b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a4:e0:1a:da:91:5f:60:dc:2f:30:1b:68:0d:
60:1a:de:a6:47:5a:4b:ed:a5:f6:31:58:3c:c8:3a:
bc:57:2c:f9:5a:7b:21:da:72:9d:4f:b3:80:cb:72:
b2:36:ce:0f:02:ca:c3:bc:85:06:d4:76:7d:2d:cc:
0b:dc:1c:6b:8c:66:4f:08:ac:a7:74:a4:2d:df:eb:
77:00:fd:47:34:b1:84:44:3c:d0:7d:f5:fc:46:03:
65:10:5e:67:1a:bc:5a:19:af:a2:83:c0:43:e6:4f:
ce:6f:fd:3a:42:f8:92:1b:5b:c4:4f:69:91:2e:6e:
a4:d2:13:ea:db:1c:9a:57:75:d1:b1:9e:15:94:a9:
44:75:ed:03:62:49:61:d6:63:aa:99:04:96:62:39:
f3:66:a2:88:ea:a1:7d:a9:66:a7:17:32:b8:33:92:
df:8a:c4:a4:3f:11:8a:4a:9b:c1:5d:e4:bd:ec:2b:
5a:8b:51:ac:b3:dc:f0:be:51:f0:52:0b:bc:0e:ce:
82:c2:b6:21:f3:d4:4f:d1:f5:c3:2a:43:91:d8:66:
ed:18:02:6a:1d:23:b2:81:be:9b:ff:90:e0:9d:14:
25:8c:91:e4:45:f5:6c:5a:d9:71:5a:01:67:00:25:
0b:7e:b2:71:23:d8:ad:d4:9d:39:16:4d:4f:81:70:
3c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AF:47:E1:71:3F:76:94:10:6B:5E:EA:E2:27:6E:EE:2F:DA:F3:9B
X509v3 Authority Key Identifier:
keyid:23:0E:9A:C6:45:10:FA:39:18:46:BB:13:9A:B5:2B:80:01:D5:80:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iw6axkUQ-jkYRrsTmrUrgAHVgDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca68e8-5157-46b6-b584-ea92d80ab188/1/0q9H4XE_dpQQa17q4idu7i_a85s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca68e8-5157-46b6-b584-ea92d80ab188/1/Iw6axkUQ-jkYRrsTmrUrgAHVgDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.140.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:2a:d0:6b:18:68:34:93:08:a0:e0:d8:ca:1f:ba:5b:6f:38:
bd:8b:53:35:f9:aa:bd:19:df:79:16:13:5c:62:04:45:f7:ab:
75:c2:b9:66:b1:dc:f9:f2:05:a8:72:7a:77:2b:88:ba:ff:cd:
9e:fb:b0:6a:e7:90:6f:08:24:3a:33:eb:89:d2:a5:d2:cd:00:
ac:48:24:da:75:75:34:2d:dd:38:fa:34:bc:72:76:03:f7:cc:
f4:b9:2d:d7:6d:7e:a6:5b:7b:63:a6:0a:37:f4:94:e9:ff:50:
80:ea:de:6c:51:33:b2:58:56:cf:ba:d2:3e:35:42:74:d3:62:
57:52:88:75:95:8d:6d:40:ff:b4:e8:04:f8:8a:e4:a4:c1:b5:
c6:96:de:8c:b5:7b:55:dd:96:85:ba:be:64:54:73:33:5d:a6:
d3:9c:55:cb:d4:a0:98:49:64:bd:5c:8f:c3:55:b7:0b:c4:e9:
c0:51:9c:23:bf:95:03:5d:81:b3:50:9f:65:af:5d:37:5d:40:
85:52:c3:30:90:60:d6:68:78:45:26:66:75:12:8c:f6:a8:bb:
67:4d:c3:bd:c5:84:fb:68:bb:66:1f:33:d0:09:4a:03:dc:66:
70:fb:7d:86:fb:45:f7:20:8d:be:e9:e3:fb:08:42:83:b9:ce:
2c:10:e9:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE7WXDcUJIKeAj34FHFTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMGU5YWM2NDUxMGZhMzkxODQ2YmIxMzlhYjUyYjgwMDFk
NTgwMzgwHhcNMjMwMTAxMTEyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFmNDdlMTcxM2Y3Njk0MTA2YjVlZWFlMjI3NmVlZTJmZGFmMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qTgGtqRX2DcLzAbaA1gGt6mR1pL
7aX2MVg8yDq8Vyz5Wnsh2nKdT7OAy3KyNs4PAsrDvIUG1HZ9LcwL3BxrjGZPCKyn
dKQt3+t3AP1HNLGERDzQffX8RgNlEF5nGrxaGa+ig8BD5k/Ob/06QviSG1vET2mR
Lm6k0hPq2xyaV3XRsZ4VlKlEde0DYklh1mOqmQSWYjnzZqKI6qF9qWanFzK4M5Lf
isSkPxGKSpvBXeS97Ctai1Gss9zwvlHwUgu8Ds6CwrYh89RP0fXDKkOR2GbtGAJq
HSOygb6b/5DgnRQljJHkRfVsWtlxWgFnACULfrJxI9it1J05Fk1PgXA8FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKvR+FxP3aUEGte6uInbu4v2vObMB8GA1UdIwQY
MBaAFCMOmsZFEPo5GEa7E5q1K4AB1YA4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXc2YXhrVVEtamtZUnJzVG1yVXJnQUhWZ0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYTY4ZTgtNTE1Ny00NmI2LWI1ODQt
ZWE5MmQ4MGFiMTg4LzEvMHE5SDRYRV9kcFFRYTE3cTRpZHU3aV9hODVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYTY4ZTgtNTE1Ny00NmI2LWI1ODQtZWE5MmQ4MGFiMTg4
LzEvSXc2YXhrVVEtamtZUnJzVG1yVXJnQUhWZ0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR6MMA0G
CSqGSIb3DQEBCwUAA4IBAQA8KtBrGGg0kwig4NjKH7pbbzi9i1M1+aq9Gd95FhNc
YgRF96t1wrlmsdz58gWocnp3K4i6/82e+7Bq55BvCCQ6M+uJ0qXSzQCsSCTadXU0
Ld04+jS8cnYD98z0uS3XbX6mW3tjpgo39JTp/1CA6t5sUTOyWFbPutI+NUJ002JX
Uoh1lY1tQP+06AT4iuSkwbXGlt6MtXtV3ZaFur5kVHMzXabTnFXL1KCYSWS9XI/D
VbcLxOnAUZwjv5UDXYGzUJ9lr103XUCFUsMwkGDWaHhFJmZ1Eoz2qLtnTcO9xYT7
aLtmHzPQCUoD3GZw+32G+0X3II2+6eP7CEKDuc4sEOld
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:40 2025 by rpki-client