Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fc022d-f8e5-4a6e-8b1f-58c85d4336bc/1/xNKNuVa9Meqd8rgHy1iqnQIILCk.roa
File: xNKNuVa9Meqd8rgHy1iqnQIILCk.roa (raw, json)
Hash identifier: v1AtcAU3Eh6PUe9OONYTW5+luDabcG8oonMI+zXxXxg=
Subject key identifier: C4:D2:8D:B9:56:BD:31:EA:9D:F2:B8:07:CB:58:AA:9D:02:08:2C:29
Certificate issuer: /CN=a62a8c7a1f6a4c949e027b5369d97d7576e147f8
Certificate serial: 018508B8E659CF5FF124CB87E1777C55C42B
Authority key identifier: A6:2A:8C:7A:1F:6A:4C:94:9E:02:7B:53:69:D9:7D:75:76:E1:47:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/piqMeh9qTJSeAntTadl9dXbhR_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fc022d-f8e5-4a6e-8b1f-58c85d4336bc/1/xNKNuVa9Meqd8rgHy1iqnQIILCk.roa
Signing time: Mon 12 Dec 2022 23:43:33 +0000
ROA not before: Mon 12 Dec 2022 23:43:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3308
IP address blocks: 193.8.36.0/24 maxlen: 24
193.8.37.0/24 maxlen: 24
193.8.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:b8:e6:59:cf:5f:f1:24:cb:87:e1:77:7c:55:c4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62a8c7a1f6a4c949e027b5369d97d7576e147f8
Validity
Not Before: Dec 12 23:43:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4d28db956bd31ea9df2b807cb58aa9d02082c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e0:59:23:0f:40:66:76:d4:75:98:bd:f5:db:
be:3f:31:61:a8:74:9c:3e:34:39:6b:8f:de:e3:56:
e8:15:3f:8e:f3:d9:58:67:f6:7b:ba:71:c5:34:d1:
1c:e7:99:07:1c:4f:4b:3a:17:88:fb:b3:0e:e2:80:
c2:df:74:08:4d:93:69:e3:61:3f:d3:65:ba:75:2f:
55:46:5a:2c:dc:56:f5:a2:99:19:08:f3:52:e4:61:
14:6f:f4:aa:8d:ef:26:98:d7:e2:37:1a:ab:c8:c9:
8e:a3:48:af:ef:97:dc:f0:81:10:d5:07:5f:94:6c:
ab:e7:d0:18:ac:2f:a4:62:f8:c7:3a:16:72:88:9f:
51:cc:70:9f:c2:37:78:e0:68:43:e9:c7:fc:8a:52:
1d:5e:6e:30:f9:93:ff:37:d3:a2:44:26:f2:8d:2f:
e8:6c:48:8e:45:ef:a9:ed:7d:59:d1:b1:c2:5d:b4:
50:40:52:c4:bb:44:eb:c0:ba:04:c2:93:5b:46:42:
53:9e:af:22:10:4a:b2:a8:3e:73:1a:4e:75:5f:1d:
e0:34:3c:e1:ae:e1:ef:2c:a0:79:2c:4d:8d:40:3d:
bb:a7:e3:52:15:82:fe:3a:04:33:93:d2:26:fd:78:
3d:d0:78:41:bd:e8:57:24:a8:97:24:ae:67:dd:5a:
2c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D2:8D:B9:56:BD:31:EA:9D:F2:B8:07:CB:58:AA:9D:02:08:2C:29
X509v3 Authority Key Identifier:
keyid:A6:2A:8C:7A:1F:6A:4C:94:9E:02:7B:53:69:D9:7D:75:76:E1:47:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/piqMeh9qTJSeAntTadl9dXbhR_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fc022d-f8e5-4a6e-8b1f-58c85d4336bc/1/xNKNuVa9Meqd8rgHy1iqnQIILCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fc022d-f8e5-4a6e-8b1f-58c85d4336bc/1/piqMeh9qTJSeAntTadl9dXbhR_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.36.0/23
