Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/83647a-44e5-4049-b879-9337f374168e/1/pqeITCTCzMszSMN2NCT9rSU-1jI.roa
File: pqeITCTCzMszSMN2NCT9rSU-1jI.roa (raw, json)
Hash identifier: 5xxrKvIRmXS7wCPkH74JQPC8SYog1zx9Hf9M3DvURy4=
Subject key identifier: A6:A7:88:4C:24:C2:CC:CB:33:48:C3:76:34:24:FD:AD:25:3E:D6:32
Certificate issuer: /CN=3f96703f30e2099a3d9006bfa84e5c6c486a8d2e
Certificate serial: 018572712E5CD8363274B03C0F41C8CAAFE2
Authority key identifier: 3F:96:70:3F:30:E2:09:9A:3D:90:06:BF:A8:4E:5C:6C:48:6A:8D:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5ZwPzDiCZo9kAa_qE5cbEhqjS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/83647a-44e5-4049-b879-9337f374168e/1/pqeITCTCzMszSMN2NCT9rSU-1jI.roa
Signing time: Mon 02 Jan 2023 12:24:58 +0000
ROA not before: Mon 02 Jan 2023 12:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 193.46.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:2e:5c:d8:36:32:74:b0:3c:0f:41:c8:ca:af:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96703f30e2099a3d9006bfa84e5c6c486a8d2e
Validity
Not Before: Jan 2 12:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6a7884c24c2cccb3348c3763424fdad253ed632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:91:0c:75:6c:f2:74:41:d0:a2:aa:88:f6:
5a:fe:6e:87:3c:48:c9:43:b2:60:e3:16:bb:e5:bc:
a4:45:ea:77:de:f5:b1:56:39:b3:d4:52:be:ce:e3:
a0:05:04:bb:aa:05:c6:bd:86:3c:d6:24:c9:01:b5:
87:75:25:11:1d:4b:62:7d:be:a5:8a:8e:c5:ce:ac:
f9:16:67:ff:43:eb:63:e3:ad:5e:0e:13:31:04:74:
5d:ee:07:49:1a:4e:17:aa:ce:0d:7d:33:1c:c9:d4:
9a:f3:3a:0c:2e:26:e6:82:94:10:99:94:f8:94:bb:
23:e2:a9:5d:3e:94:6c:f8:7c:0a:98:f4:14:9a:9f:
7b:74:a9:35:53:7f:71:d5:28:2f:07:bf:44:65:86:
10:14:05:01:88:df:56:2e:c7:ac:d4:d0:1e:ea:ee:
8a:26:f8:14:0a:ac:e6:7a:9b:a5:b2:05:ac:7e:7d:
6d:dc:3a:df:5a:33:a4:c3:76:f1:ad:49:f4:02:61:
7e:dc:b2:9b:f0:18:21:ef:62:9c:9b:c6:1c:be:2c:
f3:6d:d7:d6:58:da:8c:34:a2:ce:c1:15:bf:e7:aa:
47:20:a1:88:06:f5:be:17:96:06:b3:9c:91:3b:de:
57:09:bb:be:dd:0d:e6:3e:38:62:10:e3:de:9f:c3:
d5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A7:88:4C:24:C2:CC:CB:33:48:C3:76:34:24:FD:AD:25:3E:D6:32
X509v3 Authority Key Identifier:
keyid:3F:96:70:3F:30:E2:09:9A:3D:90:06:BF:A8:4E:5C:6C:48:6A:8D:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5ZwPzDiCZo9kAa_qE5cbEhqjS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/83647a-44e5-4049-b879-9337f374168e/1/pqeITCTCzMszSMN2NCT9rSU-1jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/83647a-44e5-4049-b879-9337f374168e/1/P5ZwPzDiCZo9kAa_qE5cbEhqjS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.62.0/24
