Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/3a40c0-2475-4814-8559-700e3027f623/1/CDQnHCSn_OonlSVHGT4XS-y-41A.roa
File: CDQnHCSn_OonlSVHGT4XS-y-41A.roa (raw, json)
Hash identifier: 3goI8hZjfj04glbcIvpZe34kQPCTQmrYDODjZyxT6EM=
Subject key identifier: 08:34:27:1C:24:A7:FC:EA:27:95:25:47:19:3E:17:4B:EC:BE:E3:50
Certificate issuer: /CN=3c4cf88177442a54f321b8fa80b6cf5df404cff6
Certificate serial: 0185715E8541B17922CE25EE5238A063E3F4
Authority key identifier: 3C:4C:F8:81:77:44:2A:54:F3:21:B8:FA:80:B6:CF:5D:F4:04:CF:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PEz4gXdEKlTzIbj6gLbPXfQEz_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/3a40c0-2475-4814-8559-700e3027f623/1/CDQnHCSn_OonlSVHGT4XS-y-41A.roa
Signing time: Mon 02 Jan 2023 07:24:57 +0000
ROA not before: Mon 02 Jan 2023 07:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34599
IP address blocks: 193.104.76.0/24 maxlen: 24
193.104.80.0/24 maxlen: 24
193.104.94.0/24 maxlen: 24
193.104.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:85:41:b1:79:22:ce:25:ee:52:38:a0:63:e3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4cf88177442a54f321b8fa80b6cf5df404cff6
Validity
Not Before: Jan 2 07:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0834271c24a7fcea27952547193e174becbee350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:60:d7:80:ce:ca:49:7b:9f:38:bd:ee:d2:
a9:ed:74:57:7f:05:a5:79:91:f5:5d:5d:36:8f:83:
cc:40:9e:6f:7f:d5:9d:ec:28:ac:67:a3:90:a6:d8:
0b:bb:47:7b:34:3d:eb:99:50:e5:a3:aa:00:26:9a:
4e:a7:07:9b:0f:d3:7f:b0:5c:3c:46:a5:76:aa:45:
bd:38:3d:cf:21:97:cd:00:43:44:fa:78:f7:b4:5a:
d9:3c:70:a0:6f:db:3f:e0:13:46:23:c4:21:59:88:
0f:e6:d1:52:a6:63:e5:92:a7:38:7d:55:f0:ab:00:
b1:24:c1:94:91:6c:32:6a:96:6e:ef:80:7a:7b:3f:
00:36:39:d4:64:5b:0e:e5:0b:48:ad:44:08:dc:56:
3a:7b:e0:bf:89:83:9d:96:e1:1d:61:57:95:3e:67:
8c:d9:b2:be:6c:b6:ad:55:65:93:43:6f:a8:b7:a9:
1f:08:e6:d3:66:b2:76:a6:44:2f:9b:79:9f:37:b8:
89:16:ac:46:fb:87:88:87:69:0c:95:89:61:04:87:
0c:f4:4d:91:a2:41:6d:20:91:9a:61:37:43:3d:2f:
e5:27:ce:74:f2:ae:e8:4e:54:19:0f:a9:36:99:b1:
75:a2:72:33:95:7f:e9:e7:ec:83:b2:c5:6e:20:0c:
b4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:34:27:1C:24:A7:FC:EA:27:95:25:47:19:3E:17:4B:EC:BE:E3:50
X509v3 Authority Key Identifier:
keyid:3C:4C:F8:81:77:44:2A:54:F3:21:B8:FA:80:B6:CF:5D:F4:04:CF:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEz4gXdEKlTzIbj6gLbPXfQEz_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/3a40c0-2475-4814-8559-700e3027f623/1/CDQnHCSn_OonlSVHGT4XS-y-41A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/3a40c0-2475-4814-8559-700e3027f623/1/PEz4gXdEKlTzIbj6gLbPXfQEz_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.76.0/24
