Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/EdOe1_oXgQ2wMmLC0qmKvUXE6D8.roa
File: EdOe1_oXgQ2wMmLC0qmKvUXE6D8.roa (raw, json)
Hash identifier: YQwZPLxEH8ff/Sy89P+KeZlB/H6LokrNjH0sy+UW1Hc=
Subject key identifier: 11:D3:9E:D7:FA:17:81:0D:B0:32:62:C2:D2:A9:8A:BD:45:C4:E8:3F
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 0189300C2AD7FF109258446813EC732CC082
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/EdOe1_oXgQ2wMmLC0qmKvUXE6D8.roa
Signing time: Fri 07 Jul 2023 11:10:51 +0000
ROA not before: Fri 07 Jul 2023 11:10:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211360
IP address blocks: 193.84.108.0/24 maxlen: 24
2a10:ba80::/29 maxlen: 29
2a10:ba80::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:0c:2a:d7:ff:10:92:58:44:68:13:ec:73:2c:c0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jul 7 11:10:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11d39ed7fa17810db03262c2d2a98abd45c4e83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e2:c2:84:d2:3d:39:bd:cb:c4:35:9e:8f:bd:
58:ef:42:2c:8e:b2:82:a4:6a:f8:c8:cd:bd:0d:60:
f5:c9:50:61:2f:9d:b6:9c:eb:17:3c:21:82:00:13:
c7:c1:52:2c:5b:a0:19:49:60:a0:b9:d7:79:dc:b6:
2a:8a:f3:4a:61:eb:1f:53:63:cb:79:88:3a:3a:23:
a9:3e:5b:94:02:c0:58:58:b6:8f:96:00:ef:37:96:
a0:a1:69:1d:88:12:96:d1:c4:95:b7:cd:2b:c2:9b:
be:6d:11:cf:5a:4f:cd:cc:ce:c6:dd:57:da:3c:6e:
4c:db:af:50:38:87:26:c9:be:0e:81:5f:c0:f5:08:
dd:c4:38:fd:ab:64:56:65:a4:08:21:51:9d:be:1e:
bf:30:0c:86:f5:77:58:62:05:4d:bf:22:b5:3c:98:
17:c3:45:72:b4:36:20:0e:2d:01:4b:b9:af:fa:5a:
ce:67:51:cd:70:a2:e6:3d:7d:ee:1d:71:26:d7:56:
a8:74:ce:12:ba:51:e4:9b:e9:78:5b:3a:aa:f9:24:
3e:69:00:dd:cb:f0:d3:91:6a:f2:1f:eb:66:e0:9f:
8f:22:65:fd:b3:ab:d2:88:23:9c:76:69:a8:ca:0f:
d1:1e:15:58:7a:9d:92:42:ed:0f:9e:13:d2:b4:e8:
fe:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D3:9E:D7:FA:17:81:0D:B0:32:62:C2:D2:A9:8A:BD:45:C4:E8:3F
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/EdOe1_oXgQ2wMmLC0qmKvUXE6D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.108.0/24
IPv6:
2a10:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
b2:4b:4f:d6:cd:db:e0:83:d8:51:af:7a:ed:14:fe:44:6d:79:
d4:d1:24:5d:1c:21:b9:ef:8f:67:b3:0a:0e:9e:54:44:80:03:
17:60:d8:0d:63:dc:df:cd:bd:42:c7:2b:d3:93:39:ed:db:56:
ef:e0:a4:e5:fb:42:e6:09:62:cf:27:be:c5:c7:0c:69:7f:ff:
28:99:a0:0e:e8:1d:82:11:16:ac:e0:f7:ff:3e:c1:be:10:4f:
7d:a0:31:93:d8:8c:a8:90:d3:35:cc:4c:26:16:5e:e9:61:c6:
47:ee:55:48:56:92:96:36:0f:a4:54:08:a2:d9:ad:08:58:a0:
c6:71:28:3e:4f:c2:d7:7b:20:53:d9:f7:b4:7d:ff:ae:a9:5e:
b3:a1:3b:71:4e:c8:de:ea:94:f2:0b:7a:d3:8f:58:c6:d7:22:
1f:f5:39:f5:26:3a:77:24:f3:ad:52:b9:ff:aa:a6:5c:69:55:
2e:ca:31:27:7a:3f:7e:3e:f8:8d:35:dd:68:30:78:ba:9d:3d:
9e:73:ed:9f:d8:91:14:3a:da:b8:49:9b:c2:07:0b:89:30:39:
5e:d1:84:a2:c4:a4:7e:0e:90:7b:2a:d6:f1:90:9b:c7:b3:cb:
61:1b:7c:74:c3:12:8f:cc:55:a5:45:52:cb:63:cb:ea:6b:25:
95:f9:47:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkwDCrX/xCSWERoE+xzLMCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjMwNzA3MTExMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQzOWVkN2ZhMTc4MTBkYjAzMjYyYzJkMmE5OGFiZDQ1YzRlODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OLChNI9Ob3LxDWej71Y70IsjrKC
pGr4yM29DWD1yVBhL522nOsXPCGCABPHwVIsW6AZSWCgudd53LYqivNKYesfU2PL
eYg6OiOpPluUAsBYWLaPlgDvN5agoWkdiBKW0cSVt80rwpu+bRHPWk/NzM7G3Vfa
PG5M269QOIcmyb4OgV/A9QjdxDj9q2RWZaQIIVGdvh6/MAyG9XdYYgVNvyK1PJgX
w0VytDYgDi0BS7mv+lrOZ1HNcKLmPX3uHXEm11aodM4SulHkm+l4Wzqq+SQ+aQDd
y/DTkWryH+tm4J+PImX9s6vSiCOcdmmoyg/RHhVYep2SQu0PnhPStOj+8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBHTntf6F4ENsDJiwtKpir1FxOg/MB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvRWRPZTFfb1hnUTJ3TW1MQzBxbUt2VVhFNkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwVRsMA0E
AgACMAcDBQMqELqAMA0GCSqGSIb3DQEBCwUAA4IBAQCyS0/Wzdvgg9hRr3rtFP5E
bXnU0SRdHCG5749nswoOnlREgAMXYNgNY9zfzb1CxyvTkznt21bv4KTl+0LmCWLP
J77Fxwxpf/8omaAO6B2CERas4Pf/PsG+EE99oDGT2IyokNM1zEwmFl7pYcZH7lVI
VpKWNg+kVAii2a0IWKDGcSg+T8LXeyBT2fe0ff+uqV6zoTtxTsje6pTyC3rTj1jG
1yIf9Tn1Jjp3JPOtUrn/qqZcaVUuyjEnej9+PviNNd1oMHi6nT2ec+2f2JEUOtq4
SZvCBwuJMDle0YSixKR+DpB7KtbxkJvHs8thG3x0wxKPzFWlRVLLY8vqayWV+UeD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:15 2025 by rpki-client