Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/lVpMQzkMb_8voVM8oGzvhjzF8eY.roa
File: lVpMQzkMb_8voVM8oGzvhjzF8eY.roa (raw, json)
Hash identifier: jP9ufxSEapAyeDi602ogV8s2svzHEAVh1gG8vu5i5wk=
Subject key identifier: 95:5A:4C:43:39:0C:6F:FF:2F:A1:53:3C:A0:6C:EF:86:3C:C5:F1:E6
Certificate issuer: /CN=b8232d19dd81d45c25923aeb4d9a9685879aefa6
Certificate serial: 01856FE70F49E53353BF0EC912C8114DEBEC
Authority key identifier: B8:23:2D:19:DD:81:D4:5C:25:92:3A:EB:4D:9A:96:85:87:9A:EF:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCMtGd2B1FwlkjrrTZqWhYea76Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/lVpMQzkMb_8voVM8oGzvhjzF8eY.roa
Signing time: Mon 02 Jan 2023 00:34:51 +0000
ROA not before: Mon 02 Jan 2023 00:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 193.17.232.0/22 maxlen: 22
193.17.240.0/23 maxlen: 23
193.17.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:0f:49:e5:33:53:bf:0e:c9:12:c8:11:4d:eb:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8232d19dd81d45c25923aeb4d9a9685879aefa6
Validity
Not Before: Jan 2 00:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=955a4c43390c6fff2fa1533ca06cef863cc5f1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:11:90:82:80:52:e9:c8:0d:d6:89:8a:3b:
db:b2:b8:96:3a:d7:85:95:dd:50:20:f9:da:59:5d:
f3:c0:0d:01:81:fb:da:3c:0f:8b:60:93:56:42:db:
88:e9:91:e0:b7:bb:b1:f1:1a:6f:bc:9e:9a:d8:ef:
0b:d5:9a:56:a8:67:d8:8b:81:af:6d:25:d9:6c:1c:
44:e0:67:33:59:95:f6:93:6a:bf:f8:1f:75:b9:4f:
b2:44:fd:0c:ba:12:eb:eb:c7:a3:c5:65:06:1b:7a:
70:8f:81:a4:2c:56:f3:d8:8e:a6:33:05:be:06:c5:
9b:45:bb:94:d8:fe:57:43:54:6b:3c:3d:86:9d:ae:
84:29:28:47:22:11:43:e1:a2:da:b0:31:5d:49:cb:
1e:4f:4e:61:7d:00:aa:41:bb:0e:f2:8b:e3:63:84:
62:9e:86:b2:24:86:c5:d4:d7:7b:35:f7:96:17:8f:
28:8d:65:19:72:ac:3f:40:2b:d8:81:9b:1e:29:f5:
a8:c2:93:3f:34:f9:13:96:1c:22:b9:08:6f:e4:5b:
00:70:cc:f8:c1:e3:03:6c:29:4b:1c:d3:bf:44:8f:
9d:a1:3c:1c:e7:a2:0d:d5:85:a8:9d:76:37:a4:7c:
13:38:9b:cd:21:9b:e8:4d:11:b3:92:7d:06:74:3d:
cb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5A:4C:43:39:0C:6F:FF:2F:A1:53:3C:A0:6C:EF:86:3C:C5:F1:E6
X509v3 Authority Key Identifier:
keyid:B8:23:2D:19:DD:81:D4:5C:25:92:3A:EB:4D:9A:96:85:87:9A:EF:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCMtGd2B1FwlkjrrTZqWhYea76Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/lVpMQzkMb_8voVM8oGzvhjzF8eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/uCMtGd2B1FwlkjrrTZqWhYea76Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.232.0-193.17.241.255
