Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/CvbM3PwPEZSO-7m94SHYWDRayEI.roa
File: CvbM3PwPEZSO-7m94SHYWDRayEI.roa (raw, json)
Hash identifier: XPuTBnIY0hz47IiYzltEm19eMFHWmAXkrl6iRz5DUdQ=
Subject key identifier: 0A:F6:CC:DC:FC:0F:11:94:8E:FB:B9:BD:E1:21:D8:58:34:5A:C8:42
Certificate issuer: /CN=cf1bb1aa0c93b7918c2fd2433b41c21d79d44daa
Certificate serial: 018BE4FFF4AFAAC3D7985C735AC03DB47119
Authority key identifier: CF:1B:B1:AA:0C:93:B7:91:8C:2F:D2:43:3B:41:C2:1D:79:D4:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxuxqgyTt5GML9JDO0HCHXnUTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/CvbM3PwPEZSO-7m94SHYWDRayEI.roa
Signing time: Sun 19 Nov 2023 00:34:21 +0000
ROA not before: Sun 19 Nov 2023 00:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25141
IP address blocks: 93.157.9.0/24 maxlen: 24
93.157.11.0/24 maxlen: 24
93.157.8.0/24 maxlen: 24
93.157.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e4:ff:f4:af:aa:c3:d7:98:5c:73:5a:c0:3d:b4:71:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1bb1aa0c93b7918c2fd2433b41c21d79d44daa
Validity
Not Before: Nov 19 00:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0af6ccdcfc0f11948efbb9bde121d858345ac842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:45:b3:11:cd:77:23:66:d6:83:c7:ae:7f:5b:
9b:fb:95:0f:3e:35:98:44:39:c1:df:f9:09:35:ba:
8e:90:f1:21:ab:2c:50:3f:d0:84:cc:6c:09:ed:7f:
ee:72:3a:6b:cc:0a:f5:12:05:88:fd:ad:cd:26:83:
3a:e0:0a:79:93:38:e8:a5:b3:2c:bf:78:82:8f:32:
cf:ce:97:7c:2f:f9:af:92:55:e8:66:e8:7a:2d:29:
4c:35:4e:3d:35:ed:03:a4:ff:63:ad:4e:6c:4e:36:
d8:e9:1e:54:fe:7b:6b:d5:a3:13:eb:76:75:4d:ed:
34:7a:38:7a:19:c6:f3:9e:f9:1b:6c:d1:cb:b4:85:
fc:ea:ce:51:5f:1e:d6:71:12:22:87:dd:f9:82:50:
be:10:bf:74:07:ed:33:1f:d5:1c:c0:82:5c:e5:b4:
02:53:ab:d7:da:c8:83:17:42:43:86:67:65:41:e2:
87:5a:15:d6:22:72:cd:2a:25:1c:b6:5b:d9:49:ea:
ba:48:98:96:45:c6:9d:8b:5d:7d:4c:91:31:16:5a:
46:90:59:f6:04:53:d7:33:ec:d7:cd:d1:a9:77:37:
36:78:e7:04:cf:92:f6:b5:3d:34:54:3d:2f:c5:06:
4f:33:d8:96:b0:d9:f6:40:bd:01:13:65:bb:b1:f8:
6d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F6:CC:DC:FC:0F:11:94:8E:FB:B9:BD:E1:21:D8:58:34:5A:C8:42
X509v3 Authority Key Identifier:
keyid:CF:1B:B1:AA:0C:93:B7:91:8C:2F:D2:43:3B:41:C2:1D:79:D4:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxuxqgyTt5GML9JDO0HCHXnUTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/CvbM3PwPEZSO-7m94SHYWDRayEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/zxuxqgyTt5GML9JDO0HCHXnUTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.8.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:da:85:2b:a1:eb:b1:bd:8e:b0:4f:ac:71:45:f1:5e:ba:0c:
51:70:e9:17:19:ca:f1:1e:83:55:42:6c:61:06:34:a0:e5:a4:
a0:c8:0f:d9:e8:0c:ad:7d:d2:47:6b:fc:bd:db:0e:e8:46:51:
48:d2:0a:9e:60:5c:2d:c2:fd:c1:ae:e4:65:f1:70:fd:50:6a:
80:24:54:44:3b:f5:8c:ac:aa:2a:b6:54:2d:87:fd:7f:b8:53:
c4:ee:39:3f:7b:7b:99:c7:bf:ef:ce:12:cf:e2:fe:b3:c3:98:
de:d5:50:eb:21:fc:9f:d6:6d:0c:d0:37:ef:4b:95:f6:91:0e:
2c:c2:b6:0e:30:cd:54:e1:43:39:f5:38:fc:7b:34:1f:71:0b:
fc:2f:e4:43:17:3e:0b:74:d4:e3:44:80:b6:a7:35:8c:6c:e6:
6b:f2:d4:9d:77:43:88:6f:a3:d8:ff:2f:56:25:90:b7:ab:d2:
3d:4c:14:af:66:bc:ac:48:b0:16:88:f6:d7:44:01:08:36:f6:
8d:c9:47:ac:00:02:7c:a5:dd:7b:85:8b:19:01:ee:85:15:81:
3b:0f:62:df:b6:4e:e1:c5:47:ba:7a:ea:3b:42:ff:26:80:a2:
d7:af:54:55:41:db:91:02:05:c8:a5:58:35:98:1b:e8:87:32:
52:0a:5c:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvk//SvqsPXmFxzWsA9tHEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWJiMWFhMGM5M2I3OTE4YzJmZDI0MzNiNDFjMjFkNzlk
NDRkYWEwHhcNMjMxMTE5MDAzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY2Y2NkY2ZjMGYxMTk0OGVmYmI5YmRlMTIxZDg1ODM0NWFjODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkWzEc13I2bWg8euf1ub+5UPPjWY
RDnB3/kJNbqOkPEhqyxQP9CEzGwJ7X/ucjprzAr1EgWI/a3NJoM64Ap5kzjopbMs
v3iCjzLPzpd8L/mvklXoZuh6LSlMNU49Ne0DpP9jrU5sTjbY6R5U/ntr1aMT63Z1
Te00ejh6GcbznvkbbNHLtIX86s5RXx7WcRIih935glC+EL90B+0zH9UcwIJc5bQC
U6vX2siDF0JDhmdlQeKHWhXWInLNKiUctlvZSeq6SJiWRcadi119TJExFlpGkFn2
BFPXM+zXzdGpdzc2eOcEz5L2tT00VD0vxQZPM9iWsNn2QL0BE2W7sfhtvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAr2zNz8DxGUjvu5veEh2Fg0WshCMB8GA1UdIwQY
MBaAFM8bsaoMk7eRjC/SQztBwh151E2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenh1eHFneVR0NUdNTDlKRE8wSENIWG5VVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMmYyNmEtMTU0Ny00M2YzLWEyMzkt
YzlmMDlhZjcyOWNmLzEvQ3ZiTTNQd1BFWlNPLTdtOTRTSFlXRFJheUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMmYyNmEtMTU0Ny00M2YzLWEyMzktYzlmMDlhZjcyOWNm
LzEvenh1eHFneVR0NUdNTDlKRE8wSENIWG5VVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXZ0IMA0G
CSqGSIb3DQEBCwUAA4IBAQAu2oUroeuxvY6wT6xxRfFeugxRcOkXGcrxHoNVQmxh
BjSg5aSgyA/Z6AytfdJHa/y92w7oRlFI0gqeYFwtwv3BruRl8XD9UGqAJFREO/WM
rKoqtlQth/1/uFPE7jk/e3uZx7/vzhLP4v6zw5je1VDrIfyf1m0M0DfvS5X2kQ4s
wrYOMM1U4UM59Tj8ezQfcQv8L+RDFz4LdNTjRIC2pzWMbOZr8tSdd0OIb6PY/y9W
JZC3q9I9TBSvZrysSLAWiPbXRAEINvaNyUesAAJ8pd17hYsZAe6FFYE7D2Lftk7h
xUe6euo7Qv8mgKLXr1RVQduRAgXIpVg1mBvohzJSClxn
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:09 2025 by rpki-client