Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/428237-efd7-4726-90ca-f8f492af480e/1/IdVq3DcheqlnXxKjKPs3NJa1jXI.roa
File: IdVq3DcheqlnXxKjKPs3NJa1jXI.roa (raw, json)
Hash identifier: 7+icgyNXRy9ML1U4jVLEbQecZ6o8izcxFeCqgZqxdvw=
Subject key identifier: 21:D5:6A:DC:37:21:7A:A9:67:5F:12:A3:28:FB:37:34:96:B5:8D:72
Certificate issuer: /CN=473f498592457859f26fb5a610b7b51ef52413f3
Certificate serial: 0189FDB06104D6D054808D34D201DE1DD5C1
Authority key identifier: 47:3F:49:85:92:45:78:59:F2:6F:B5:A6:10:B7:B5:1E:F5:24:13:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rz9JhZJFeFnyb7WmELe1HvUkE_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/428237-efd7-4726-90ca-f8f492af480e/1/IdVq3DcheqlnXxKjKPs3NJa1jXI.roa
Signing time: Wed 16 Aug 2023 09:32:22 +0000
ROA not before: Wed 16 Aug 2023 09:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41077
IP address blocks: 194.140.227.0/24 maxlen: 24
193.104.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:b0:61:04:d6:d0:54:80:8d:34:d2:01:de:1d:d5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473f498592457859f26fb5a610b7b51ef52413f3
Validity
Not Before: Aug 16 09:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21d56adc37217aa9675f12a328fb373496b58d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:93:cb:1d:14:bc:79:de:b2:15:03:c0:34:
d5:b3:ef:06:4d:95:81:dc:e7:56:1a:6b:38:35:58:
09:9d:ae:66:24:77:13:00:62:88:92:ae:65:c2:26:
2f:02:36:4b:b0:5e:27:ef:70:91:84:74:4c:0b:11:
14:94:08:b7:e0:74:6d:be:1e:12:4a:82:2e:af:85:
a9:03:93:ed:0d:71:a3:15:df:e3:d5:d8:25:12:c7:
e0:07:be:a7:14:3d:02:1a:6a:f9:40:3e:17:e1:ad:
1f:db:b9:b1:7f:c5:61:b9:f3:a2:3b:2d:88:5a:b5:
d5:2a:b3:2e:a8:d9:28:d6:6a:20:29:c4:5f:e6:0d:
87:b8:f4:36:a4:78:63:4b:98:87:73:8d:b4:7a:6d:
24:cc:58:09:15:f3:ea:59:05:5d:d6:4d:7a:3e:bd:
b5:75:e8:1e:97:43:7e:3b:57:b3:da:dd:6e:8b:bc:
a7:16:49:16:57:24:11:7a:a8:dc:0a:d5:86:a9:57:
d7:25:c0:36:31:0b:ae:79:75:48:ef:9b:c0:27:56:
17:ce:ee:06:db:0d:21:bd:ca:d2:b8:cb:27:b3:fb:
6c:7e:43:34:bb:b7:92:14:50:1c:28:dc:db:2e:87:
1b:4d:f9:94:df:6f:80:f1:4c:7d:76:23:87:f9:9b:
60:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D5:6A:DC:37:21:7A:A9:67:5F:12:A3:28:FB:37:34:96:B5:8D:72
X509v3 Authority Key Identifier:
keyid:47:3F:49:85:92:45:78:59:F2:6F:B5:A6:10:B7:B5:1E:F5:24:13:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rz9JhZJFeFnyb7WmELe1HvUkE_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/428237-efd7-4726-90ca-f8f492af480e/1/IdVq3DcheqlnXxKjKPs3NJa1jXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/428237-efd7-4726-90ca-f8f492af480e/1/Rz9JhZJFeFnyb7WmELe1HvUkE_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.109.0/24
