Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/ex4_7HKvghEtocsE8JPUo7AhdJI.roa
File: ex4_7HKvghEtocsE8JPUo7AhdJI.roa (raw, json)
Hash identifier: PjlmepRSqz1jRHyCzT/zo0Lc8N/bCTIBAt9uR5qyQqE=
Subject key identifier: 7B:1E:3F:EC:72:AF:82:11:2D:A1:CB:04:F0:93:D4:A3:B0:21:74:92
Certificate issuer: /CN=40339d304499d069aecd8bd0e8fba02e522f576a
Certificate serial: 01857169CF6B017995128380F7DB006BF87B
Authority key identifier: 40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/ex4_7HKvghEtocsE8JPUo7AhdJI.roa
Signing time: Mon 02 Jan 2023 07:37:17 +0000
ROA not before: Mon 02 Jan 2023 07:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8676
IP address blocks: 194.13.236.0/23 maxlen: 24
194.13.140.0/23 maxlen: 24
2a06:2100::/30 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:cf:6b:01:79:95:12:83:80:f7:db:00:6b:f8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40339d304499d069aecd8bd0e8fba02e522f576a
Validity
Not Before: Jan 2 07:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b1e3fec72af82112da1cb04f093d4a3b0217492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1a:14:53:f0:72:74:76:c7:98:58:02:a1:61:
a4:2d:6b:1c:39:6f:7b:8b:4b:2d:a7:85:5c:3a:71:
a5:4b:3c:86:c5:e6:3d:a4:56:d8:dc:3a:b8:01:23:
8b:84:c3:b4:68:68:d8:33:06:6e:a9:57:4c:18:2a:
3e:ad:7a:ce:63:ac:72:81:69:ee:b4:da:83:ca:b5:
41:70:3e:65:08:ab:4a:5b:e4:33:70:58:e4:f9:2e:
dd:27:aa:3e:89:cd:82:ed:e9:f6:1f:36:c3:39:7c:
05:3d:66:31:aa:46:e9:c8:5c:85:f7:3b:ab:3c:1e:
d0:6e:40:9f:ef:84:66:6b:01:0b:f0:e3:f8:4b:7c:
e7:81:af:df:bb:18:60:b7:95:d6:5d:21:b3:d4:75:
a8:6a:25:07:69:bc:10:85:24:d1:ac:db:ad:17:44:
6b:49:2c:47:69:5b:14:10:75:fb:22:e2:c8:8a:1c:
db:34:27:8e:3b:cc:6f:d6:de:ca:ad:14:e8:36:22:
e5:75:0a:2d:d3:f4:6d:58:43:7f:d7:00:8d:1e:8e:
5a:2b:56:e7:70:a4:da:cd:cb:28:ac:39:43:31:a6:
99:95:9d:53:18:b4:f5:32:2b:46:12:54:6a:c2:b3:
73:c1:6b:d2:18:74:fc:d0:da:a4:e6:7a:c9:af:dd:
de:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1E:3F:EC:72:AF:82:11:2D:A1:CB:04:F0:93:D4:A3:B0:21:74:92
X509v3 Authority Key Identifier:
keyid:40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/ex4_7HKvghEtocsE8JPUo7AhdJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/QDOdMESZ0GmuzYvQ6PugLlIvV2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.140.0/23
194.13.236.0/23
IPv6:
2a06:2100::/30
Signature Algorithm: sha256WithRSAEncryption
87:6f:6d:0e:7f:c9:63:90:7a:45:3c:09:49:39:ab:a6:13:f0:
09:4a:f2:84:1a:7a:61:85:96:41:be:d3:d4:41:47:07:24:58:
b1:74:c9:6c:d2:96:4c:58:a8:51:be:54:18:06:9f:33:3f:8b:
58:c7:ce:a7:8d:e4:b7:a1:7f:4f:b8:9f:be:e3:aa:63:08:28:
ec:dc:78:93:0a:e1:4a:54:53:41:84:f8:e8:f1:ac:9c:a1:c0:
f8:79:31:1a:9c:40:86:9c:02:33:3f:e7:89:1b:ca:f7:d9:b4:
98:45:1d:46:63:bf:70:fd:c5:4a:44:09:d8:0c:8e:04:b3:60:
8a:cc:63:e2:ce:b9:fe:e2:47:d9:0b:14:bf:04:15:f3:46:c0:
c6:25:5b:84:27:a2:22:65:ad:f8:ac:4e:96:99:62:fa:93:0a:
07:22:d0:82:ae:b8:c7:9f:2c:05:6f:a8:ac:2a:11:28:f5:0a:
4d:c0:31:50:1d:ad:15:f4:43:c5:b8:68:d2:e8:ef:8f:71:2e:
08:1a:5d:5a:cb:47:3e:9a:f6:b4:af:5b:53:f3:cf:cf:3c:5c:
f3:03:4d:1f:2e:38:bd:42:b5:94:25:5b:73:9f:5e:15:b9:73:
5f:54:db:12:1d:d1:a8:37:91:51:0a:3d:76:7b:2b:64:f2:54:
5a:97:be:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxac9rAXmVEoOA99sAa/h7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMzM5ZDMwNDQ5OWQwNjlhZWNkOGJkMGU4ZmJhMDJlNTIy
ZjU3NmEwHhcNMjMwMTAyMDczNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFlM2ZlYzcyYWY4MjExMmRhMWNiMDRmMDkzZDRhM2IwMjE3NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxoUU/BydHbHmFgCoWGkLWscOW97
i0stp4VcOnGlSzyGxeY9pFbY3Dq4ASOLhMO0aGjYMwZuqVdMGCo+rXrOY6xygWnu
tNqDyrVBcD5lCKtKW+QzcFjk+S7dJ6o+ic2C7en2HzbDOXwFPWYxqkbpyFyF9zur
PB7QbkCf74RmawEL8OP4S3znga/fuxhgt5XWXSGz1HWoaiUHabwQhSTRrNutF0Rr
SSxHaVsUEHX7IuLIihzbNCeOO8xv1t7KrRToNiLldQot0/RtWEN/1wCNHo5aK1bn
cKTazcsorDlDMaaZlZ1TGLT1MitGElRqwrNzwWvSGHT80Nqk5nrJr93ekwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHseP+xyr4IRLaHLBPCT1KOwIXSSMB8GA1UdIwQY
MBaAFEAznTBEmdBprs2L0Oj7oC5SL1dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgt
MDMxZTU4OTA1OTIzLzEvZXg0XzdIS3ZnaEV0b2NzRThKUFVvN0FoZEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgtMDMxZTU4OTA1OTIz
LzEvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwg2MAwQB
wg3sMA0EAgACMAcDBQIqBiEAMA0GCSqGSIb3DQEBCwUAA4IBAQCHb20Of8ljkHpF
PAlJOaumE/AJSvKEGnphhZZBvtPUQUcHJFixdMls0pZMWKhRvlQYBp8zP4tYx86n
jeS3oX9PuJ++46pjCCjs3HiTCuFKVFNBhPjo8aycocD4eTEanECGnAIzP+eJG8r3
2bSYRR1GY79w/cVKRAnYDI4Es2CKzGPizrn+4kfZCxS/BBXzRsDGJVuEJ6IiZa34
rE6WmWL6kwoHItCCrrjHnywFb6isKhEo9QpNwDFQHa0V9EPFuGjS6O+PcS4IGl1a
y0c+mva0r1tT88/PPFzzA00fLji9QrWUJVtzn14VuXNfVNsSHdGoN5FRCj12eytk
8lRal76d
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:41 2025 by rpki-client