Signature Algorithm: sha256WithRSAEncryption
25:3e:a4:c5:b7:b3:c8:a8:ec:05:c2:c6:93:9a:3f:af:03:8f:
e6:2b:aa:03:37:60:5c:52:a9:50:76:9b:8f:aa:29:68:af:dc:
70:76:34:93:40:15:74:e4:7b:8c:3c:61:f8:87:e4:b4:5e:0a:
a4:26:9c:a6:6d:8c:48:a6:8f:97:8b:ba:6f:7d:e9:63:e4:8c:
c0:6c:68:a4:e2:86:ea:a8:1e:de:c2:a9:72:81:39:65:99:45:
42:9d:b4:fa:e3:b5:be:6d:a8:3b:07:af:09:fc:20:0b:be:00:
94:2a:9b:8e:83:d3:57:b7:c4:85:ca:d8:1d:bd:02:87:e3:ff:
6a:c1:ee:88:3e:0b:57:d2:e5:52:d4:53:1b:5b:e0:00:5a:f1:
73:5a:cd:1f:f0:24:98:e0:a1:6b:3b:4d:fc:8e:24:75:22:0c:
80:58:0b:67:76:72:5b:b7:cb:b5:b2:38:46:49:c3:50:10:66:
71:14:ec:77:39:95:00:94:a8:4e:9e:8e:ce:e0:52:d9:f7:f4:
79:5a:6b:d4:56:15:4f:a9:bf:23:08:09:37:0b:c9:68:09:a3:
ea:af:00:de:4c:03:ec:ec:34:08:9a:9f:71:67:02:90:f4:43:
b2:aa:12:e7:35:1f:7d:f5:2e:a8:0e:09:77:df:c5:b6:21:1f:
5b:6f:67:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycS5c2DYydLA8D0HIyq/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTY3MDNmMzBlMjA5OWEzZDkwMDZiZmE4NGU1YzZjNDg2
YThkMmUwHhcNMjMwMTAyMTIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE3ODg0YzI0YzJjY2NiMzM0OGMzNzYzNDI0ZmRhZDI1M2VkNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArACRDHVs8nRB0KKqiPZa/m6HPEjJ
Q7Jg4xa75bykRep33vWxVjmz1FK+zuOgBQS7qgXGvYY81iTJAbWHdSURHUtifb6l
io7Fzqz5Fmf/Q+tj461eDhMxBHRd7gdJGk4Xqs4NfTMcydSa8zoMLibmgpQQmZT4
lLsj4qldPpRs+HwKmPQUmp97dKk1U39x1SgvB79EZYYQFAUBiN9WLses1NAe6u6K
JvgUCqzmepulsgWsfn1t3DrfWjOkw3bxrUn0AmF+3LKb8Bgh72Kcm8YcvizzbdfW
WNqMNKLOwRW/56pHIKGIBvW+F5YGs5yRO95XCbu+3Q3mPjhiEOPen8PV/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaniEwkwszLM0jDdjQk/a0lPtYyMB8GA1UdIwQY
MBaAFD+WcD8w4gmaPZAGv6hOXGxIao0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVad1B6RGlDWm85a0FhX3FFNWNiRWhxalM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MzY0N2EtNDRlNS00MDQ5LWI4Nzkt
OTMzN2YzNzQxNjhlLzEvcHFlSVRDVEN6TXN6U01OMk5DVDlyU1UtMWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MzY0N2EtNDRlNS00MDQ5LWI4NzktOTMzN2YzNzQxNjhl
LzEvUDVad1B6RGlDWm85a0FhX3FFNWNiRWhxalM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS4+MA0G
CSqGSIb3DQEBCwUAA4IBAQAlPqTFt7PIqOwFwsaTmj+vA4/mK6oDN2BcUqlQdpuP
qilor9xwdjSTQBV05HuMPGH4h+S0XgqkJpymbYxIpo+Xi7pvfelj5IzAbGik4obq
qB7ewqlygTllmUVCnbT647W+bag7B68J/CALvgCUKpuOg9NXt8SFytgdvQKH4/9q
we6IPgtX0uVS1FMbW+AAWvFzWs0f8CSY4KFrO038jiR1IgyAWAtndnJbt8u1sjhG
ScNQEGZxFOx3OZUAlKhOno7O4FLZ9/R5WmvUVhVPqb8jCAk3C8loCaPqrwDeTAPs
7DQImp9xZwKQ9EOyqhLnNR999S6oDgl338W2IR9bb2ds
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:32 2025 by rpki-client