Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/Q-HIDj0f0JngvJK9MET9gEtm8eg.roa
File: Q-HIDj0f0JngvJK9MET9gEtm8eg.roa (raw, json)
Hash identifier: dXH4khNAKJ/Kb8y/usPOMCi/Yg7ppKNjr1XXwIvbPfs=
Subject key identifier: 43:E1:C8:0E:3D:1F:D0:99:E0:BC:92:BD:30:44:FD:80:4B:66:F1:E8
Certificate issuer: /CN=7ace176a69ccc9c996e1610925c0b6bdf76b207c
Certificate serial: 01856F42D56211AA72FACAC6571C839A8E05
Authority key identifier: 7A:CE:17:6A:69:CC:C9:C9:96:E1:61:09:25:C0:B6:BD:F7:6B:20:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es4XamnMycmW4WEJJcC2vfdrIHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/Q-HIDj0f0JngvJK9MET9gEtm8eg.roa
Signing time: Sun 01 Jan 2023 21:35:29 +0000
ROA not before: Sun 01 Jan 2023 21:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9211
IP address blocks: 193.194.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d5:62:11:aa:72:fa:ca:c6:57:1c:83:9a:8e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ace176a69ccc9c996e1610925c0b6bdf76b207c
Validity
Not Before: Jan 1 21:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43e1c80e3d1fd099e0bc92bd3044fd804b66f1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9d:00:f2:c5:06:a7:b7:b3:ab:fc:f9:a4:51:
51:e5:bb:5e:d2:21:d8:7c:56:25:9e:f5:13:1e:20:
f5:14:e0:3b:ec:eb:c9:26:0c:01:0a:08:13:68:ec:
95:91:c4:8b:89:ad:25:3a:19:89:44:c4:e3:28:fb:
c3:9d:29:a9:87:0e:7d:16:96:06:52:4d:b5:f3:2d:
c8:cb:d9:21:91:e4:a6:1d:f6:88:1e:f4:79:29:34:
35:bc:60:ac:9d:1f:72:62:a2:74:c7:62:5a:55:41:
26:3c:d2:90:51:5d:06:0e:02:29:86:4c:78:aa:18:
85:c6:e4:a7:ce:89:fc:ad:5e:e7:ca:3b:f9:e6:48:
4b:53:12:e2:04:4b:6e:0e:8a:10:10:64:bd:cb:a5:
35:1c:83:dc:49:31:8c:1f:0d:dc:e8:86:65:0b:63:
b6:d8:04:ba:0c:3a:10:78:fc:fc:c0:0c:71:df:4d:
b4:84:04:d2:da:42:e5:f9:c5:44:f7:ba:05:ad:1b:
be:d4:39:5d:21:d5:cf:b5:f6:b4:d3:73:fd:b2:08:
7c:7e:fd:be:f3:81:1d:18:ba:40:62:8b:0a:82:fd:
ba:19:b0:3c:57:53:ef:80:a8:12:99:ce:a0:bd:3c:
c0:3d:13:cc:84:6d:b7:ba:03:2b:96:e0:46:30:75:
51:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E1:C8:0E:3D:1F:D0:99:E0:BC:92:BD:30:44:FD:80:4B:66:F1:E8
X509v3 Authority Key Identifier:
keyid:7A:CE:17:6A:69:CC:C9:C9:96:E1:61:09:25:C0:B6:BD:F7:6B:20:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es4XamnMycmW4WEJJcC2vfdrIHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/Q-HIDj0f0JngvJK9MET9gEtm8eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/es4XamnMycmW4WEJJcC2vfdrIHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:1d:ae:09:b3:71:f7:b7:be:55:e6:0b:8c:5a:45:49:42:f1:
f3:5c:03:a4:0f:54:57:ef:6f:c2:cc:fa:89:30:78:6b:f9:5e:
9e:df:1c:21:94:00:16:97:8e:56:45:f7:21:de:c9:0e:d2:0a:
0e:5d:cb:41:98:53:44:01:54:9d:49:a4:17:2e:db:a4:c0:41:
6e:15:29:51:c8:b2:e5:44:b2:10:21:56:49:c8:21:ce:cf:f3:
12:56:0c:05:9f:e7:8b:9d:4b:18:24:0a:fc:c4:f9:0f:e5:a4:
94:4a:35:5f:5c:67:54:d6:59:c7:73:c1:81:f2:9f:27:bf:55:
77:28:2d:c3:a1:d7:3a:fc:05:a5:38:e2:a8:00:70:37:f4:85:
48:da:65:a7:80:9c:9c:e6:31:9c:f5:a7:a0:b8:e5:19:b0:a8:
f6:68:69:f4:b6:80:9c:34:f7:df:8b:75:57:d0:d8:f1:99:0b:
5b:6d:04:9b:a0:7c:a4:3a:fa:b4:f1:e0:1f:9f:5a:e1:d5:70:
69:f0:61:6f:19:2f:61:7e:f4:fb:ed:80:ff:e6:4f:17:92:67:
56:72:4b:fb:ce:91:c4:66:1c:a5:ab:ab:06:81:a6:79:3f:3c:
15:01:34:42:f8:d8:1e:95:af:ea:d4:a3:b2:1f:81:b8:c8:65:
77:cc:e5:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQtViEapy+srGVxyDmo4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2UxNzZhNjljY2M5Yzk5NmUxNjEwOTI1YzBiNmJkZjc2
YjIwN2MwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UxYzgwZTNkMWZkMDk5ZTBiYzkyYmQzMDQ0ZmQ4MDRiNjZmMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip0A8sUGp7ezq/z5pFFR5bte0iHY
fFYlnvUTHiD1FOA77OvJJgwBCggTaOyVkcSLia0lOhmJRMTjKPvDnSmphw59FpYG
Uk218y3Iy9khkeSmHfaIHvR5KTQ1vGCsnR9yYqJ0x2JaVUEmPNKQUV0GDgIphkx4
qhiFxuSnzon8rV7nyjv55khLUxLiBEtuDooQEGS9y6U1HIPcSTGMHw3c6IZlC2O2
2AS6DDoQePz8wAxx3020hATS2kLl+cVE97oFrRu+1DldIdXPtfa003P9sgh8fv2+
84EdGLpAYosKgv26GbA8V1PvgKgSmc6gvTzAPRPMhG23ugMrluBGMHVRBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPhyA49H9CZ4LySvTBE/YBLZvHoMB8GA1UdIwQY
MBaAFHrOF2ppzMnJluFhCSXAtr33ayB8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXM0WGFtbk15Y21XNFdFSkpjQzJ2ZmRySUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YWZjYmUtNmRmMC00Zjc3LWFmMzQt
YzYxODAzYzM0NjU3LzEvUS1ISURqMGYwSm5ndkpLOU1FVDlnRXRtOGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82YWZjYmUtNmRmMC00Zjc3LWFmMzQtYzYxODAzYzM0NjU3
LzEvZXM0WGFtbk15Y21XNFdFSkpjQzJ2ZmRySUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcKBMA0G
CSqGSIb3DQEBCwUAA4IBAQBeHa4Js3H3t75V5guMWkVJQvHzXAOkD1RX72/CzPqJ
MHhr+V6e3xwhlAAWl45WRfch3skO0goOXctBmFNEAVSdSaQXLtukwEFuFSlRyLLl
RLIQIVZJyCHOz/MSVgwFn+eLnUsYJAr8xPkP5aSUSjVfXGdU1lnHc8GB8p8nv1V3
KC3Dodc6/AWlOOKoAHA39IVI2mWngJyc5jGc9aeguOUZsKj2aGn0toCcNPffi3VX
0NjxmQtbbQSboHykOvq08eAfn1rh1XBp8GFvGS9hfvT77YD/5k8XkmdWckv7zpHE
Zhylq6sGgaZ5PzwVATRC+Ngela/q1KOyH4G4yGV3zOW1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:52 2025 by rpki-client