Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/285f32-03ea-416e-9cb0-7e66648fc264/1/885NggW95TW-a_O2WE-vanQenOs.roa
File: 885NggW95TW-a_O2WE-vanQenOs.roa (raw, json)
Hash identifier: mFYbBvno0CWpYKTDXS/Degwi/mikFkK8ac3PRn//rQQ=
Subject key identifier: F3:CE:4D:82:05:BD:E5:35:BE:6B:F3:B6:58:4F:AF:6A:74:1E:9C:EB
Certificate issuer: /CN=f4e9d53310243187083fdc9609735465b1089043
Certificate serial: 01856DD4309D8AA0DAA4E90820A4239A3851
Authority key identifier: F4:E9:D5:33:10:24:31:87:08:3F:DC:96:09:73:54:65:B1:08:90:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OnVMxAkMYcIP9yWCXNUZbEIkEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/285f32-03ea-416e-9cb0-7e66648fc264/1/885NggW95TW-a_O2WE-vanQenOs.roa
Signing time: Sun 01 Jan 2023 14:55:00 +0000
ROA not before: Sun 01 Jan 2023 14:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60793
IP address blocks: 193.19.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:30:9d:8a:a0:da:a4:e9:08:20:a4:23:9a:38:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e9d53310243187083fdc9609735465b1089043
Validity
Not Before: Jan 1 14:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3ce4d8205bde535be6bf3b6584faf6a741e9ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:38:62:73:c7:8c:fb:7b:88:d4:8b:a9:e5:b2:
f9:f7:95:9d:d1:b3:6a:01:76:6d:26:c0:f4:11:c1:
8b:f2:8e:91:0e:23:85:3d:bb:35:75:19:63:0c:dd:
39:5e:cd:66:d5:b7:93:1d:87:77:ca:26:f8:e2:69:
81:95:58:47:3f:6e:1b:cd:09:9f:70:5f:79:14:f7:
c7:d7:00:57:00:b7:8b:78:c9:39:df:8d:f2:a3:d9:
ad:90:f4:30:03:6f:22:4f:1c:17:45:e4:52:07:47:
ec:ff:cf:7e:08:a7:23:1d:30:36:9f:c8:48:23:28:
fd:2a:12:b3:7d:1d:f4:b1:d2:73:5a:61:d7:f6:98:
ca:05:2d:bd:6c:5c:60:de:d0:3e:69:f2:5a:47:57:
d6:4d:13:4d:d8:e6:cc:65:06:d2:33:c6:43:b6:38:
50:5a:5c:7c:e7:30:f4:8c:c5:4b:09:af:3d:66:75:
12:88:0b:1e:5d:39:01:69:b4:de:01:89:a4:54:c7:
1d:e6:cc:17:c2:8e:e4:73:90:20:ca:1e:12:a9:02:
65:c9:9a:29:fc:2e:09:ae:80:eb:81:17:15:56:08:
1b:c6:1d:f3:f5:ba:63:2d:7b:0d:51:36:53:b2:2a:
3c:5e:4a:d7:2d:f0:3d:67:2f:d9:03:90:de:90:79:
9c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CE:4D:82:05:BD:E5:35:BE:6B:F3:B6:58:4F:AF:6A:74:1E:9C:EB
X509v3 Authority Key Identifier:
keyid:F4:E9:D5:33:10:24:31:87:08:3F:DC:96:09:73:54:65:B1:08:90:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OnVMxAkMYcIP9yWCXNUZbEIkEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/285f32-03ea-416e-9cb0-7e66648fc264/1/885NggW95TW-a_O2WE-vanQenOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/285f32-03ea-416e-9cb0-7e66648fc264/1/9OnVMxAkMYcIP9yWCXNUZbEIkEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.88.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:9e:33:bf:13:8c:46:bf:aa:d2:56:dd:12:a5:e1:7a:8c:20:
