Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/et_q_3NcWAzunrSfNC8hwmgyEH0.roa
File: et_q_3NcWAzunrSfNC8hwmgyEH0.roa (raw, json)
Hash identifier: qCu9QrWpwjrVmB2+/Bor5e9kXyS0TYiVrl0OK1ETD90=
Subject key identifier: 7A:DF:EA:FF:73:5C:58:0C:EE:9E:B4:9F:34:2F:21:C2:68:32:10:7D
Certificate issuer: /CN=b8232d19dd81d45c25923aeb4d9a9685879aefa6
Certificate serial: 01856FE70FEE79BF65C487A99B15272CB481
Authority key identifier: B8:23:2D:19:DD:81:D4:5C:25:92:3A:EB:4D:9A:96:85:87:9A:EF:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCMtGd2B1FwlkjrrTZqWhYea76Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/et_q_3NcWAzunrSfNC8hwmgyEH0.roa
Signing time: Mon 02 Jan 2023 00:34:51 +0000
ROA not before: Mon 02 Jan 2023 00:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49234
IP address blocks: 193.17.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:0f:ee:79:bf:65:c4:87:a9:9b:15:27:2c:b4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8232d19dd81d45c25923aeb4d9a9685879aefa6
Validity
Not Before: Jan 2 00:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7adfeaff735c580cee9eb49f342f21c26832107d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e9:12:57:ce:79:39:3d:8e:c5:1f:9a:1b:99:
c0:7b:73:86:3f:23:e3:7b:d4:c2:c3:aa:95:98:08:
19:9b:fa:f0:49:23:c5:9c:a2:d0:fd:d7:01:b3:f7:
e0:d8:83:7e:21:7b:c5:cd:27:38:2d:7b:52:06:0c:
91:68:40:a1:15:66:fb:1b:4c:2a:c4:4b:f8:05:7d:
b7:1e:9a:3d:cc:f2:9d:bc:27:a2:d9:cb:d7:0e:c5:
aa:81:dc:04:44:ae:6e:17:31:3a:3f:de:3e:90:4b:
ea:4e:f7:4a:98:cd:ee:d5:18:2c:84:32:35:68:c8:
95:fa:1c:f8:7b:2b:52:c7:7b:e3:49:02:c3:80:7f:
76:20:f9:36:9c:ac:ea:10:52:1a:19:64:01:ea:84:
bf:3d:97:e7:9b:0a:a0:d9:be:4e:45:56:56:cb:f1:
82:f3:19:26:4c:68:4c:ae:fd:51:1b:90:e5:08:5e:
76:7d:a9:a0:5d:c4:e6:50:0e:49:b1:be:57:27:48:
b6:e7:08:bb:80:6c:8f:ff:49:36:e2:8e:45:1a:d1:
c5:40:8c:f1:ed:90:47:6d:ff:a2:8e:62:45:27:fa:
db:49:d4:0e:36:2e:45:ac:f5:0c:df:26:d2:58:ac:
a9:88:6b:b9:15:c4:01:70:4a:08:82:cb:4a:14:ce:
47:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:DF:EA:FF:73:5C:58:0C:EE:9E:B4:9F:34:2F:21:C2:68:32:10:7D
X509v3 Authority Key Identifier:
keyid:B8:23:2D:19:DD:81:D4:5C:25:92:3A:EB:4D:9A:96:85:87:9A:EF:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCMtGd2B1FwlkjrrTZqWhYea76Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/et_q_3NcWAzunrSfNC8hwmgyEH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/uCMtGd2B1FwlkjrrTZqWhYea76Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.240.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:1f:c2:fd:5a:00:9f:d2:83:80:d7:d6:6d:dc:90:0c:ea:c9:
