Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/7qQwHLQ5vXCWG1aIFfFTdG9Spaw.roa
File: 7qQwHLQ5vXCWG1aIFfFTdG9Spaw.roa (raw, json)
Hash identifier: dkNmgN98Y2VBUYO+DzSQIGYpp0gpUKFGQpn9XiyGhIs=
Subject key identifier: EE:A4:30:1C:B4:39:BD:70:96:1B:56:88:15:F1:53:74:6F:52:A5:AC
Certificate issuer: /CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Certificate serial: 0BADADC1
Authority key identifier: DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/7qQwHLQ5vXCWG1aIFfFTdG9Spaw.roa
Signing time: Sat 01 Jan 2022 14:02:34 +0000
ROA not before: Sat 01 Jan 2022 14:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54574
IP address blocks: 193.41.248.0/24 maxlen: 24
193.41.250.0/24 maxlen: 24
193.110.203.0/24 maxlen: 24
193.110.202.0/24 maxlen: 24
193.110.201.0/24 maxlen: 24
193.110.200.0/22 maxlen: 22
193.110.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195931585 (0xbadadc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Validity
Not Before: Jan 1 14:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eea4301cb439bd70961b568815f153746f52a5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1c:2d:29:8b:d4:5b:2d:1d:6d:f7:b2:a0:aa:
4f:9c:91:14:82:e3:b0:b2:77:ab:c0:68:c4:77:b5:
eb:6b:fe:d4:9d:8b:64:95:13:49:2f:0e:82:1f:f6:
18:db:fa:04:81:16:82:1e:36:b9:7f:22:8d:97:06:
50:f8:9d:87:90:52:4d:e4:35:86:25:83:12:68:47:
a2:f3:be:3d:56:62:16:7b:80:93:1d:3a:f9:e4:17:
69:07:40:6e:f4:65:b0:a3:c9:0b:7e:1b:cf:37:59:
81:de:d3:28:3a:8d:12:da:c8:05:58:7b:09:1b:77:
ca:09:2e:23:94:a1:9c:47:45:80:14:19:3d:e8:6e:
ef:40:77:09:b1:7a:5f:56:61:99:21:4b:e1:b2:e2:
a6:4c:74:5b:c8:6b:20:c2:34:97:a3:45:ca:c0:b3:
75:be:ec:e5:63:41:4f:c8:7d:26:7a:90:cf:c3:d9:
3b:1b:9e:ba:73:ab:41:19:ae:0a:cd:43:86:77:d5:
bf:19:66:35:a7:e7:bf:ca:15:14:84:8e:5a:db:62:
ab:68:c7:6b:49:46:84:57:40:e1:87:a3:79:93:57:
62:8a:f0:fa:34:97:3d:1d:ea:d9:16:fb:79:be:8d:
5e:6e:c2:6d:e4:24:04:24:4d:03:0e:f9:9a:12:5a:
66:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A4:30:1C:B4:39:BD:70:96:1B:56:88:15:F1:53:74:6F:52:A5:AC
X509v3 Authority Key Identifier:
keyid:DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/7qQwHLQ5vXCWG1aIFfFTdG9Spaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/3L-wBIqNpVb9nT3xB3QC-EP11wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.248.0/24
193.41.250.0/24
193.110.200.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:9d:c1:b9:4e:08:c9:5e:27:07:7a:83:15:68:93:d7:a3:8b:
bf:0c:46:7f:01:24:26:a4:1d:ee:23:38:89:17:af:15:1d:11:
8d:d1:17:84:df:c3:5d:9e:bd:4e:0a:75:f5:c7:4a:be:09:58:
7c:42:d9:b6:a3:9e:b5:b4:aa:db:06:a5:b0:a2:fa:56:df:be:
d9:1e:e4:b9:dc:dc:56:4b:5f:30:c9:35:29:de:0b:0a:8b:1f:
2c:b5:2f:7d:c2:e8:05:a7:6e:03:b8:1b:76:fd:c9:54:75:7b:
d8:eb:32:86:84:c9:0a:c5:4b:29:88:b6:51:8b:f8:d9:68:27:
b2:cb:fe:55:24:d8:5a:db:c2:ac:0d:4b:b8:08:f1:b1:8d:f2:
d7:61:9e:bf:2e:00:f1:99:fc:01:22:f6:2a:f9:de:5b:4e:fa:
6e:bc:47:0b:76:43:6f:47:42:d3:d5:1b:3b:01:38:77:ce:81:
f1:a3:69:d0:f0:10:74:ff:57:f1:f3:0c:f2:a3:62:e9:76:3f:
2c:7e:ab:ff:ce:25:35:5e:cd:5b:53:d5:6a:b6:55:ad:eb:e6:
dc:37:00:49:a4:82:1f:f5:25:4e:67:6f:e8:01:a8:7c:8b:67:
8a:3e:2e:02:20:15:5b:33:12:e7:bd:e2:70:51:26:76:db:75:
40:0f:9d:e5
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEC62twTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2JmYjAwNDhhOGRhNTU2ZmQ5ZDNkZjEwNzc0MDJmODQzZjVkNzAzMB4XDTIyMDEw
MTE0MDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWVhNDMwMWNiNDM5
YmQ3MDk2MWI1Njg4MTVmMTUzNzQ2ZjUyYTVhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIcLSmL1FstHW33sqCqT5yRFILjsLJ3q8BoxHe162v+1J2L
ZJUTSS8Ogh/2GNv6BIEWgh42uX8ijZcGUPidh5BSTeQ1hiWDEmhHovO+PVZiFnuA
kx06+eQXaQdAbvRlsKPJC34bzzdZgd7TKDqNEtrIBVh7CRt3ygkuI5ShnEdFgBQZ
Pehu70B3CbF6X1ZhmSFL4bLipkx0W8hrIMI0l6NFysCzdb7s5WNBT8h9JnqQz8PZ
OxueunOrQRmuCs1DhnfVvxlmNafnv8oVFISOWttiq2jHa0lGhFdA4YejeZNXYorw
+jSXPR3q2Rb7eb6NXm7CbeQkBCRNAw75mhJaZo8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTupDActDm9cJYbVogV8VN0b1KlrDAfBgNVHSMEGDAWgBTcv7AEio2lVv2d
PfEHdAL4Q/XXAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNMLXdCSXFOcFZiOW5UM3hCM1FDLUVQMTF3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvZGNiNzBkLTc5NDctNDU2OS1iYzg0LWUwNjBiNGZjYmNjYi8x
LzdxUXdITFE1dlhDV0cxYUlGZkZUZEc5U3Bhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
ZGNiNzBkLTc5NDctNDU2OS1iYzg0LWUwNjBiNGZjYmNjYi8xLzNMLXdCSXFOcFZi
OW5UM3hCM1FDLUVQMTF3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMEp+AMEAMEp+gMEAsFuyDANBgkq
hkiG9w0BAQsFAAOCAQEAbp3BuU4IyV4nB3qDFWiT16OLvwxGfwEkJqQd7iM4iRev
FR0RjdEXhN/DXZ69Tgp19cdKvglYfELZtqOetbSq2walsKL6Vt++2R7kudzcVktf
MMk1Kd4LCosfLLUvfcLoBaduA7gbdv3JVHV72OsyhoTJCsVLKYi2UYv42Wgnssv+
VSTYWtvCrA1LuAjxsY3y12Gevy4A8Zn8ASL2KvneW076brxHC3ZDb0dC09UbOwE4
d86B8aNp0PAQdP9X8fMM8qNi6XY/LH6r/84lNV7NW1PVarZVrevm3DcASaSCH/Ul
Tmdv6AGofItnij4uAiAVWzMS573icFEmdtt1QA+d5Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:10 2025 by rpki-client