Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/d71b2c-2140-4e6e-abc4-401477489302/1/k7OZMSo0QSwkwG6JRQWgUiUJRLg.roa
File: k7OZMSo0QSwkwG6JRQWgUiUJRLg.roa (raw, json)
Hash identifier: r2sB0AVdIBRXx39LJhduNKdQtdfpLV1UaImOaHtJnXY=
Subject key identifier: 93:B3:99:31:2A:34:41:2C:24:C0:6E:89:45:05:A0:52:25:09:44:B8
Certificate issuer: /CN=60b794902a5cd3d2783fcc2aa4b0791f79a577a2
Certificate serial: 01856D2F238901F68F7B1B1F6ACF510423F0
Authority key identifier: 60:B7:94:90:2A:5C:D3:D2:78:3F:CC:2A:A4:B0:79:1F:79:A5:77:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YLeUkCpc09J4P8wqpLB5H3mld6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/d71b2c-2140-4e6e-abc4-401477489302/1/k7OZMSo0QSwkwG6JRQWgUiUJRLg.roa
Signing time: Sun 01 Jan 2023 11:54:43 +0000
ROA not before: Sun 01 Jan 2023 11:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34614
IP address blocks: 193.26.215.0/24 maxlen: 24
193.26.219.0/24 maxlen: 24
193.26.223.0/24 maxlen: 24
193.27.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:23:89:01:f6:8f:7b:1b:1f:6a:cf:51:04:23:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60b794902a5cd3d2783fcc2aa4b0791f79a577a2
Validity
Not Before: Jan 1 11:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93b399312a34412c24c06e894505a052250944b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:31:29:e9:c4:74:24:fe:13:39:68:4c:41:d2:
1f:2c:bf:64:de:1c:54:d8:6a:25:1e:14:f9:6a:49:
4f:84:f3:26:42:77:0e:c4:f6:13:85:be:24:16:fd:
a6:a4:a8:6b:5d:0c:6b:bf:9b:65:7a:f9:89:f6:fc:
ab:af:83:03:85:d5:7d:11:4e:3e:05:b7:bd:37:9e:
45:e4:3e:18:ca:3d:37:1a:19:95:2c:21:82:24:ce:
17:e6:8c:c2:8a:65:b9:28:06:46:1e:70:f9:62:96:
f7:f8:d2:fa:26:0f:72:49:1d:ac:60:7c:bc:38:4c:
0a:04:f5:1f:4e:88:fd:90:0b:e0:c7:2a:a0:02:17:
52:e9:e2:85:93:22:8a:23:ea:7f:eb:1e:24:db:1c:
c4:af:8a:2b:c2:dd:ae:f9:0d:c9:ef:08:32:38:27:
8a:ad:e1:e4:69:61:fd:b6:16:d7:3a:ae:61:5a:84:
4f:ff:4d:71:66:88:d0:35:06:72:97:fe:3b:33:13:
86:c9:3c:87:71:5e:df:55:ff:4a:bf:dc:8a:77:a3:
bb:9e:05:00:10:d5:64:c7:94:4b:20:fa:76:5d:a6:
96:60:bb:e7:d4:6e:eb:ae:40:95:79:01:43:08:36:
b6:d5:dd:fa:9d:1c:d2:c0:78:b3:18:d9:48:f0:66:
e3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B3:99:31:2A:34:41:2C:24:C0:6E:89:45:05:A0:52:25:09:44:B8
X509v3 Authority Key Identifier:
keyid:60:B7:94:90:2A:5C:D3:D2:78:3F:CC:2A:A4:B0:79:1F:79:A5:77:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YLeUkCpc09J4P8wqpLB5H3mld6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d71b2c-2140-4e6e-abc4-401477489302/1/k7OZMSo0QSwkwG6JRQWgUiUJRLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d71b2c-2140-4e6e-abc4-401477489302/1/YLeUkCpc09J4P8wqpLB5H3mld6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.215.0/24
