Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/u8GvLEWyb_gnh95CU2cTco255XE.roa
File: u8GvLEWyb_gnh95CU2cTco255XE.roa (raw, json)
Hash identifier: Bj4w2qmVTp/92Q6HY2pLIZyuMz/Z4eMb+SvlxTBh+6A=
Subject key identifier: BB:C1:AF:2C:45:B2:6F:F8:27:87:DE:42:53:67:13:72:8D:B9:E5:71
Certificate issuer: /CN=ffd3c1742fc05a80a2dc6bb0ebe1030a9bbc8c94
Certificate serial: 0185727A1D12F6D83CC616825FF8B68F151C
Authority key identifier: FF:D3:C1:74:2F:C0:5A:80:A2:DC:6B:B0:EB:E1:03:0A:9B:BC:8C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9PBdC_AWoCi3Guw6-EDCpu8jJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/u8GvLEWyb_gnh95CU2cTco255XE.roa
Signing time: Mon 02 Jan 2023 12:34:43 +0000
ROA not before: Mon 02 Jan 2023 12:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41960
IP address blocks: 193.36.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:1d:12:f6:d8:3c:c6:16:82:5f:f8:b6:8f:15:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffd3c1742fc05a80a2dc6bb0ebe1030a9bbc8c94
Validity
Not Before: Jan 2 12:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbc1af2c45b26ff82787de42536713728db9e571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:94:13:ea:1e:2f:82:3c:62:21:37:8f:5a:72:
9c:9d:be:c6:87:2e:43:6d:26:0a:88:fd:9a:60:98:
a3:7b:b4:7c:9d:e9:09:f8:0e:b5:a9:74:db:9a:c3:
14:6a:ba:7f:6e:d4:13:77:9f:79:98:8c:3c:65:c0:
83:a6:82:9b:b7:20:85:b7:b3:cd:2b:25:29:f8:d5:
a1:8f:ed:6b:c8:60:9c:4e:b8:4e:55:0c:30:dc:5e:
8c:c6:69:4e:da:ec:77:75:b9:85:c8:13:07:b2:40:
f2:14:af:c4:56:26:45:e1:10:bf:f9:85:55:48:41:
39:85:f7:42:b2:cc:72:cb:3d:be:1b:a5:ac:a9:f0:
53:b9:b0:95:6a:05:a5:4d:40:ac:bd:64:63:aa:09:
d4:77:a4:4b:e5:c8:ac:7b:ab:64:69:70:5b:6e:dd:
1a:25:33:03:85:e9:34:cb:58:47:a6:50:7e:94:b2:
5c:ee:71:ac:9c:f3:6c:f9:bb:ac:83:78:0b:7c:f4:
a3:46:d7:52:c5:41:96:d5:47:b7:48:c1:6d:62:4e:
b9:57:d1:fa:0a:eb:36:b1:8a:0e:0d:2a:8f:93:a6:
c7:47:d0:20:c3:b2:1d:8d:e3:c5:9c:44:02:4c:2a:
67:0d:ea:78:44:ac:5f:01:36:8d:32:20:f3:05:5f:
a7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C1:AF:2C:45:B2:6F:F8:27:87:DE:42:53:67:13:72:8D:B9:E5:71
X509v3 Authority Key Identifier:
keyid:FF:D3:C1:74:2F:C0:5A:80:A2:DC:6B:B0:EB:E1:03:0A:9B:BC:8C:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9PBdC_AWoCi3Guw6-EDCpu8jJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/u8GvLEWyb_gnh95CU2cTco255XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c33df9-edd5-463b-b052-0f0bc401e1e1/1/_9PBdC_AWoCi3Guw6-EDCpu8jJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.177.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ae:a3:48:41:34:26:24:4f:ca:46:ba:0f:21:2d:b2:47:ad:
e3:9f:08:36:11:ed:5f:e1:b2:69:a1:44:7a:4d:21:60:b5:6d:
ca:d1:5d:bd:d0:6b:2b:88:98:fe:82:1f:be:40:50:d9:2a:c5:
37:c0:12:4d:b8:b6:5b:10:44:83:ea:a2:b7:bc:dc:5a:33:26:
69:b8:7e:7b:7d:05:ad:92:9d:4d:12:52:ff:c0:04:c8:68:a3:
43:24:9a:2b:e8:da:44:84:88:2a:92:6f:28:32:b5:dc:f1:ed:
b4:05:91:d5:15:6c:89:7f:56:10:04:20:db:d7:4b:05:87:c5:
d7:22:d6:b4:cc:01:c5:fd:91:b6:5f:78:ec:09:5b:eb:0a:fd:
2e:f9:84:15:7b:e6:f1:25:72:c6:9d:18:cf:48:0e:d8:30:06:
20:ec:35:42:86:1e:40:02:80:2a:f8:5e:e6:ac:f9:18:d4:cb:
ee:06:d9:1e:70:e3:ad:b3:61:8d:af:40:27:e8:80:80:cc:d8:
b7:1d:8d:2d:1e:6a:52:ca:8c:38:dc:2b:aa:48:50:55:da:33:
77:41:30:f5:89:06:cf:f6:c1:a4:9d:44:64:82:c1:4b:2d:5f:
7a:e4:ec:31:d9:56:11:a3:bc:63:f1:aa:93:69:9c:4b:0d:9a:
8d:b6:13:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyeh0S9tg8xhaCX/i2jxUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZDNjMTc0MmZjMDVhODBhMmRjNmJiMGViZTEwMzBhOWJi
YzhjOTQwHhcNMjMwMTAyMTIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmMxYWYyYzQ1YjI2ZmY4Mjc4N2RlNDI1MzY3MTM3MjhkYjllNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspQT6h4vgjxiITePWnKcnb7Ghy5D
bSYKiP2aYJije7R8nekJ+A61qXTbmsMUarp/btQTd595mIw8ZcCDpoKbtyCFt7PN
KyUp+NWhj+1ryGCcTrhOVQww3F6MxmlO2ux3dbmFyBMHskDyFK/EViZF4RC/+YVV
SEE5hfdCssxyyz2+G6WsqfBTubCVagWlTUCsvWRjqgnUd6RL5cise6tkaXBbbt0a
JTMDhek0y1hHplB+lLJc7nGsnPNs+busg3gLfPSjRtdSxUGW1Ue3SMFtYk65V9H6
Cus2sYoODSqPk6bHR9Agw7IdjePFnEQCTCpnDep4RKxfATaNMiDzBV+n1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvBryxFsm/4J4feQlNnE3KNueVxMB8GA1UdIwQY
MBaAFP/TwXQvwFqAotxrsOvhAwqbvIyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzlQQmRDX0FXb0NpM0d1dzYtRURDcHU4akpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jMzNkZjktZWRkNS00NjNiLWIwNTIt
MGYwYmM0MDFlMWUxLzEvdThHdkxFV3liX2duaDk1Q1UyY1RjbzI1NVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jMzNkZjktZWRkNS00NjNiLWIwNTItMGYwYmM0MDFlMWUx
LzEvXzlQQmRDX0FXb0NpM0d1dzYtRURDcHU4akpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSSxMA0G
CSqGSIb3DQEBCwUAA4IBAQCXrqNIQTQmJE/KRroPIS2yR63jnwg2Ee1f4bJpoUR6
TSFgtW3K0V290GsriJj+gh++QFDZKsU3wBJNuLZbEESD6qK3vNxaMyZpuH57fQWt
kp1NElL/wATIaKNDJJor6NpEhIgqkm8oMrXc8e20BZHVFWyJf1YQBCDb10sFh8XX
Ita0zAHF/ZG2X3jsCVvrCv0u+YQVe+bxJXLGnRjPSA7YMAYg7DVChh5AAoAq+F7m
rPkY1MvuBtkecOOts2GNr0An6ICAzNi3HY0tHmpSyow43CuqSFBV2jN3QTD1iQbP
9sGknURkgsFLLV965Owx2VYRo7xj8aqTaZxLDZqNthML
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:37 2025 by rpki-client