193.8.39.0/24
Signature Algorithm: sha256WithRSAEncryption
41:f7:aa:fd:c8:da:6d:2d:9d:c0:cf:b0:65:d4:d8:d1:0b:97:
ee:01:fc:ba:3c:3f:2b:43:b4:5a:ac:13:63:db:b7:bf:22:93:
9f:34:54:20:b0:f3:a9:5c:d6:cb:c4:34:32:fa:f7:c2:f5:27:
36:42:fa:58:5c:bf:18:7d:53:51:21:91:5f:a5:94:33:4a:9f:
19:19:d8:07:0d:03:8c:b6:f8:ca:dc:44:b8:d0:8b:b4:50:6d:
95:53:bd:d2:fa:3f:fd:86:8c:bb:4f:7b:b5:e2:77:75:46:f2:
ff:b8:c2:be:62:af:a8:58:a5:5b:bc:9b:cc:1e:ab:72:90:c6:
99:d4:f8:d8:23:69:2c:a7:eb:e4:c0:a4:1d:2f:dc:cf:ab:54:
bd:61:0b:c7:13:eb:6c:b5:4d:3b:d8:21:ca:67:06:c3:ca:26:
aa:a2:85:ab:b5:13:5f:42:f0:47:4a:a7:b4:00:52:e6:8d:05:
23:56:64:83:e4:00:11:88:56:cb:18:0f:e2:fb:2c:34:6c:88:
2b:d9:85:de:22:b8:e0:57:03:d8:a1:52:3b:e0:f0:58:f8:d4:
04:9f:c2:07:27:2b:28:f1:c9:a4:d1:a4:94:96:0d:35:e4:77:
09:7d:58:8e:71:8e:d0:4d:89:34:31:70:f9:51:f9:36:86:c4:
f9:83:26:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUIuOZZz1/xJMuH4Xd8VcQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmE4YzdhMWY2YTRjOTQ5ZTAyN2I1MzY5ZDk3ZDc1NzZl
MTQ3ZjgwHhcNMjIxMjEyMjM0MzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQyOGRiOTU2YmQzMWVhOWRmMmI4MDdjYjU4YWE5ZDAyMDgyYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeBZIw9AZnbUdZi99du+PzFhqHSc
PjQ5a4/e41boFT+O89lYZ/Z7unHFNNEc55kHHE9LOheI+7MO4oDC33QITZNp42E/
02W6dS9VRlos3Fb1opkZCPNS5GEUb/Sqje8mmNfiNxqryMmOo0iv75fc8IEQ1Qdf
lGyr59AYrC+kYvjHOhZyiJ9RzHCfwjd44GhD6cf8ilIdXm4w+ZP/N9OiRCbyjS/o
bEiORe+p7X1Z0bHCXbRQQFLEu0TrwLoEwpNbRkJTnq8iEEqyqD5zGk51Xx3gNDzh
ruHvLKB5LE2NQD27p+NSFYL+OgQzk9Im/Xg90HhBvehXJKiXJK5n3VosUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMTSjblWvTHqnfK4B8tYqp0CCCwpMB8GA1UdIwQY
MBaAFKYqjHofakyUngJ7U2nZfXV24Uf4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGlxTWVoOXFUSlNlQW50VGFkbDlkWGJoUl9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mYzAyMmQtZjhlNS00YTZlLThiMWYt
NThjODVkNDMzNmJjLzEveE5LTnVWYTlNZXFkOHJnSHkxaXFuUUlJTENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mYzAyMmQtZjhlNS00YTZlLThiMWYtNThjODVkNDMzNmJj
LzEvcGlxTWVoOXFUSlNlQW50VGFkbDlkWGJoUl9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwQgkAwQA
wQgnMA0GCSqGSIb3DQEBCwUAA4IBAQBB96r9yNptLZ3Az7Bl1NjRC5fuAfy6PD8r
Q7RarBNj27e/IpOfNFQgsPOpXNbLxDQy+vfC9Sc2QvpYXL8YfVNRIZFfpZQzSp8Z
GdgHDQOMtvjK3ES40Iu0UG2VU73S+j/9hoy7T3u14nd1RvL/uMK+Yq+oWKVbvJvM
HqtykMaZ1PjYI2ksp+vkwKQdL9zPq1S9YQvHE+tstU072CHKZwbDyiaqooWrtRNf
QvBHSqe0AFLmjQUjVmSD5AARiFbLGA/i+yw0bIgr2YXeIrjgVwPYoVI74PBY+NQE
n8IHJyso8cmk0aSUlg015HcJfViOcY7QTYk0MXD5Ufk2hsT5gyaS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:35 2024 by rpki-client on console-fra.rpki-client.org