193.26.219.0/24
193.26.223.0/24
193.27.8.0/24
Signature Algorithm: sha256WithRSAEncryption
32:64:e0:be:90:f3:6b:2c:b4:0f:19:af:87:b7:a4:50:08:58:
05:3f:ee:60:c3:7b:d0:2e:f9:76:90:1d:e9:eb:0f:08:9b:95:
b2:cd:54:05:49:d3:37:3c:8a:30:e6:83:ae:6e:48:43:5c:37:
ad:c2:36:97:eb:b2:ee:78:53:ad:4f:a5:39:ff:e3:12:d6:f4:
67:ca:1b:d0:45:6b:be:6a:6e:fa:8c:13:cd:93:69:3e:70:4e:
f5:ab:56:bd:b7:f6:b8:55:51:61:4c:cc:b7:7f:67:11:6a:6f:
85:d5:55:9a:9c:d9:18:f4:68:e6:6d:6f:19:b8:dd:2b:06:f4:
4f:d3:ee:27:0c:26:b8:ee:39:68:30:21:9c:a9:b0:13:b2:05:
2e:b9:b9:16:0c:ee:c8:7b:2b:5f:da:74:ee:18:8d:3a:56:8c:
a3:9c:02:a7:f9:ff:87:a3:e0:c6:43:fd:5f:44:ce:7d:7a:3c:
61:24:c0:ba:6b:fd:e4:00:c3:75:85:cf:a9:8e:52:60:8a:c5:
c7:4e:40:b0:6f:f4:fb:b5:3d:d1:81:cd:51:3b:4c:10:48:f0:
a4:68:09:21:46:a8:c3:43:80:a6:35:ee:71:5b:8d:96:77:d4:
5b:d3:99:cd:a4:3e:1b:c1:df:f7:07:04:04:87:9a:b5:70:9c:
37:77:40:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtLyOJAfaPexsfas9RBCPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYjc5NDkwMmE1Y2QzZDI3ODNmY2MyYWE0YjA3OTFmNzlh
NTc3YTIwHhcNMjMwMTAxMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2IzOTkzMTJhMzQ0MTJjMjRjMDZlODk0NTA1YTA1MjI1MDk0NGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzEp6cR0JP4TOWhMQdIfLL9k3hxU
2GolHhT5aklPhPMmQncOxPYThb4kFv2mpKhrXQxrv5tlevmJ9vyrr4MDhdV9EU4+
Bbe9N55F5D4Yyj03GhmVLCGCJM4X5ozCimW5KAZGHnD5Ypb3+NL6Jg9ySR2sYHy8
OEwKBPUfToj9kAvgxyqgAhdS6eKFkyKKI+p/6x4k2xzEr4orwt2u+Q3J7wgyOCeK
reHkaWH9thbXOq5hWoRP/01xZojQNQZyl/47MxOGyTyHcV7fVf9Kv9yKd6O7ngUA
ENVkx5RLIPp2XaaWYLvn1G7rrkCVeQFDCDa21d36nRzSwHizGNlI8GbjcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJOzmTEqNEEsJMBuiUUFoFIlCUS4MB8GA1UdIwQY
MBaAFGC3lJAqXNPSeD/MKqSweR95pXeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUxlVWtDcGMwOUo0UDh3cXBMQjVIM21sZDZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9kNzFiMmMtMjE0MC00ZTZlLWFiYzQt
NDAxNDc3NDg5MzAyLzEvazdPWk1TbzBRU3drd0c2SlJRV2dVaVVKUkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9kNzFiMmMtMjE0MC00ZTZlLWFiYzQtNDAxNDc3NDg5MzAy
LzEvWUxlVWtDcGMwOUo0UDh3cXBMQjVIM21sZDZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwRrXAwQA
wRrbAwQAwRrfAwQAwRsIMA0GCSqGSIb3DQEBCwUAA4IBAQAyZOC+kPNrLLQPGa+H
t6RQCFgFP+5gw3vQLvl2kB3p6w8Im5WyzVQFSdM3PIow5oOubkhDXDetwjaX67Lu
eFOtT6U5/+MS1vRnyhvQRWu+am76jBPNk2k+cE71q1a9t/a4VVFhTMy3f2cRam+F
1VWanNkY9GjmbW8ZuN0rBvRP0+4nDCa47jloMCGcqbATsgUuubkWDO7Ieytf2nTu
GI06VoyjnAKn+f+Ho+DGQ/1fRM59ejxhJMC6a/3kAMN1hc+pjlJgisXHTkCwb/T7
tT3Rgc1RO0wQSPCkaAkhRqjDQ4CmNe5xW42Wd9Rb05nNpD4bwd/3BwQEh5q1cJw3
d0A+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:37 2025 by rpki-client