Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/4Xc8Fny8b21d7wKjYfOGB4PgWdM.roa
File: 4Xc8Fny8b21d7wKjYfOGB4PgWdM.roa (raw, json)
Hash identifier: v27vHSsMKmySC8qSbRVjfN1G6XGu8NWGEhKLvRtjVuk=
Subject key identifier: E1:77:3C:16:7C:BC:6F:6D:5D:EF:02:A3:61:F3:86:07:83:E0:59:D3
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018570B984E0193480BBBF6BCE3BB14B8263
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/4Xc8Fny8b21d7wKjYfOGB4PgWdM.roa
Signing time: Mon 02 Jan 2023 04:24:44 +0000
ROA not before: Mon 02 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207886
IP address blocks: 193.104.67.0/24 maxlen: 24
193.104.7.0/24 maxlen: 24
193.104.12.0/24 maxlen: 24
193.104.41.0/24 maxlen: 24
2a10:8140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:84:e0:19:34:80:bb:bf:6b:ce:3b:b1:4b:82:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1773c167cbc6f6d5def02a361f3860783e059d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2f:f3:dd:ee:d6:20:1c:da:28:85:64:b4:a2:
d1:dc:ad:8d:93:cd:05:d0:e0:6c:fc:a0:b8:2f:02:
4a:d7:ae:21:79:07:fa:22:e8:1a:13:b9:ff:87:f4:
20:dc:cf:ea:48:e4:5d:03:f5:d4:2a:21:92:82:f1:
81:5d:34:48:d0:d9:1d:93:aa:2f:0b:18:9f:48:e0:
0a:af:9f:38:54:90:e5:f2:af:8a:aa:82:0a:da:a0:
81:7b:cb:5b:d0:95:24:6f:e7:d2:b5:36:28:96:59:
0b:de:2a:55:46:0d:00:c1:9f:c4:78:b2:dd:fb:ef:
f3:76:af:24:27:c8:01:4a:ca:bb:b8:4a:ea:bb:11:
99:38:f8:ef:ae:4b:41:16:64:db:7b:ed:3b:18:76:
04:21:f1:bf:42:c9:e0:40:cb:13:e9:1e:5b:c4:99:
2d:7a:31:52:fc:e9:6a:c8:39:9c:3f:46:eb:08:86:
ca:3d:91:a3:a9:30:e3:60:fc:a7:84:10:df:be:8f:
d2:ee:60:de:99:79:98:49:11:93:bb:30:10:8a:f3:
e1:60:02:a1:47:ec:ef:5b:c2:a1:aa:09:f5:a6:f3:
cc:ac:73:ab:93:6a:85:a7:b8:90:90:0b:4e:31:3f:
a2:85:f4:e3:e9:ac:91:b1:b1:e2:0e:e1:23:4c:ea:
10:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:77:3C:16:7C:BC:6F:6D:5D:EF:02:A3:61:F3:86:07:83:E0:59:D3
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/4Xc8Fny8b21d7wKjYfOGB4PgWdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.7.0/24
193.104.12.0/24
193.104.41.0/24
193.104.67.0/24
IPv6:
2a10:8140::/29
Signature Algorithm: sha256WithRSAEncryption
52:69:9d:6b:8f:46:39:a5:cf:91:d9:77:e7:53:1f:c7:69:d9:
71:5d:43:07:d8:21:31:be:44:e7:fd:50:26:c7:b1:e0:de:b1:
c2:ab:94:93:dc:8e:cb:a6:32:1d:00:59:b6:1c:f6:87:cc:9b:
9d:9d:2f:1b:52:ea:71:b2:73:53:13:5b:72:1e:5c:94:60:24:
7c:db:98:2f:c0:e2:99:83:5d:0f:bd:03:65:5f:c5:72:68:a2:
ef:3e:ac:71:d8:6e:09:07:33:23:a7:14:a2:8c:ee:a7:f1:dc:
63:6f:74:56:15:ef:bb:77:65:dc:7d:16:31:b3:57:61:20:1d:
2c:e6:71:0f:17:ce:43:12:4c:2b:9e:94:44:ab:6e:ef:a1:e1:
0c:29:51:92:01:e5:06:12:b3:c5:08:06:8d:ec:ef:25:ed:03:
ff:07:52:bf:db:98:a9:4f:cc:fd:3b:7d:44:b4:d3:0e:28:69:
d3:a0:4c:69:0f:46:f9:34:d9:cd:f1:ec:39:09:bc:05:d5:91:
b7:13:3b:f3:8e:e6:0c:ce:25:a7:c2:df:20:82:03:15:be:28:
a8:1c:db:35:cc:fa:8f:ac:f4:89:46:78:db:84:f4:07:c8:7d:
6e:8e:b3:71:e6:c6:39:ef:95:12:cd:f2:03:1e:a6:4f:91:09:
03:fc:3e:6b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwuYTgGTSAu79rzjuxS4JjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwMTAyMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc3M2MxNjdjYmM2ZjZkNWRlZjAyYTM2MWYzODYwNzgzZTA1OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni/z3e7WIBzaKIVktKLR3K2Nk80F
0OBs/KC4LwJK164heQf6IugaE7n/h/Qg3M/qSORdA/XUKiGSgvGBXTRI0Nkdk6ov
CxifSOAKr584VJDl8q+KqoIK2qCBe8tb0JUkb+fStTYollkL3ipVRg0AwZ/EeLLd
++/zdq8kJ8gBSsq7uErquxGZOPjvrktBFmTbe+07GHYEIfG/QsngQMsT6R5bxJkt
ejFS/OlqyDmcP0brCIbKPZGjqTDjYPynhBDfvo/S7mDemXmYSRGTuzAQivPhYAKh
R+zvW8Khqgn1pvPMrHOrk2qFp7iQkAtOMT+ihfTj6ayRsbHiDuEjTOoQ/wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOF3PBZ8vG9tXe8Co2HzhgeD4FnTMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvNFhjOEZueThiMjFkN3dLallmT0dCNFBnV2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwWgHAwQA
wWgMAwQAwWgpAwQAwWhDMA0EAgACMAcDBQMqEIFAMA0GCSqGSIb3DQEBCwUAA4IB
AQBSaZ1rj0Y5pc+R2XfnUx/HadlxXUMH2CExvkTn/VAmx7Hg3rHCq5ST3I7LpjId
AFm2HPaHzJudnS8bUupxsnNTE1tyHlyUYCR825gvwOKZg10PvQNlX8VyaKLvPqxx
2G4JBzMjpxSijO6n8dxjb3RWFe+7d2XcfRYxs1dhIB0s5nEPF85DEkwrnpREq27v
oeEMKVGSAeUGErPFCAaN7O8l7QP/B1K/25ipT8z9O31EtNMOKGnToExpD0b5NNnN
8ew5CbwF1ZG3EzvzjuYMziWnwt8gggMVviioHNs1zPqPrPSJRnjbhPQHyH1ujrNx
5sY575USzfIDHqZPkQkD/D5r
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:49:33 2025 by rpki-client