Signature Algorithm: sha256WithRSAEncryption
b3:2a:f5:6a:03:94:b6:1c:85:8a:93:15:63:b6:e5:85:32:95:
6b:bf:12:3a:1e:e4:76:6c:1f:4b:f1:68:48:38:36:81:53:7f:
a4:e4:c6:de:62:b3:a5:f4:57:7a:f0:5d:e7:65:d6:5b:ff:f7:
a6:a5:20:17:77:7e:f9:65:b2:11:4b:c0:2c:17:a9:17:b2:16:
58:40:c6:ab:ad:3c:e9:fb:f9:49:77:76:70:84:e7:8c:3e:4c:
e7:bb:20:4d:25:90:8e:8b:86:1a:d1:7f:2b:19:d9:42:81:89:
fd:8e:5e:0d:7b:75:d4:f5:01:4b:02:8a:39:f0:04:ef:f9:68:
a0:1c:b8:8e:d7:1b:79:0f:3c:13:5a:b7:48:28:bd:b3:b5:73:
b4:27:52:da:1d:4a:e1:da:57:e3:58:3a:84:ac:e1:c5:07:42:
11:84:0d:8d:01:1b:3a:f9:08:7d:1d:82:17:a7:74:15:c7:97:
ea:1e:c9:1f:8f:e6:ec:2c:69:6e:13:ab:ba:16:37:e3:7b:87:
86:84:45:e3:bf:7f:2b:0e:fc:54:68:d6:8e:49:c5:fb:95:6f:
81:7e:1e:c1:3f:08:eb:16:d5:3d:7c:b1:99:ea:94:99:13:2a:
08:8f:4c:ca:d4:d0:5c:e0:b7:fc:ac:b3:28:00:ad:f7:bf:16:
18:7d:12:17
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVv5w9J5TNTvw7JEsgRTevsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MjMyZDE5ZGQ4MWQ0NWMyNTkyM2FlYjRkOWE5Njg1ODc5
YWVmYTYwHhcNMjMwMTAyMDAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVhNGM0MzM5MGM2ZmZmMmZhMTUzM2NhMDZjZWY4NjNjYzVmMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHoRkIKAUunIDdaJijvbsriWOteF
ld1QIPnaWV3zwA0BgfvaPA+LYJNWQtuI6ZHgt7ux8RpvvJ6a2O8L1ZpWqGfYi4Gv
bSXZbBxE4GczWZX2k2q/+B91uU+yRP0MuhLr68ejxWUGG3pwj4GkLFbz2I6mMwW+
BsWbRbuU2P5XQ1RrPD2Gna6EKShHIhFD4aLasDFdScseT05hfQCqQbsO8ovjY4Ri
noayJIbF1Nd7NfeWF48ojWUZcqw/QCvYgZseKfWowpM/NPkTlhwiuQhv5FsAcMz4
weMDbClLHNO/RI+doTwc56IN1YWonXY3pHwTOJvNIZvoTRGzkn0GdD3LlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJVaTEM5DG//L6FTPKBs74Y8xfHmMB8GA1UdIwQY
MBaAFLgjLRndgdRcJZI6602aloWHmu+mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUNNdEdkMkIxRndsa2pyclRacVdoWWVhNzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8zZmE3MTgtOTBjNS00MjZjLWI4NWYt
MWRmMDllNzAxNDM0LzEvbFZwTVF6a01iXzh2b1ZNOG9HenZoanpGOGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8zZmE3MTgtOTBjNS00MjZjLWI4NWYtMWRmMDllNzAxNDM0
LzEvdUNNdEdkMkIxRndsa2pyclRacVdoWWVhNzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPBEegD
BAHBEfAwDQYJKoZIhvcNAQELBQADggEBALMq9WoDlLYchYqTFWO25YUylWu/Ejoe
5HZsH0vxaEg4NoFTf6Tkxt5is6X0V3rwXedl1lv/96alIBd3fvllshFLwCwXqRey
FlhAxqutPOn7+Ul3dnCE54w+TOe7IE0lkI6LhhrRfysZ2UKBif2OXg17ddT1AUsC
ijnwBO/5aKAcuI7XG3kPPBNat0govbO1c7QnUtodSuHaV+NYOoSs4cUHQhGEDY0B
Gzr5CH0dghendBXHl+oeyR+P5uwsaW4Tq7oWN+N7h4aEReO/fysO/FRo1o5JxfuV
b4F+HsE/COsW1T18sZnqlJkTKgiPTMrU0Fzgt/yssygArfe/Fhh9Ehc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:06 2025 by rpki-client