193.104.80.0/24
193.104.93.0-193.104.94.255
Signature Algorithm: sha256WithRSAEncryption
89:47:0b:a2:d2:46:06:52:8a:9e:48:9a:26:9d:12:73:b6:e5:
cb:50:74:1e:91:a3:41:1d:1b:ba:0d:69:05:12:2e:33:b5:29:
33:b3:18:5c:03:2f:01:9e:fa:cf:98:88:c6:bf:12:d2:22:4e:
85:0a:04:7a:85:da:43:17:e7:78:aa:cc:e4:6a:75:40:8e:b1:
4a:09:f0:15:5e:fc:d2:f2:36:14:fc:f2:7f:03:a5:db:5f:22:
4d:55:1f:ac:58:86:c0:67:31:58:26:c3:c1:19:6a:f3:29:de:
eb:a2:f4:4b:b8:9c:c4:63:5f:36:a7:76:72:0a:44:9b:a3:ba:
31:b2:c1:59:40:3c:36:d4:84:dd:b5:b6:1c:af:03:9e:69:2f:
24:4a:f3:00:4e:5d:94:9f:3d:ee:eb:8d:b3:ea:51:5b:c8:e7:
f4:c6:a6:a6:fa:a3:f6:87:8b:db:1a:9a:24:20:c8:8c:86:03:
bc:8f:57:f5:47:a3:f5:2d:08:ba:0b:f9:ab:cc:1a:5f:67:91:
3c:f5:8b:45:6a:d5:93:38:04:a0:25:83:60:f1:f3:28:16:c1:
96:4d:00:bd:76:61:2e:54:67:97:a0:4c:fa:5a:cf:ef:5f:83:
82:82:07:49:43:36:04:17:49:40:02:8e:0b:5b:90:45:d6:c4:
cf:c2:90:e8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxXoVBsXkiziXuUjigY+P0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGNmODgxNzc0NDJhNTRmMzIxYjhmYTgwYjZjZjVkZjQw
NGNmZjYwHhcNMjMwMTAyMDcyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM0MjcxYzI0YTdmY2VhMjc5NTI1NDcxOTNlMTc0YmVjYmVlMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUlg14DOykl7nzi97tKp7XRXfwWl
eZH1XV02j4PMQJ5vf9Wd7CisZ6OQptgLu0d7ND3rmVDlo6oAJppOpwebD9N/sFw8
RqV2qkW9OD3PIZfNAENE+nj3tFrZPHCgb9s/4BNGI8QhWYgP5tFSpmPlkqc4fVXw
qwCxJMGUkWwyapZu74B6ez8ANjnUZFsO5QtIrUQI3FY6e+C/iYOdluEdYVeVPmeM
2bK+bLatVWWTQ2+ot6kfCObTZrJ2pkQvm3mfN7iJFqxG+4eIh2kMlYlhBIcM9E2R
okFtIJGaYTdDPS/lJ8508q7oTlQZD6k2mbF1onIzlX/p5+yDssVuIAy0MQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAg0Jxwkp/zqJ5UlRxk+F0vsvuNQMB8GA1UdIwQY
MBaAFDxM+IF3RCpU8yG4+oC2z130BM/2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEV6NGdYZEVLbFR6SWJqNmdMYlBYZlFFel9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8zYTQwYzAtMjQ3NS00ODE0LTg1NTkt
NzAwZTMwMjdmNjIzLzEvQ0RRbkhDU25fT29ubFNWSEdUNFhTLXktNDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8zYTQwYzAtMjQ3NS00ODE0LTg1NTktNzAwZTMwMjdmNjIz
LzEvUEV6NGdYZEVLbFR6SWJqNmdMYlBYZlFFel9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwWhMAwQA
wWhQMAwDBADBaF0DBADBaF4wDQYJKoZIhvcNAQELBQADggEBAIlHC6LSRgZSip5I
miadEnO25ctQdB6Ro0EdG7oNaQUSLjO1KTOzGFwDLwGe+s+YiMa/EtIiToUKBHqF
2kMX53iqzORqdUCOsUoJ8BVe/NLyNhT88n8DpdtfIk1VH6xYhsBnMVgmw8EZavMp
3uui9Eu4nMRjXzandnIKRJujujGywVlAPDbUhN21thyvA55pLyRK8wBOXZSfPe7r
jbPqUVvI5/TGpqb6o/aHi9samiQgyIyGA7yPV/VHo/UtCLoL+avMGl9nkTz1i0Vq
1ZM4BKAlg2Dx8ygWwZZNAL12YS5UZ5egTPpaz+9fg4KCB0lDNgQXSUACjgtbkEXW
xM/CkOg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:48 2025 by rpki-client