Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/4m43PloJZLXw1-RvTLYuf9ypN0I.roa
File: 4m43PloJZLXw1-RvTLYuf9ypN0I.roa (raw, json)
Hash identifier: pWFCHr3TBsIdgzJoHt8lYLoxlHYanVqMZyPFp3Fb7ew=
Subject key identifier: E2:6E:37:3E:5A:09:64:B5:F0:D7:E4:6F:4C:B6:2E:7F:DC:A9:37:42
Certificate issuer: /CN=3dc410e3f09bea6abc9dd8c6ff4185651b0ab867
Certificate serial: 13349916
Authority key identifier: 3D:C4:10:E3:F0:9B:EA:6A:BC:9D:D8:C6:FF:41:85:65:1B:0A:B8:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PcQQ4_Cb6mq8ndjG_0GFZRsKuGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/4m43PloJZLXw1-RvTLYuf9ypN0I.roa
Signing time: Sat 01 Jan 2022 14:08:12 +0000
ROA not before: Sat 01 Jan 2022 14:08:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 193.149.8.0/21 maxlen: 21
134.30.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 322214166 (0x13349916)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3dc410e3f09bea6abc9dd8c6ff4185651b0ab867
Validity
Not Before: Jan 1 14:08:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e26e373e5a0964b5f0d7e46f4cb62e7fdca93742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e9:0c:df:1b:f4:a6:7f:bc:9c:bc:c4:cb:d4:
83:d2:d5:2c:92:ef:ed:6e:3e:6f:95:fd:c0:42:e8:
15:7c:ad:f3:f5:69:1a:5a:da:3d:97:88:da:d1:5c:
89:e6:c0:70:24:c5:60:41:51:20:a8:83:67:2f:69:
8d:5a:e5:50:21:6d:b4:81:49:93:09:98:f9:9b:02:
82:4c:42:d6:46:1a:c9:06:1f:95:3d:2e:ab:e7:ea:
77:fd:bd:fe:aa:d9:49:c8:f8:25:1e:b3:ec:77:42:
9d:b5:35:21:33:87:ed:e4:df:74:fa:1c:e1:13:18:
db:50:6f:2c:65:f6:39:95:e5:0e:a4:78:19:7e:5c:
ae:18:7e:bc:7b:76:8f:d6:fb:23:4a:bd:62:08:df:
44:85:a1:7f:68:15:a3:c0:1a:9a:08:96:af:a6:e3:
d8:c2:71:d8:15:77:93:35:b4:64:eb:6f:4b:26:38:
21:ad:63:4c:83:ae:53:db:61:98:4b:c4:e6:e8:2a:
1e:fa:e2:1b:b3:fb:5d:82:86:66:d2:d9:b1:0c:84:
70:7b:7a:06:3e:a4:84:0d:95:89:7f:33:8d:05:2c:
91:69:a0:51:b6:ab:3d:b1:b0:15:9f:b6:b8:05:e4:
9c:1e:57:6c:ac:d5:b1:2b:ac:35:4a:cf:be:f9:e3:
e0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6E:37:3E:5A:09:64:B5:F0:D7:E4:6F:4C:B6:2E:7F:DC:A9:37:42
X509v3 Authority Key Identifier:
keyid:3D:C4:10:E3:F0:9B:EA:6A:BC:9D:D8:C6:FF:41:85:65:1B:0A:B8:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PcQQ4_Cb6mq8ndjG_0GFZRsKuGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/4m43PloJZLXw1-RvTLYuf9ypN0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/042951-54d8-469c-bba1-a6546cd9da94/1/PcQQ4_Cb6mq8ndjG_0GFZRsKuGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.30.0.0/16
193.149.8.0/21
