Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/j6NmIaLSBwNoFOG9a-ljQSUL8lQ.roa
File: j6NmIaLSBwNoFOG9a-ljQSUL8lQ.roa (raw, json)
Hash identifier: MnofK63Smdrc8XuPEKHnYcXLmsd315GwcqVRcCNC5sw=
Subject key identifier: 8F:A3:66:21:A2:D2:07:03:68:14:E1:BD:6B:E9:63:41:25:0B:F2:54
Certificate issuer: /CN=cfe0df82121438271c913c24ff50fd3b62d40dc6
Certificate serial: 018C823DA152CD873CFD8BB8E40CB0D393E4
Authority key identifier: CF:E0:DF:82:12:14:38:27:1C:91:3C:24:FF:50:FD:3B:62:D4:0D:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-DfghIUOCcckTwk_1D9O2LUDcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/j6NmIaLSBwNoFOG9a-ljQSUL8lQ.roa
Signing time: Tue 19 Dec 2023 13:22:06 +0000
ROA not before: Tue 19 Dec 2023 13:22:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3332
IP address blocks: 193.40.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:3d:a1:52:cd:87:3c:fd:8b:b8:e4:0c:b0:d3:93:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfe0df82121438271c913c24ff50fd3b62d40dc6
Validity
Not Before: Dec 19 13:22:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fa36621a2d207036814e1bd6be96341250bf254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:55:5f:1b:0d:17:bc:3c:a7:a5:0e:b1:1d:17:
5c:e4:f9:71:3c:83:f0:8d:18:13:7e:f7:56:0a:e2:
c8:98:e8:27:e9:fe:d0:20:fc:41:c2:4e:ea:70:9d:
7c:8f:3f:3d:58:06:0a:1e:58:5c:4f:6a:da:4d:ec:
86:00:1a:3f:48:41:a9:26:99:0a:d5:25:5f:75:d1:
6b:2d:e7:2d:ba:82:92:75:52:44:2a:b5:71:c7:b6:
02:d1:c0:95:89:2a:d9:ac:43:a4:62:87:0d:ac:52:
3c:44:a3:6b:1c:61:ad:c7:3b:3c:b2:fb:9b:d5:69:
3d:c2:18:39:0a:29:4d:55:cd:5d:dd:8f:f1:35:6f:
1a:38:dc:9e:a4:9f:33:29:be:52:8b:f7:1b:c4:c5:
cc:c4:84:bd:18:24:74:fe:32:91:46:18:7c:dd:8e:
e4:9a:c2:14:25:2e:c7:43:f6:3a:9c:a2:73:61:e9:
55:7c:02:01:d3:3c:fe:ed:67:c3:18:53:7e:58:9a:
b4:83:6f:de:c7:72:9b:55:52:05:bd:5e:f1:82:85:
91:ea:9c:0c:e0:ce:99:40:a4:27:e0:12:94:8b:a0:
0f:41:c5:8e:59:61:6c:db:af:db:f9:6d:b7:1b:3d:
d9:27:18:3b:8a:cc:52:ec:00:bf:2b:4d:cb:83:a7:
61:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A3:66:21:A2:D2:07:03:68:14:E1:BD:6B:E9:63:41:25:0B:F2:54
X509v3 Authority Key Identifier:
keyid:CF:E0:DF:82:12:14:38:27:1C:91:3C:24:FF:50:FD:3B:62:D4:0D:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-DfghIUOCcckTwk_1D9O2LUDcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/j6NmIaLSBwNoFOG9a-ljQSUL8lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/z-DfghIUOCcckTwk_1D9O2LUDcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.40.195.0/24