ca:00:d7:c8:82:72:e5:40:5b:24:f6:c8:90:a1:9b:f7:97:10:
f8:de:37:a4:06:1d:2e:b7:9c:51:a3:04:13:60:f3:05:ae:b5:
55:2f:9c:3a:2a:c8:ea:95:5a:cd:7b:e6:ed:a7:a1:b1:13:64:
fc:2e:e7:2b:73:c8:78:67:bd:29:9b:a3:4b:16:58:bc:ec:ec:
ce:c2:23:5e:8a:6c:a5:21:a7:3b:66:da:5b:a0:65:b0:af:b5:
06:bd:ca:b9:95:7e:f1:a0:52:73:66:2b:05:01:33:0b:27:aa:
de:d6:ec:dc:73:83:0c:e7:ef:d2:8d:75:a8:03:84:bf:40:5a:
49:ce:b5:fe:95:ea:6f:0a:1d:31:22:9d:e9:ee:66:8b:12:b4:
64:6e:b5:5f:d5:b6:37:f8:ac:7f:88:0f:01:4f:e0:6e:7d:1b:
1b:a1:66:6a:18:13:47:ef:9a:24:a9:d1:40:7b:af:d5:63:15:
46:c7:44:d8:c0:6d:53:49:5d:90:ad:b0:ac:01:ea:8c:fd:9e:
eb:ef:55:6e:26:cf:26:66:b9:09:e4:c0:b1:16:94:df:53:8a:
d6:92:cf:ce:3f:c8:fa:77:74:35:90:c3:a6:f0:96:b0:57:94:
e6:2a:2c:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5w/ueb9lxIepmxUnLLSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MjMyZDE5ZGQ4MWQ0NWMyNTkyM2FlYjRkOWE5Njg1ODc5
YWVmYTYwHhcNMjMwMTAyMDAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWRmZWFmZjczNWM1ODBjZWU5ZWI0OWYzNDJmMjFjMjY4MzIxMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+kSV855OT2OxR+aG5nAe3OGPyPj
e9TCw6qVmAgZm/rwSSPFnKLQ/dcBs/fg2IN+IXvFzSc4LXtSBgyRaEChFWb7G0wq
xEv4BX23Hpo9zPKdvCei2cvXDsWqgdwERK5uFzE6P94+kEvqTvdKmM3u1RgshDI1
aMiV+hz4eytSx3vjSQLDgH92IPk2nKzqEFIaGWQB6oS/PZfnmwqg2b5ORVZWy/GC
8xkmTGhMrv1RG5DlCF52famgXcTmUA5Jsb5XJ0i25wi7gGyP/0k24o5FGtHFQIzx
7ZBHbf+ijmJFJ/rbSdQONi5FrPUM3ybSWKypiGu5FcQBcEoIgstKFM5HDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrf6v9zXFgM7p60nzQvIcJoMhB9MB8GA1UdIwQY
MBaAFLgjLRndgdRcJZI6602aloWHmu+mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUNNdEdkMkIxRndsa2pyclRacVdoWWVhNzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8zZmE3MTgtOTBjNS00MjZjLWI4NWYt
MWRmMDllNzAxNDM0LzEvZXRfcV8zTmNXQXp1bnJTZk5DOGh3bWd5RUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8zZmE3MTgtOTBjNS00MjZjLWI4NWYtMWRmMDllNzAxNDM0
LzEvdUNNdEdkMkIxRndsa2pyclRacVdoWWVhNzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwRHwMA0G
CSqGSIb3DQEBCwUAA4IBAQBbH8L9WgCf0oOA19Zt3JAM6snKANfIgnLlQFsk9siQ
oZv3lxD43jekBh0ut5xRowQTYPMFrrVVL5w6KsjqlVrNe+btp6GxE2T8Lucrc8h4
Z70pm6NLFli87OzOwiNeimylIac7ZtpboGWwr7UGvcq5lX7xoFJzZisFATMLJ6re
1uzcc4MM5+/SjXWoA4S/QFpJzrX+lepvCh0xIp3p7maLErRkbrVf1bY3+Kx/iA8B
T+BufRsboWZqGBNH75okqdFAe6/VYxVGx0TYwG1TSV2QrbCsAeqM/Z7r71VuJs8m
ZrkJ5MCxFpTfU4rWks/OP8j6d3Q1kMOm8JawV5TmKiyL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:51 2025 by rpki-client