194.140.227.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b0:6c:5b:05:a2:0c:7a:f6:31:0f:3d:60:99:04:0b:96:2b:
b1:49:94:df:ef:e2:a1:9a:4a:7d:ae:fe:41:88:75:ce:3b:5f:
b8:28:bf:40:45:48:32:60:7b:d8:df:b7:80:03:04:3e:fe:b0:
f1:a7:a3:c5:15:5f:40:25:e6:41:56:43:5a:1e:2f:93:03:c8:
3c:c6:88:2a:c9:65:09:11:34:cb:a6:91:bd:0d:94:e5:b1:c0:
00:8a:cb:88:8c:05:14:ac:6b:46:f1:0b:f2:ed:79:4a:4c:12:
65:6e:05:7f:5f:78:4e:b3:04:31:93:4a:55:41:af:8f:19:61:
7a:7c:be:68:f2:2c:62:3b:90:6a:cb:51:e6:b1:e9:c0:49:a2:
9c:ff:fd:f6:88:90:1a:4e:a3:9e:10:57:ac:1f:5b:c9:55:e8:
05:97:e8:69:9e:58:24:c9:12:0e:74:d5:5a:32:87:24:9e:76:
9c:f0:78:1c:86:41:25:ae:0b:cd:34:10:c8:26:aa:22:81:d3:
f7:20:93:68:77:9e:d3:00:ed:88:6f:be:97:ce:7b:d4:7b:1f:
3b:06:4f:17:3b:8d:85:71:17:fc:3e:95:68:de:df:c0:7f:b0:
76:09:a7:89:2b:37:01:2b:11:be:a3:be:f0:d1:c8:6d:f1:9a:
2f:b0:77:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn9sGEE1tBUgI000gHeHdXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2Y0OTg1OTI0NTc4NTlmMjZmYjVhNjEwYjdiNTFlZjUy
NDEzZjMwHhcNMjMwODE2MDkzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ1NmFkYzM3MjE3YWE5Njc1ZjEyYTMyOGZiMzczNDk2YjU4ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUGTyx0UvHneshUDwDTVs+8GTZWB
3OdWGms4NVgJna5mJHcTAGKIkq5lwiYvAjZLsF4n73CRhHRMCxEUlAi34HRtvh4S
SoIur4WpA5PtDXGjFd/j1dglEsfgB76nFD0CGmr5QD4X4a0f27mxf8VhufOiOy2I
WrXVKrMuqNko1mogKcRf5g2HuPQ2pHhjS5iHc420em0kzFgJFfPqWQVd1k16Pr21
degel0N+O1ez2t1ui7ynFkkWVyQReqjcCtWGqVfXJcA2MQuueXVI75vAJ1YXzu4G
2w0hvcrSuMsns/tsfkM0u7eSFFAcKNzbLocbTfmU32+A8Ux9diOH+ZtgPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCHVatw3IXqpZ18Soyj7NzSWtY1yMB8GA1UdIwQY
MBaAFEc/SYWSRXhZ8m+1phC3tR71JBPzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUno5SmhaSkZlRm55YjdXbUVMZTFIdlVrRV9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS80MjgyMzctZWZkNy00NzI2LTkwY2Et
ZjhmNDkyYWY0ODBlLzEvSWRWcTNEY2hlcWxuWHhLaktQczNOSmExalhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS80MjgyMzctZWZkNy00NzI2LTkwY2EtZjhmNDkyYWY0ODBl
LzEvUno5SmhaSkZlRm55YjdXbUVMZTFIdlVrRV9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWhtAwQA
wozjMA0GCSqGSIb3DQEBCwUAA4IBAQB3sGxbBaIMevYxDz1gmQQLliuxSZTf7+Kh
mkp9rv5BiHXOO1+4KL9ARUgyYHvY37eAAwQ+/rDxp6PFFV9AJeZBVkNaHi+TA8g8
xogqyWUJETTLppG9DZTlscAAisuIjAUUrGtG8Qvy7XlKTBJlbgV/X3hOswQxk0pV
Qa+PGWF6fL5o8ixiO5Bqy1HmsenASaKc//32iJAaTqOeEFesH1vJVegFl+hpnlgk
yRIOdNVaMocknnac8HgchkElrgvNNBDIJqoigdP3IJNod57TAO2Ib76XznvUex87
Bk8XO42FcRf8PpVo3t/Af7B2CaeJKzcBKxG+o77w0cht8ZovsHef
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:23 2025 by rpki-client