Signature Algorithm: sha256WithRSAEncryption
32:29:8b:b4:19:eb:15:c7:92:f2:1d:38:7b:a9:11:3c:1e:8c:
a7:6e:07:8d:64:9d:67:0c:d9:18:f5:63:dc:41:34:3f:27:55:
7f:48:d2:0d:c9:0c:06:8c:ee:2b:d3:fa:1a:90:59:85:25:d4:
e3:e0:1c:bd:fa:c1:5a:3f:5d:34:81:5b:86:b9:be:ea:25:31:
b2:0a:8a:2b:66:97:4a:16:33:22:db:80:7f:a3:63:c0:86:66:
d8:fe:43:68:c3:69:e6:08:6b:8e:71:3d:3c:b8:48:4f:6e:52:
04:42:75:90:24:6f:bd:6c:e8:ea:65:2f:5c:a9:9d:60:f5:59:
5a:4b:4f:02:81:59:64:04:b5:3e:be:cd:5c:d3:bb:a4:71:2a:
20:38:0c:18:06:6e:4c:3c:6d:79:1d:16:dc:b7:39:56:f6:3c:
68:b4:dd:25:dd:89:8a:17:c7:38:03:50:47:40:24:eb:e3:38:
ca:dc:81:6d:8d:89:fa:2c:a8:0a:fb:b1:6e:e3:4a:5e:cc:0e:
cc:e0:63:6c:45:16:80:10:b6:11:3a:b8:79:1d:1c:08:ab:0b:
10:fb:0a:7a:51:0d:c7:56:16:cf:93:c5:21:5a:23:10:fb:fe:
dd:93:97:cf:28:73:6f:d4:0d:57:2d:73:e2:74:40:84:c9:55:
cf:30:98:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyCPaFSzYc8/Yu45Ayw05PkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZTBkZjgyMTIxNDM4MjcxYzkxM2MyNGZmNTBmZDNiNjJk
NDBkYzYwHhcNMjMxMjE5MTMyMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmEzNjYyMWEyZDIwNzAzNjgxNGUxYmQ2YmU5NjM0MTI1MGJmMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVVfGw0XvDynpQ6xHRdc5PlxPIPw
jRgTfvdWCuLImOgn6f7QIPxBwk7qcJ18jz89WAYKHlhcT2raTeyGABo/SEGpJpkK
1SVfddFrLectuoKSdVJEKrVxx7YC0cCViSrZrEOkYocNrFI8RKNrHGGtxzs8svub
1Wk9whg5CilNVc1d3Y/xNW8aONyepJ8zKb5Si/cbxMXMxIS9GCR0/jKRRhh83Y7k
msIUJS7HQ/Y6nKJzYelVfAIB0zz+7WfDGFN+WJq0g2/ex3KbVVIFvV7xgoWR6pwM
4M6ZQKQn4BKUi6APQcWOWWFs26/b+W23Gz3ZJxg7isxS7AC/K03Lg6dhQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+jZiGi0gcDaBThvWvpY0ElC/JUMB8GA1UdIwQY
MBaAFM/g34ISFDgnHJE8JP9Q/Tti1A3GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1EZmdoSVVPQ2Nja1R3a18xRDlPMkxVRGNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yNjMzMWMtMzRhMS00YmM1LWI3NWMt
ZjJjNzkyMmZhZjMyLzEvajZObUlhTFNCd05vRk9HOWEtbGpRU1VMOGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yNjMzMWMtMzRhMS00YmM1LWI3NWMtZjJjNzkyMmZhZjMy
LzEvei1EZmdoSVVPQ2Nja1R3a18xRDlPMkxVRGNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSjDMA0G
CSqGSIb3DQEBCwUAA4IBAQAyKYu0GesVx5LyHTh7qRE8HoynbgeNZJ1nDNkY9WPc
QTQ/J1V/SNINyQwGjO4r0/oakFmFJdTj4By9+sFaP100gVuGub7qJTGyCoorZpdK
FjMi24B/o2PAhmbY/kNow2nmCGuOcT08uEhPblIEQnWQJG+9bOjqZS9cqZ1g9Vla
S08CgVlkBLU+vs1c07ukcSogOAwYBm5MPG15HRbctzlW9jxotN0l3YmKF8c4A1BH
QCTr4zjK3IFtjYn6LKgK+7Fu40pezA7M4GNsRRaAELYROrh5HRwIqwsQ+wp6UQ3H
VhbPk8UhWiMQ+/7dk5fPKHNv1A1XLXPidECEyVXPMJjr
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:51:35 2025 by rpki-client