Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/rgQJaCTvP57Dk2tCKQSsYVuqcuM.roa
File: rgQJaCTvP57Dk2tCKQSsYVuqcuM.roa (raw, json)
Hash identifier: t5/aGM3oycNNCyxjLvXIItVELp6WSXYEft+TY8tLE9I=
Subject key identifier: AE:04:09:68:24:EF:3F:9E:C3:93:6B:42:29:04:AC:61:5B:AA:72:E3
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 018A1D8C79E1A5BA6889AF7F45209275073D
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/rgQJaCTvP57Dk2tCKQSsYVuqcuM.roa
Signing time: Tue 22 Aug 2023 14:01:00 +0000
ROA not before: Tue 22 Aug 2023 14:01:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.93.228.0/24 maxlen: 24
193.19.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:8c:79:e1:a5:ba:68:89:af:7f:45:20:92:75:07:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Aug 22 14:01:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae04096824ef3f9ec3936b422904ac615baa72e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:af:e7:1e:31:4f:e2:40:17:5c:a4:fc:62:6d:
a5:0a:6a:9c:16:3f:99:87:b8:30:ac:49:9c:38:93:
0a:6b:ce:88:44:12:fa:15:a2:3d:a0:d2:e8:cf:dc:
a3:82:8a:cd:0a:15:81:c6:7c:27:3c:1c:e4:c6:e3:
bc:37:71:b2:0a:ef:36:99:8a:c8:4e:e0:cf:ae:bd:
cf:9f:d7:e6:93:36:e0:c9:a3:d6:48:a2:71:62:11:
99:aa:22:77:e1:a0:be:c9:26:0d:ad:fc:a0:c9:01:
5a:07:02:08:a8:47:12:da:3c:70:10:f0:3d:4a:7f:
4c:c9:8e:af:9b:bb:70:fd:99:75:66:10:31:02:3b:
df:80:5d:fd:bb:13:f4:ca:60:4a:94:7e:c9:76:4c:
ff:c2:08:18:c3:c0:0d:28:72:ca:fb:a2:63:e8:b7:
ac:c9:4b:21:ad:3c:54:6f:d7:cd:80:2b:de:72:69:
86:03:33:5a:7e:79:dd:3a:eb:d1:16:5b:aa:de:03:
a6:a3:ea:92:a0:2e:cd:26:01:74:4e:b4:f8:b2:6f:
30:83:0a:ea:94:e9:d9:d9:f1:8d:cf:c9:ee:ce:03:
39:4a:8f:f7:64:2a:76:c6:59:bc:ca:02:65:f2:3f:
cc:dc:93:ad:89:42:0a:77:f4:cd:e5:34:16:6b:f5:
c8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:04:09:68:24:EF:3F:9E:C3:93:6B:42:29:04:AC:61:5B:AA:72:E3
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/rgQJaCTvP57Dk2tCKQSsYVuqcuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/24
193.19.224.0/22
Signature Algorithm: sha256WithRSAEncryption
55:85:2e:8f:b8:c1:f6:7a:8d:59:fc:f6:5f:ce:22:e9:63:b9:
8b:3f:28:9d:6d:5b:e0:6b:b4:65:cd:19:6a:19:e8:2a:df:e3:
c9:ba:f8:a9:76:89:ef:17:1c:b8:e9:2a:38:36:f4:8f:ea:19:
9e:bd:b1:fa:61:3e:96:a6:6e:8a:fd:26:4b:72:18:6b:9c:f4:
03:3f:a2:0e:56:0f:2d:37:a8:d6:78:e9:8b:0f:4c:32:f7:d1:
94:c4:f0:68:71:c5:7e:5f:df:fc:97:83:6f:3c:6f:1c:d6:73:
cd:b2:ab:ad:3f:df:21:3a:6c:23:12:ac:36:d3:2e:18:a3:97:
e9:e8:17:dd:e5:f3:34:e2:84:eb:66:ed:f1:a4:78:bc:5f:0c:
35:d2:2a:b1:ce:c3:de:51:1a:c5:0e:87:84:bb:5b:0f:91:31:
69:1e:1c:aa:a4:80:c2:62:00:bd:46:23:3d:14:33:79:19:db:
1d:f7:d7:61:83:fd:85:de:fa:12:ae:d4:79:c1:f2:c2:8e:2e:
2f:51:34:71:84:00:95:b5:49:39:e6:48:08:a2:8b:1a:c2:ee:
1b:4c:5f:14:a1:7b:f9:27:0b:14:25:85:9a:fc:26:9c:f4:b0:
ea:1e:ae:23:18:1b:41:a3:b6:5e:b0:35:78:f2:e2:2b:3f:e1:
90:de:b1:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYodjHnhpbpoia9/RSCSdQc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjMwODIyMTQwMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTA0MDk2ODI0ZWYzZjllYzM5MzZiNDIyOTA0YWM2MTViYWE3MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6/nHjFP4kAXXKT8Ym2lCmqcFj+Z
h7gwrEmcOJMKa86IRBL6FaI9oNLoz9yjgorNChWBxnwnPBzkxuO8N3GyCu82mYrI
TuDPrr3Pn9fmkzbgyaPWSKJxYhGZqiJ34aC+ySYNrfygyQFaBwIIqEcS2jxwEPA9
Sn9MyY6vm7tw/Zl1ZhAxAjvfgF39uxP0ymBKlH7Jdkz/wggYw8ANKHLK+6Jj6Les
yUshrTxUb9fNgCvecmmGAzNafnndOuvRFluq3gOmo+qSoC7NJgF0TrT4sm8wgwrq
lOnZ2fGNz8nuzgM5So/3ZCp2xlm8ygJl8j/M3JOtiUIKd/TN5TQWa/XIwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4ECWgk7z+ew5NrQikErGFbqnLjMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvcmdRSmFDVHZQNTdEazJ0Q0tRU3NZVnVxY3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuV3kAwQC
wRPgMA0GCSqGSIb3DQEBCwUAA4IBAQBVhS6PuMH2eo1Z/PZfziLpY7mLPyidbVvg
a7RlzRlqGegq3+PJuvipdonvFxy46So4NvSP6hmevbH6YT6Wpm6K/SZLchhrnPQD
P6IOVg8tN6jWeOmLD0wy99GUxPBoccV+X9/8l4NvPG8c1nPNsqutP98hOmwjEqw2
0y4Yo5fp6Bfd5fM04oTrZu3xpHi8Xww10iqxzsPeURrFDoeEu1sPkTFpHhyqpIDC
YgC9RiM9FDN5Gdsd99dhg/2F3voSrtR5wfLCji4vUTRxhACVtUk55kgIoosawu4b
TF8UoXv5JwsUJYWa/Cac9LDqHq4jGBtBo7ZesDV48uIrP+GQ3rFX
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:41 2025 by rpki-client