Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/N0b02gk5WnHPZ8CnnrqzeuLrYAM.roa
File: N0b02gk5WnHPZ8CnnrqzeuLrYAM.roa (raw, json)
Hash identifier: dFTEF6igABK0GnqdD5p1kb7jucFs6pKjVBvCqgIvmh0=
Subject key identifier: 37:46:F4:DA:09:39:5A:71:CF:67:C0:A7:9E:BA:B3:7A:E2:EB:60:03
Certificate issuer: /CN=7ffb0115c4acddd1b4adc4073780726acfc01af9
Certificate serial: 018A4B27598EF9862F18E1422DDED105020B
Authority key identifier: 7F:FB:01:15:C4:AC:DD:D1:B4:AD:C4:07:37:80:72:6A:CF:C0:1A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f_sBFcSs3dG0rcQHN4Byas_AGvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/N0b02gk5WnHPZ8CnnrqzeuLrYAM.roa
Signing time: Thu 31 Aug 2023 10:33:04 +0000
ROA not before: Thu 31 Aug 2023 10:33:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31129
IP address blocks: 193.23.51.0/24 maxlen: 24
91.211.252.0/22 maxlen: 24
91.211.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:27:59:8e:f9:86:2f:18:e1:42:2d:de:d1:05:02:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ffb0115c4acddd1b4adc4073780726acfc01af9
Validity
Not Before: Aug 31 10:33:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3746f4da09395a71cf67c0a79ebab37ae2eb6003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b2:6a:dc:df:cf:0a:cc:a9:12:04:30:08:f2:
4b:1c:78:48:81:33:73:8c:89:58:05:5c:4f:c3:88:
c2:bf:c9:5b:4f:8f:8a:0c:f9:ff:fc:45:cf:cc:1d:
e4:4b:8a:1d:d7:bc:de:e6:64:c8:dc:fd:69:bb:29:
b3:0a:a1:35:32:4d:a3:2b:9b:89:20:bc:ca:7b:ce:
a3:17:1b:13:dc:03:f5:90:f1:f1:c7:8d:b8:36:ed:
e7:2d:2c:19:98:a4:93:fe:f8:f5:7d:70:ab:85:a7:
18:8c:0d:37:41:4e:c9:3f:e7:49:27:71:1e:aa:52:
25:54:df:1e:b1:68:92:55:cc:43:13:3d:19:c1:12:
7c:7a:ab:2b:4e:c6:06:f1:1e:ef:b9:83:9b:d3:e4:
d5:db:b5:f1:f7:3f:af:32:5f:b1:02:10:5f:86:7b:
49:fb:f8:fe:43:d2:7c:d5:3e:52:82:30:83:56:54:
9f:aa:07:c6:42:7c:2c:c3:c6:86:0c:33:d3:b1:7d:
bd:9e:0e:66:2b:10:f1:8a:63:27:36:46:3d:f7:bd:
d5:f6:89:2c:73:0f:49:1b:a8:a0:2a:9d:b2:cb:69:
69:03:bb:5f:17:56:87:61:dc:ad:c3:fa:eb:93:08:
47:3c:da:2e:13:75:54:cc:33:77:d6:13:84:ea:a5:
78:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:46:F4:DA:09:39:5A:71:CF:67:C0:A7:9E:BA:B3:7A:E2:EB:60:03
X509v3 Authority Key Identifier:
keyid:7F:FB:01:15:C4:AC:DD:D1:B4:AD:C4:07:37:80:72:6A:CF:C0:1A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f_sBFcSs3dG0rcQHN4Byas_AGvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/N0b02gk5WnHPZ8CnnrqzeuLrYAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/f_sBFcSs3dG0rcQHN4Byas_AGvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.252.0/22