Signature Algorithm: sha256WithRSAEncryption
cc:c9:11:8b:e5:4d:25:35:d2:aa:75:f1:a2:4a:6b:86:d4:40:
16:fc:b7:bc:4c:38:8d:8a:78:0e:d0:b2:db:f6:73:ad:7c:cf:
91:ac:45:93:29:43:ea:d5:27:1e:5d:5d:8f:6f:08:2d:7e:79:
f0:a1:c4:78:d3:15:19:fd:98:0b:1a:a5:1b:34:a9:7a:99:00:
74:d8:47:e5:04:fb:38:dc:72:f8:ea:e2:f8:8c:a2:6f:ab:4d:
4f:fa:38:bf:29:f3:55:84:c8:aa:b1:3b:6b:4f:c8:75:1e:99:
16:42:18:f3:61:89:81:ee:4a:87:11:3e:b4:b9:8a:6f:3b:81:
05:d0:98:c9:f0:53:ed:90:a2:9c:1a:d1:f8:1c:a3:df:e7:bd:
48:82:0e:f1:5c:7d:63:86:65:2b:18:c5:84:06:43:34:37:38:
58:b0:fe:7c:06:37:87:b0:c4:00:1e:ac:87:e4:b6:3c:ad:e9:
36:26:2d:b4:53:e4:d4:87:18:39:50:b1:cc:9d:9a:9d:95:ef:
4f:61:4d:8a:03:f7:4e:85:6a:39:99:61:db:da:34:05:5f:74:
c1:98:d7:ef:41:61:30:ee:96:22:cf:a7:71:eb:88:74:5f:e1:
6e:aa:5d:20:85:cd:24:1a:3a:8c:b3:86:16:5c:27:19:2e:1e:
b2:c9:b2:d2
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEEzSZFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZGM0MTBlM2YwOWJlYTZhYmM5ZGQ4YzZmZjQxODU2NTFiMGFiODY3MB4XDTIyMDEw
MTE0MDgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI2ZTM3M2U1YTA5
NjRiNWYwZDdlNDZmNGNiNjJlN2ZkY2E5Mzc0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXpDN8b9KZ/vJy8xMvUg9LVLJLv7W4+b5X9wELoFXyt8/Vp
GlraPZeI2tFciebAcCTFYEFRIKiDZy9pjVrlUCFttIFJkwmY+ZsCgkxC1kYayQYf
lT0uq+fqd/29/qrZScj4JR6z7HdCnbU1ITOH7eTfdPoc4RMY21BvLGX2OZXlDqR4
GX5crhh+vHt2j9b7I0q9YgjfRIWhf2gVo8AamgiWr6bj2MJx2BV3kzW0ZOtvSyY4
Ia1jTIOuU9thmEvE5ugqHvriG7P7XYKGZtLZsQyEcHt6Bj6khA2ViX8zjQUskWmg
UbarPbGwFZ+2uAXknB5XbKzVsSusNUrPvvnj4CsCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBTibjc+WglktfDX5G9Mti5/3Kk3QjAfBgNVHSMEGDAWgBQ9xBDj8Jvqaryd
2Mb/QYVlGwq4ZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BjUVE0X0NiNm1xOG5kakdfMEdGWlJzS3VHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvMDQyOTUxLTU0ZDgtNDY5Yy1iYmExLWE2NTQ2Y2Q5ZGE5NC8x
LzRtNDNQbG9KWkxYdzEtUnZUTFl1Zjl5cE4wSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
MDQyOTUxLTU0ZDgtNDY5Yy1iYmExLWE2NTQ2Y2Q5ZGE5NC8xL1BjUVE0X0NiNm1x
OG5kakdfMEdGWlJzS3VHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMDAIYeAwQDwZUIMA0GCSqGSIb3DQEB
CwUAA4IBAQDMyRGL5U0lNdKqdfGiSmuG1EAW/Le8TDiNingO0LLb9nOtfM+RrEWT
KUPq1SceXV2PbwgtfnnwocR40xUZ/ZgLGqUbNKl6mQB02EflBPs43HL46uL4jKJv
q01P+ji/KfNVhMiqsTtrT8h1HpkWQhjzYYmB7kqHET60uYpvO4EF0JjJ8FPtkKKc
GtH4HKPf571Igg7xXH1jhmUrGMWEBkM0NzhYsP58BjeHsMQAHqyH5LY8rek2Ji20
U+TUhxg5ULHMnZqdle9PYU2KA/dOhWo5mWHb2jQFX3TBmNfvQWEw7pYiz6dx64h0
X+Fuql0ghc0kGjqMs4YWXCcZLh6yybLS
-----END CERTIFICATE-----
Generated at Mon Apr 14 07:18:30 2025 by rpki-client