Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/ESiwWyvxZRsLRIDAnqDkhrP3s5U.roa
File: ESiwWyvxZRsLRIDAnqDkhrP3s5U.roa (raw, json)
Hash identifier: 8wPYRn/zR8AB44V/k9rGpsALSdVS+iMzMw9/1nNAies=
Subject key identifier: 11:28:B0:5B:2B:F1:65:1B:0B:44:80:C0:9E:A0:E4:86:B3:F7:B3:95
Certificate issuer: /CN=cb302a273ab4ef25a8ea91a4a3779bcf7d1de59b
Certificate serial: 01856B4A16B784C3A58AB49AE02DAB9F904C
Authority key identifier: CB:30:2A:27:3A:B4:EF:25:A8:EA:91:A4:A3:77:9B:CF:7D:1D:E5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzAqJzq07yWo6pGko3ebz30d5Zs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/ESiwWyvxZRsLRIDAnqDkhrP3s5U.roa
Signing time: Sun 01 Jan 2023 03:04:55 +0000
ROA not before: Sun 01 Jan 2023 03:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43028
IP address blocks: 193.200.201.0/24 maxlen: 24
2001:67c:12c8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:16:b7:84:c3:a5:8a:b4:9a:e0:2d:ab:9f:90:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb302a273ab4ef25a8ea91a4a3779bcf7d1de59b
Validity
Not Before: Jan 1 03:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1128b05b2bf1651b0b4480c09ea0e486b3f7b395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ab:ec:72:09:b7:48:e3:40:ab:98:8c:a2:6a:
d8:8a:85:bc:f7:1e:ea:21:ee:57:50:42:54:e2:0f:
43:90:50:ee:32:74:84:b0:91:2a:1c:34:65:d5:cc:
d5:d9:92:52:d1:6c:ee:f2:76:dd:6f:35:fb:74:1c:
89:e4:31:9f:2f:2c:cf:e2:af:d8:88:44:cf:6a:ee:
37:2b:16:2b:4d:45:96:66:13:c2:ca:a9:50:18:22:
91:2c:48:d6:31:88:b1:44:85:2f:26:83:d4:4b:c8:
1e:6b:45:b7:00:bc:ad:32:8a:60:8f:30:f2:d2:43:
b8:a5:07:7e:b5:70:90:b9:95:1f:21:f8:d9:cf:4a:
63:ce:a9:d1:81:0c:a0:e7:99:d3:33:1b:29:8b:11:
88:d4:80:ed:da:fa:56:56:53:95:a8:4e:ce:9d:20:
78:cd:b7:51:89:78:4c:06:c5:5d:d9:3f:15:f3:c8:
f0:2c:af:0a:85:a8:dd:3b:a4:a9:91:9b:11:39:81:
41:9e:af:2b:e7:35:38:1f:d6:91:de:e5:9d:9b:a6:
a4:e8:16:ff:86:c1:fa:fd:39:c9:77:ec:1e:c0:3c:
62:d6:d6:74:40:c4:b3:46:79:8d:78:44:20:52:02:
63:19:13:81:d1:48:cc:e0:30:0b:6d:e6:a5:04:a2:
56:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:28:B0:5B:2B:F1:65:1B:0B:44:80:C0:9E:A0:E4:86:B3:F7:B3:95
X509v3 Authority Key Identifier:
keyid:CB:30:2A:27:3A:B4:EF:25:A8:EA:91:A4:A3:77:9B:CF:7D:1D:E5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzAqJzq07yWo6pGko3ebz30d5Zs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/ESiwWyvxZRsLRIDAnqDkhrP3s5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/yzAqJzq07yWo6pGko3ebz30d5Zs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.201.0/24
IPv6:
2001:67c:12c8::/48