ff:3a:71:c6:2a:9a:ef:31:28:e7:32:d7:d8:61:94:49:03:2d:
62:b7:64:21:ee:2d:f2:d6:1b:32:86:a9:b0:f9:5a:c4:53:65:
2a:65:cc:c4:23:56:01:18:80:40:d1:a3:ac:fe:38:0c:62:36:
44:cc:0e:e6:d9:40:69:93:ee:69:69:8b:11:8d:78:d1:b5:fe:
8f:76:4c:d5:3d:1f:61:36:fb:9f:c1:c9:8f:60:50:5f:1c:21:
98:bb:75:7c:c6:55:d9:fe:4f:e4:2a:14:06:49:6a:7d:ed:43:
75:57:b4:ca:36:7e:04:e7:49:32:17:2f:ee:ab:97:cb:3d:5e:
e6:db:d5:40:67:d4:14:b1:5e:73:63:37:59:6f:81:d7:19:91:
46:cc:9a:f0:86:d7:5a:39:3d:35:e7:45:8e:09:50:17:59:8f:
0f:65:f6:f2:60:a6:34:6e:b4:87:68:7a:4f:c2:10:45:71:11:
8c:6d:1f:eb:22:3c:b7:b2:0c:4e:6e:6e:a2:1e:48:0a:c6:98:
97:a0:1e:88:8f:3f:22:47:ee:f7:ac:30:3b:eb:95:fb:4f:97:
ef:7a:54:32:2b:75:3c:06:3a:64:93:f3:73:2c:9b:44:6d:84:
4c:ab:c3:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1DCdiqDapOkIIKQjmjhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTlkNTMzMTAyNDMxODcwODNmZGM5NjA5NzM1NDY1YjEw
ODkwNDMwHhcNMjMwMTAxMTQ1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NlNGQ4MjA1YmRlNTM1YmU2YmYzYjY1ODRmYWY2YTc0MWU5Y2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzhic8eM+3uI1Iup5bL595Wd0bNq
AXZtJsD0EcGL8o6RDiOFPbs1dRljDN05Xs1m1beTHYd3yib44mmBlVhHP24bzQmf
cF95FPfH1wBXALeLeMk5343yo9mtkPQwA28iTxwXReRSB0fs/89+CKcjHTA2n8hI
Iyj9KhKzfR30sdJzWmHX9pjKBS29bFxg3tA+afJaR1fWTRNN2ObMZQbSM8ZDtjhQ
Wlx85zD0jMVLCa89ZnUSiAseXTkBabTeAYmkVMcd5swXwo7kc5Agyh4SqQJlyZop
/C4JroDrgRcVVggbxh3z9bpjLXsNUTZTsio8XkrXLfA9Zy/ZA5DekHmcAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPOTYIFveU1vmvztlhPr2p0HpzrMB8GA1UdIwQY
MBaAFPTp1TMQJDGHCD/clglzVGWxCJBDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9uVk14QWtNWWNJUDl5V0NYTlVaYkVJa0VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yODVmMzItMDNlYS00MTZlLTljYjAt
N2U2NjY0OGZjMjY0LzEvODg1TmdnVzk1VFctYV9PMldFLXZhblFlbk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yODVmMzItMDNlYS00MTZlLTljYjAtN2U2NjY0OGZjMjY0
LzEvOU9uVk14QWtNWWNJUDl5V0NYTlVaYkVJa0VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRNYMA0G
CSqGSIb3DQEBCwUAA4IBAQCdnjO/E4xGv6rSVt0SpeF6jCD/OnHGKprvMSjnMtfY
YZRJAy1it2Qh7i3y1hsyhqmw+VrEU2UqZczEI1YBGIBA0aOs/jgMYjZEzA7m2UBp
k+5paYsRjXjRtf6PdkzVPR9hNvufwcmPYFBfHCGYu3V8xlXZ/k/kKhQGSWp97UN1
V7TKNn4E50kyFy/uq5fLPV7m29VAZ9QUsV5zYzdZb4HXGZFGzJrwhtdaOT0150WO
CVAXWY8PZfbyYKY0brSHaHpPwhBFcRGMbR/rIjy3sgxObm6iHkgKxpiXoB6Ijz8i
R+73rDA765X7T5fvelQyK3U8Bjpkk/NzLJtEbYRMq8OW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:27 2025 by rpki-client