Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/PBFodq3Ee1ObrKGk5Svd4V-IwZ4.roa
File: PBFodq3Ee1ObrKGk5Svd4V-IwZ4.roa (raw, json)
Hash identifier: oxCMyNXRpEqXpNMVweJK9bU6a6Z9jwcoAbIViwDvGLk=
Subject key identifier: 3C:11:68:76:AD:C4:7B:53:9B:AC:A1:A4:E5:2B:DD:E1:5F:88:C1:9E
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 01856F1DB01C4F6F1DB8B16F50873EC14772
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/PBFodq3Ee1ObrKGk5Svd4V-IwZ4.roa
Signing time: Sun 01 Jan 2023 20:54:54 +0000
ROA not before: Sun 01 Jan 2023 20:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21026
IP address blocks: 193.188.250.0/24 maxlen: 25
194.8.96.0/19 maxlen: 25
194.145.64.0/19 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b0:1c:4f:6f:1d:b8:b1:6f:50:87:3e:c1:47:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 20:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c116876adc47b539baca1a4e52bdde15f88c19e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c3:74:be:62:1d:8d:43:ea:72:ae:9d:37:ac:
66:bf:4c:48:44:f0:e3:23:6f:0c:2a:0f:39:8b:6f:
b7:cc:0c:56:27:f6:22:e4:6b:56:8a:2e:c8:da:01:
85:68:96:ed:75:06:20:c0:48:1f:46:8b:c4:90:0a:
40:5e:bd:3e:c3:6e:c3:84:6a:2f:c9:9b:b1:7b:45:
a4:3d:ef:b9:82:9c:2b:27:ff:d1:ea:c0:4b:4f:78:
ab:94:bc:69:e6:c5:fa:dc:a3:7a:26:6f:c0:64:1a:
c2:bb:e0:c0:79:c8:e5:67:69:87:30:1d:65:b7:37:
6d:4e:2e:07:ad:a5:66:06:2d:46:51:70:c3:11:fc:
db:e5:fc:0c:b8:41:a6:df:d4:3c:ad:91:5a:a2:a3:
30:5a:26:60:42:38:9f:cd:9e:08:55:d0:30:d0:8d:
89:99:1b:f2:8f:2a:d5:47:54:10:2e:70:49:16:5a:
a4:c3:47:ad:38:e2:1d:03:4b:c5:65:8c:59:4a:af:
20:2c:6d:0e:b0:59:ed:97:74:4c:fa:f0:79:2f:f9:
80:ab:f8:de:50:66:7d:50:e6:e7:6d:53:23:99:97:
96:3c:4d:da:0c:ce:d5:ec:fd:ac:a9:b1:44:90:1f:
d7:06:e2:fa:75:c4:ff:3d:9c:23:4c:4b:88:8e:80:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:11:68:76:AD:C4:7B:53:9B:AC:A1:A4:E5:2B:DD:E1:5F:88:C1:9E
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/PBFodq3Ee1ObrKGk5Svd4V-IwZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.250.0/24
194.8.96.0/19
194.145.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5d:3c:41:32:4e:f4:51:77:1c:07:1b:a9:fe:88:f3:85:a1:30:
cc:93:fc:c2:27:d4:fd:aa:82:69:19:68:6f:83:3b:66:cb:54:
54:59:fa:f2:67:40:59:53:4c:6e:2d:9c:75:45:51:9b:d9:d2:
fb:8d:7b:b6:76:38:5c:60:73:fe:37:1c:77:88:92:b3:4c:f1:
ba:d4:b3:c3:04:70:93:8d:56:df:60:b6:28:a4:df:97:92:c0:
d1:4f:e5:e7:f6:29:46:ad:19:57:74:1d:67:7f:8d:3c:a1:a1:
70:9f:41:92:34:5b:f3:ce:99:48:53:5f:ba:05:ea:8b:65:ca:
fa:b6:74:47:76:87:0a:58:ba:ad:b0:e5:31:50:5c:61:dd:42:
f1:ee:ef:37:ce:56:9f:b8:71:09:ae:50:3d:7d:52:60:d0:09:
b5:51:75:22:c1:6f:4b:58:09:bb:c7:e3:0a:fb:65:a3:c9:ea:
86:52:87:a9:e9:c2:0e:29:0f:a9:1f:a4:4b:02:44:02:1b:20:
f3:33:1c:e8:a8:57:18:18:d7:00:45:12:32:7d:47:02:a3:36:
3b:f7:1c:63:7d:4a:5f:a3:8a:97:ef:8c:50:18:90:88:33:ec:
e9:69:f5:9e:0a:9d:e8:54:e7:6e:84:21:17:d4:e9:05:72:cc:
2d:74:49:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvHbAcT28duLFvUIc+wUdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWRlNDkwZmY4NzRlOTY4OWNlY2Y3MjZjYmI0ZTJmNTFm
NmM3MzEwHhcNMjMwMTAxMjA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzExNjg3NmFkYzQ3YjUzOWJhY2ExYTRlNTJiZGRlMTVmODhjMTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cN0vmIdjUPqcq6dN6xmv0xIRPDj
I28MKg85i2+3zAxWJ/Yi5GtWii7I2gGFaJbtdQYgwEgfRovEkApAXr0+w27DhGov
yZuxe0WkPe+5gpwrJ//R6sBLT3irlLxp5sX63KN6Jm/AZBrCu+DAecjlZ2mHMB1l
tzdtTi4HraVmBi1GUXDDEfzb5fwMuEGm39Q8rZFaoqMwWiZgQjifzZ4IVdAw0I2J
mRvyjyrVR1QQLnBJFlqkw0etOOIdA0vFZYxZSq8gLG0OsFntl3RM+vB5L/mAq/je
UGZ9UObnbVMjmZeWPE3aDM7V7P2sqbFEkB/XBuL6dcT/PZwjTEuIjoBN3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDwRaHatxHtTm6yhpOUr3eFfiMGeMB8GA1UdIwQY
MBaAFJ1d5JD/h06Wic7Pcmy7Ti9R9scxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUt
Y2VjMzNiYTFiZGY1LzEvUEJGb2RxM0VlMU9icktHazVTdmQ0Vi1Jd1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUtY2VjMzNiYTFiZGY1
LzEvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwbz6AwQF
wghgAwQFwpFAMA0GCSqGSIb3DQEBCwUAA4IBAQBdPEEyTvRRdxwHG6n+iPOFoTDM
k/zCJ9T9qoJpGWhvgztmy1RUWfryZ0BZU0xuLZx1RVGb2dL7jXu2djhcYHP+Nxx3
iJKzTPG61LPDBHCTjVbfYLYopN+XksDRT+Xn9ilGrRlXdB1nf408oaFwn0GSNFvz
zplIU1+6BeqLZcr6tnRHdocKWLqtsOUxUFxh3ULx7u83zlafuHEJrlA9fVJg0Am1
UXUiwW9LWAm7x+MK+2WjyeqGUoep6cIOKQ+pH6RLAkQCGyDzMxzoqFcYGNcARRIy
fUcCozY79xxjfUpfo4qX74xQGJCIM+zpafWeCp3oVOduhCEX1OkFcswtdEnq
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:44:14 2025 by rpki-client