Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/d1353b-fa9d-4e6e-8c22-0ab25d0b0bee/1/O_XQxGkg4B9dNdjirJI_kQgHQUY.roa
File: O_XQxGkg4B9dNdjirJI_kQgHQUY.roa (raw, json)
Hash identifier: kGNNHFyYkvs9nAWkfhm6nPQRs6Cjjcw71itEYj0nSOI=
Subject key identifier: 3B:F5:D0:C4:69:20:E0:1F:5D:35:D8:E2:AC:92:3F:91:08:07:41:46
Certificate issuer: /CN=cde8e6543992db497598c22e7a8b9578f88d982f
Certificate serial: 01857246E8ECFD291E4371AF4BBAA95EC994
Authority key identifier: CD:E8:E6:54:39:92:DB:49:75:98:C2:2E:7A:8B:95:78:F8:8D:98:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zejmVDmS20l1mMIueouVePiNmC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/d1353b-fa9d-4e6e-8c22-0ab25d0b0bee/1/O_XQxGkg4B9dNdjirJI_kQgHQUY.roa
Signing time: Mon 02 Jan 2023 11:38:47 +0000
ROA not before: Mon 02 Jan 2023 11:38:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34386
IP address blocks: 193.58.200.0/23 maxlen: 23
193.58.203.0/24 maxlen: 24
193.58.200.0/22 maxlen: 22
194.79.244.0/22 maxlen: 22
194.79.244.0/23 maxlen: 23
194.79.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:e8:ec:fd:29:1e:43:71:af:4b:ba:a9:5e:c9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cde8e6543992db497598c22e7a8b9578f88d982f
Validity
Not Before: Jan 2 11:38:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf5d0c46920e01f5d35d8e2ac923f9108074146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:75:ec:f7:64:5d:56:3f:26:5a:c6:c4:3c:db:
79:53:6a:cc:f9:2f:f0:00:93:4f:23:09:2f:f0:97:
30:f4:8e:d0:14:57:ea:2d:8a:52:57:b2:f9:cc:4a:
7f:91:ed:db:a1:50:7a:25:d9:5b:9b:97:e2:f5:e0:
af:df:0c:52:1c:97:d9:79:65:9c:71:4d:d3:22:fa:
48:ec:97:b2:e4:c3:98:14:65:87:53:f2:8d:29:ff:
27:3c:61:8f:82:b4:f8:51:a1:b0:44:0e:e6:66:d6:
ca:4d:14:9d:a7:7c:a8:20:b8:8a:12:a4:17:ec:5c:
43:be:f3:8f:0e:10:c4:3b:76:72:64:ed:56:17:b8:
88:98:77:82:3e:8c:f0:75:da:a7:b2:c3:01:aa:c3:
4a:63:d9:f8:c8:d2:60:a1:01:a5:33:7a:8e:06:9a:
a6:2c:6b:2e:11:bb:66:07:14:1d:27:54:2b:72:35:
12:90:26:27:7a:db:7e:d8:ac:96:44:bb:14:13:18:
d9:e0:7a:15:3e:17:76:e5:13:b5:bb:f2:64:17:a0:
93:dd:30:42:78:5f:75:36:8e:6c:35:3f:99:2c:a4:
c2:46:d2:ca:c5:09:7a:93:b4:a2:f1:65:cc:7b:99:
74:6e:e5:0d:c6:1b:7a:c1:35:d7:5d:81:61:3d:25:
a3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F5:D0:C4:69:20:E0:1F:5D:35:D8:E2:AC:92:3F:91:08:07:41:46
X509v3 Authority Key Identifier:
keyid:CD:E8:E6:54:39:92:DB:49:75:98:C2:2E:7A:8B:95:78:F8:8D:98:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zejmVDmS20l1mMIueouVePiNmC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/d1353b-fa9d-4e6e-8c22-0ab25d0b0bee/1/O_XQxGkg4B9dNdjirJI_kQgHQUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/d1353b-fa9d-4e6e-8c22-0ab25d0b0bee/1/zejmVDmS20l1mMIueouVePiNmC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.200.0/22
