Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/_EF3JHKzPqbLdOM3uXiRlycz3y4.roa
File: _EF3JHKzPqbLdOM3uXiRlycz3y4.roa (raw, json)
Hash identifier: nSssyJ4J8+SEwbG6VopYwNNjM4mI3zj2UTyxy284ofE=
Subject key identifier: FC:41:77:24:72:B3:3E:A6:CB:74:E3:37:B9:78:91:97:27:33:DF:2E
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 01856B8A127CB8D8CF10B63931652462505A
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/_EF3JHKzPqbLdOM3uXiRlycz3y4.roa
Signing time: Sun 01 Jan 2023 04:14:48 +0000
ROA not before: Sun 01 Jan 2023 04:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 193.109.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:12:7c:b8:d8:cf:10:b6:39:31:65:24:62:50:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Jan 1 04:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc41772472b33ea6cb74e337b97891972733df2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:88:a9:1b:37:75:08:e0:09:28:a3:ee:1a:
7b:06:d7:c8:34:a4:ee:92:15:1d:f5:3d:c6:3e:76:
33:88:b8:f1:81:7c:2b:b4:2d:b8:d3:74:44:87:19:
36:04:f0:ab:fa:79:13:0e:35:4a:3d:bc:e4:49:72:
91:e7:3b:dd:58:48:74:ad:ec:b9:05:3c:6f:f1:90:
81:63:1b:c5:96:8d:fc:cd:da:e4:4c:38:aa:14:55:
56:7c:66:38:2d:d4:fb:28:d0:b0:9b:5c:8e:01:f9:
d7:54:9a:fc:5d:7b:d8:57:f7:21:8b:8a:99:5a:75:
13:59:e1:ee:93:d4:a6:08:30:1f:43:bb:30:ab:97:
11:bc:c1:47:17:56:91:bc:e1:54:a8:93:8e:d0:ba:
eb:e3:c2:d8:82:4a:7e:66:2e:94:6b:53:8c:cf:5e:
6a:a3:89:05:2e:cc:35:15:b3:ad:cb:f8:4d:63:70:
11:9a:50:6b:88:3d:fb:64:54:a7:38:64:80:6c:80:
46:02:7b:e2:e9:66:10:80:c0:80:18:37:ad:3b:7a:
82:e8:cb:30:76:bd:13:ca:16:76:43:67:01:1a:3e:
be:af:28:0b:8b:50:c5:1b:f1:93:74:af:a5:3c:04:
37:b1:65:98:88:18:9f:b5:03:1e:0a:b1:bf:f7:78:
88:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:41:77:24:72:B3:3E:A6:CB:74:E3:37:B9:78:91:97:27:33:DF:2E
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/_EF3JHKzPqbLdOM3uXiRlycz3y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:fa:c2:81:e8:94:8d:5d:80:07:f4:eb:02:98:9c:dc:6c:92:
14:fa:b1:93:49:80:32:37:d9:76:58:21:9c:ef:87:02:71:79:
26:c0:2e:3d:ee:08:8d:46:db:81:da:d8:fe:e3:d7:1e:0a:b4:
4e:f1:cf:85:68:45:ab:a8:b7:3c:c7:f6:f3:98:bf:bb:f3:31:
ac:8f:fd:b1:a8:77:5c:9f:e2:d7:44:d3:34:1c:d9:ce:bd:d6:
55:87:26:c8:8b:df:25:89:93:50:2b:d6:26:7d:29:6c:07:04:
77:5a:a0:d9:20:ee:81:98:21:ba:57:77:7d:7b:b3:0a:93:25:
6a:46:b8:47:81:f0:cc:59:1e:75:39:05:84:11:c2:09:e8:24:
d1:89:0e:fb:ca:62:d1:75:5c:17:18:38:57:b5:c9:dd:19:4b:
6c:96:2c:3b:22:78:96:7d:5e:66:5e:2d:a9:07:a6:a9:40:57:
2c:bd:7b:1f:0c:79:b1:d7:44:71:b7:70:8f:26:5e:5b:26:64:
0a:5b:fd:55:8e:72:f4:46:ec:a6:aa:80:7e:9f:77:a6:c5:2a:
56:54:64:c3:50:39:f6:98:1d:77:65:55:31:70:9f:36:ed:f5:
43:28:25:72:e2:24:8a:65:e5:60:b6:bb:96:75:06:d8:f2:d4:
cb:ab:3b:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrihJ8uNjPELY5MWUkYlBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjMwMTAxMDQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzQxNzcyNDcyYjMzZWE2Y2I3NGUzMzdiOTc4OTE5NzI3MzNkZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm+IqRs3dQjgCSij7hp7BtfINKTu
khUd9T3GPnYziLjxgXwrtC2403REhxk2BPCr+nkTDjVKPbzkSXKR5zvdWEh0rey5
BTxv8ZCBYxvFlo38zdrkTDiqFFVWfGY4LdT7KNCwm1yOAfnXVJr8XXvYV/chi4qZ
WnUTWeHuk9SmCDAfQ7swq5cRvMFHF1aRvOFUqJOO0Lrr48LYgkp+Zi6Ua1OMz15q
o4kFLsw1FbOty/hNY3ARmlBriD37ZFSnOGSAbIBGAnvi6WYQgMCAGDetO3qC6Msw
dr0TyhZ2Q2cBGj6+rygLi1DFG/GTdK+lPAQ3sWWYiBiftQMeCrG/93iI6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxBdyRysz6my3TjN7l4kZcnM98uMB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEvX0VGM0pIS3pQcWJMZE9NM3VYaVJseWN6M3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwW2oMA0G
CSqGSIb3DQEBCwUAA4IBAQC0+sKB6JSNXYAH9OsCmJzcbJIU+rGTSYAyN9l2WCGc
74cCcXkmwC497giNRtuB2tj+49ceCrRO8c+FaEWrqLc8x/bzmL+78zGsj/2xqHdc
n+LXRNM0HNnOvdZVhybIi98liZNQK9YmfSlsBwR3WqDZIO6BmCG6V3d9e7MKkyVq
RrhHgfDMWR51OQWEEcIJ6CTRiQ77ymLRdVwXGDhXtcndGUtsliw7IniWfV5mXi2p
B6apQFcsvXsfDHmx10Rxt3CPJl5bJmQKW/1VjnL0RuymqoB+n3emxSpWVGTDUDn2
mB13ZVUxcJ827fVDKCVy4iSKZeVgtruWdQbY8tTLqztg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:22 2025 by rpki-client