Signature Algorithm: sha256WithRSAEncryption
6d:09:f0:7f:c4:a0:21:b5:cb:45:d8:4a:da:b1:d9:03:16:5e:
df:35:7d:99:16:b4:b6:d3:eb:a1:be:dd:34:de:bc:2d:82:b2:
8f:07:d2:e5:4d:62:50:f8:6a:80:cd:e0:72:3c:4f:26:35:cb:
fa:c9:61:4b:28:4e:cc:93:3f:5d:ba:ce:80:80:53:42:29:81:
66:0b:da:ce:bc:5c:68:52:a5:86:c3:f2:f6:9b:e1:d1:45:5c:
2b:23:38:54:c1:6b:f1:70:6e:4f:11:6e:dc:0a:b7:19:19:2c:
9d:7b:d5:b5:62:5a:43:dd:8f:c6:0c:ff:1e:37:2d:ad:d8:e2:
7d:c0:c8:24:8b:5b:7d:f7:c2:33:cd:de:35:f0:af:37:b0:30:
5f:5c:a5:6d:d1:fc:40:b0:ba:9d:c0:6c:57:4e:e8:d2:ff:70:
76:ae:1b:f1:6f:fd:5f:4b:93:4f:ad:46:93:7b:d5:2a:18:a4:
c9:12:e7:a7:6b:07:90:ab:fd:35:b8:be:ee:5c:15:c5:1e:1a:
b5:ff:2d:e3:83:f3:d2:8f:e2:ed:28:b0:b9:e3:6b:10:b2:97:
4f:11:dc:1c:16:65:c8:5e:f4:6b:74:ef:3d:84:54:91:6e:56:
7d:f3:7c:3f:b0:dc:76:2c:09:98:56:68:85:8f:44:71:24:6e:
14:64:99:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrSha3hMOlirSa4C2rn5BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzAyYTI3M2FiNGVmMjVhOGVhOTFhNGEzNzc5YmNmN2Qx
ZGU1OWIwHhcNMjMwMTAxMDMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI4YjA1YjJiZjE2NTFiMGI0NDgwYzA5ZWEwZTQ4NmIzZjdiMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKvscgm3SONAq5iMomrYioW89x7q
Ie5XUEJU4g9DkFDuMnSEsJEqHDRl1czV2ZJS0Wzu8nbdbzX7dByJ5DGfLyzP4q/Y
iETPau43KxYrTUWWZhPCyqlQGCKRLEjWMYixRIUvJoPUS8gea0W3ALytMopgjzDy
0kO4pQd+tXCQuZUfIfjZz0pjzqnRgQyg55nTMxspixGI1IDt2vpWVlOVqE7OnSB4
zbdRiXhMBsVd2T8V88jwLK8KhajdO6SpkZsROYFBnq8r5zU4H9aR3uWdm6ak6Bb/
hsH6/TnJd+wewDxi1tZ0QMSzRnmNeEQgUgJjGROB0UjM4DALbealBKJWKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBEosFsr8WUbC0SAwJ6g5Iaz97OVMB8GA1UdIwQY
MBaAFMswKic6tO8lqOqRpKN3m899HeWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpBcUp6cTA3eVdvNnBHa28zZWJ6MzBkNVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85NzdkZGItMzA5NS00ODhkLWIzNmIt
ODAwOGQxZTdjMzhjLzEvRVNpd1d5dnhaUnNMUklEQW5xRGtoclAzczVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85NzdkZGItMzA5NS00ODhkLWIzNmItODAwOGQxZTdjMzhj
LzEveXpBcUp6cTA3eVdvNnBHa28zZWJ6MzBkNVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwcjJMA8E
AgACMAkDBwAgAQZ8EsgwDQYJKoZIhvcNAQELBQADggEBAG0J8H/EoCG1y0XYStqx
2QMWXt81fZkWtLbT66G+3TTevC2Cso8H0uVNYlD4aoDN4HI8TyY1y/rJYUsoTsyT
P126zoCAU0IpgWYL2s68XGhSpYbD8vab4dFFXCsjOFTBa/Fwbk8RbtwKtxkZLJ17
1bViWkPdj8YM/x43La3Y4n3AyCSLW333wjPN3jXwrzewMF9cpW3R/ECwup3AbFdO
6NL/cHauG/Fv/V9Lk0+tRpN71SoYpMkS56drB5Cr/TW4vu5cFcUeGrX/LeOD89KP
4u0osLnjaxCyl08R3BwWZche9Gt07z2EVJFuVn3zfD+w3HYsCZhWaIWPRHEkbhRk
mUA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:20 2025 by rpki-client