193.23.51.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:a3:ac:bc:4d:00:b4:87:9c:bd:0c:1f:c8:ac:4a:ca:16:01:
69:da:dd:ab:99:4f:23:9a:18:84:2d:13:9e:1b:59:ab:5e:da:
18:1b:9d:1b:c3:da:8d:d9:7a:c6:33:01:38:12:f3:2d:9d:06:
c9:a9:1e:29:f0:84:e5:b7:1e:69:f9:ae:5b:7c:f1:89:ea:6c:
cc:0f:2d:68:26:b2:9d:a2:8b:48:ab:48:2d:11:e2:28:b8:bb:
56:dd:04:cd:12:48:7d:c8:b1:97:9a:99:ed:d9:35:a3:39:58:
c7:db:ba:e9:96:ea:91:33:f3:65:fa:d6:77:75:3b:2e:36:76:
fb:2c:e0:2d:f9:fb:19:a4:64:f1:3b:1a:b9:89:ec:90:17:2f:
93:88:52:a4:87:51:fd:a5:2c:02:b4:fc:9d:7d:d6:b0:fd:a4:
a3:26:a7:f2:3f:7a:b1:dc:4a:c6:2c:34:6e:d4:9b:65:eb:bd:
31:96:76:a8:ab:05:ad:66:aa:f7:5c:63:4f:49:eb:ae:4d:ff:
f1:d6:37:ad:2a:60:ec:1f:65:4b:7a:54:43:88:86:09:27:d2:
c3:dd:82:e7:7f:9a:10:91:00:f7:f8:2d:fb:12:34:f8:f1:e1:
0f:ed:36:56:b2:fc:04:ed:e0:42:c9:15:ec:0f:10:5d:53:2c:
f0:97:2c:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpLJ1mO+YYvGOFCLd7RBQILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZmIwMTE1YzRhY2RkZDFiNGFkYzQwNzM3ODA3MjZhY2Zj
MDFhZjkwHhcNMjMwODMxMTAzMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQ2ZjRkYTA5Mzk1YTcxY2Y2N2MwYTc5ZWJhYjM3YWUyZWI2MDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLJq3N/PCsypEgQwCPJLHHhIgTNz
jIlYBVxPw4jCv8lbT4+KDPn//EXPzB3kS4od17ze5mTI3P1puymzCqE1Mk2jK5uJ
ILzKe86jFxsT3AP1kPHxx424Nu3nLSwZmKST/vj1fXCrhacYjA03QU7JP+dJJ3Ee
qlIlVN8esWiSVcxDEz0ZwRJ8eqsrTsYG8R7vuYOb0+TV27Xx9z+vMl+xAhBfhntJ
+/j+Q9J81T5SgjCDVlSfqgfGQnwsw8aGDDPTsX29ng5mKxDximMnNkY9973V9oks
cw9JG6igKp2yy2lpA7tfF1aHYdytw/rrkwhHPNouE3VUzDN31hOE6qV41wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDdG9NoJOVpxz2fAp566s3ri62ADMB8GA1UdIwQY
MBaAFH/7ARXErN3RtK3EBzeAcmrPwBr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZl9zQkZjU3MzZEcwcmNRSE40Qnlhc19BR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81MjY4ZmMtY2ZlZS00YWE4LTk3YmYt
Y2JlMDIwNjY1ZWZlLzEvTjBiMDJnazVXbkhQWjhDbm5ycXpldUxyWUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81MjY4ZmMtY2ZlZS00YWE4LTk3YmYtY2JlMDIwNjY1ZWZl
LzEvZl9zQkZjU3MzZEcwcmNRSE40Qnlhc19BR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9P8AwQA
wRczMA0GCSqGSIb3DQEBCwUAA4IBAQDZo6y8TQC0h5y9DB/IrErKFgFp2t2rmU8j
mhiELROeG1mrXtoYG50bw9qN2XrGMwE4EvMtnQbJqR4p8ITltx5p+a5bfPGJ6mzM
Dy1oJrKdootIq0gtEeIouLtW3QTNEkh9yLGXmpnt2TWjOVjH27rpluqRM/Nl+tZ3
dTsuNnb7LOAt+fsZpGTxOxq5ieyQFy+TiFKkh1H9pSwCtPydfdaw/aSjJqfyP3qx
3ErGLDRu1Jtl670xlnaoqwWtZqr3XGNPSeuuTf/x1jetKmDsH2VLelRDiIYJJ9LD
3YLnf5oQkQD3+C37EjT48eEP7TZWsvwE7eBCyRXsDxBdUyzwlyxD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:17 2025 by rpki-client