194.79.244.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:bc:b7:fd:d7:d8:f5:5c:2f:e6:15:e5:7d:73:b3:29:b3:57:
a8:dd:53:55:93:89:3b:87:0e:ec:3c:01:8e:53:65:74:57:72:
3b:96:e6:09:9f:e7:5b:0a:c6:bf:58:b8:35:60:4e:ff:23:ef:
8f:e0:ea:e4:cc:e3:b4:40:b5:ec:7f:09:60:95:1d:7d:32:c6:
cf:55:1c:f5:3e:65:9e:43:90:78:7b:3d:42:86:9c:65:52:9e:
57:a6:2c:5f:13:9e:ec:d6:d9:38:ab:80:52:04:bf:e0:56:3c:
ca:0c:c7:d5:7a:5c:a4:55:8b:49:94:c8:65:58:cb:d9:62:21:
97:11:7a:5f:d6:63:bd:5c:58:9d:93:ff:fc:c2:05:83:3d:b4:
c7:61:84:4f:0b:e1:b6:0e:f1:64:0d:05:d1:9b:6e:69:8b:fa:
ee:fd:63:a7:16:80:29:43:b3:71:99:eb:e1:38:04:01:9e:d0:
8b:d9:0e:d5:ac:2b:2a:41:ec:0d:23:5a:79:c0:81:62:d2:54:
de:aa:b7:56:1b:ad:44:f5:fe:4b:71:c0:b1:65:2b:ca:6b:49:
75:cb:52:45:a2:cc:97:3a:47:ff:34:28:42:70:63:e9:5a:4b:
d8:0a:3f:0a:05:e9:9f:9b:84:7f:e3:c3:06:3a:2e:2f:5d:df:
65:fe:d8:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyRujs/SkeQ3GvS7qpXsmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZThlNjU0Mzk5MmRiNDk3NTk4YzIyZTdhOGI5NTc4Zjg4
ZDk4MmYwHhcNMjMwMTAyMTEzODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY1ZDBjNDY5MjBlMDFmNWQzNWQ4ZTJhYzkyM2Y5MTA4MDc0MTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHXs92RdVj8mWsbEPNt5U2rM+S/w
AJNPIwkv8Jcw9I7QFFfqLYpSV7L5zEp/ke3boVB6Jdlbm5fi9eCv3wxSHJfZeWWc
cU3TIvpI7Jey5MOYFGWHU/KNKf8nPGGPgrT4UaGwRA7mZtbKTRSdp3yoILiKEqQX
7FxDvvOPDhDEO3ZyZO1WF7iImHeCPozwddqnssMBqsNKY9n4yNJgoQGlM3qOBpqm
LGsuEbtmBxQdJ1QrcjUSkCYnett+2KyWRLsUExjZ4HoVPhd25RO1u/JkF6CT3TBC
eF91No5sNT+ZLKTCRtLKxQl6k7Si8WXMe5l0buUNxht6wTXXXYFhPSWj5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDv10MRpIOAfXTXY4qySP5EIB0FGMB8GA1UdIwQY
MBaAFM3o5lQ5kttJdZjCLnqLlXj4jZgvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemVqbVZEbVMyMGwxbU1JdWVvdVZlUGlObUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9kMTM1M2ItZmE5ZC00ZTZlLThjMjIt
MGFiMjVkMGIwYmVlLzEvT19YUXhHa2c0QjlkTmRqaXJKSV9rUWdIUVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9kMTM1M2ItZmE5ZC00ZTZlLThjMjItMGFiMjVkMGIwYmVl
LzEvemVqbVZEbVMyMGwxbU1JdWVvdVZlUGlObUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwTrIAwQC
wk/0MA0GCSqGSIb3DQEBCwUAA4IBAQAOvLf919j1XC/mFeV9c7Mps1eo3VNVk4k7
hw7sPAGOU2V0V3I7luYJn+dbCsa/WLg1YE7/I++P4OrkzOO0QLXsfwlglR19MsbP
VRz1PmWeQ5B4ez1ChpxlUp5XpixfE57s1tk4q4BSBL/gVjzKDMfVelykVYtJlMhl
WMvZYiGXEXpf1mO9XFidk//8wgWDPbTHYYRPC+G2DvFkDQXRm25pi/ru/WOnFoAp
Q7NxmevhOAQBntCL2Q7VrCsqQewNI1p5wIFi0lTeqrdWG61E9f5LccCxZSvKa0l1
y1JFosyXOkf/NChCcGPpWkvYCj8KBemfm4R/48MGOi4vXd9l/tgE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:36 2025 by rpki-client