Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/pKPnsStg5DApfI5EqG7dMC2GNqU.roa
File: pKPnsStg5DApfI5EqG7dMC2GNqU.roa (raw, json)
Hash identifier: SyUXYW+ep3sEp3fS9EgeZI2XP+gcQ1yCmtxmcH2b4WQ=
Subject key identifier: A4:A3:E7:B1:2B:60:E4:30:29:7C:8E:44:A8:6E:DD:30:2D:86:36:A5
Certificate issuer: /CN=3432ba1c6d0b02befe68cc94ae9d2de3107a6046
Certificate serial: 01857227E6370FC4B82BCF8953B4C8E998FE
Authority key identifier: 34:32:BA:1C:6D:0B:02:BE:FE:68:CC:94:AE:9D:2D:E3:10:7A:60:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/pKPnsStg5DApfI5EqG7dMC2GNqU.roa
Signing time: Mon 02 Jan 2023 11:04:55 +0000
ROA not before: Mon 02 Jan 2023 11:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 193.218.207.0/28 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:e6:37:0f:c4:b8:2b:cf:89:53:b4:c8:e9:98:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3432ba1c6d0b02befe68cc94ae9d2de3107a6046
Validity
Not Before: Jan 2 11:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4a3e7b12b60e430297c8e44a86edd302d8636a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:af:28:55:35:14:1f:d5:72:ce:2c:1d:aa:
b1:50:33:e4:88:52:b7:66:83:9c:b8:f8:97:e1:a3:
e3:56:3f:90:e0:54:08:91:4c:8f:7d:23:c1:74:6b:
ac:74:80:73:c1:0c:7f:f2:be:8c:db:ab:70:4b:1b:
c2:9f:a5:e9:05:44:37:af:74:24:da:10:a3:9b:8b:
7b:98:aa:ea:90:3f:50:83:d8:22:7f:cf:ce:a6:87:
83:86:1d:47:ab:5a:22:1e:0e:6a:c5:41:31:b3:a7:
ed:fc:76:c6:e8:41:27:e4:24:70:f5:71:fa:06:90:
05:1d:6f:76:96:36:4b:dc:f6:e1:0d:42:90:54:ac:
49:78:9d:ab:12:3b:4c:88:4d:9e:2f:fd:f1:16:8c:
27:fa:51:c6:71:64:79:04:99:e1:f8:39:49:00:8a:
bd:3a:8c:96:05:c5:77:03:1b:e4:d2:a6:03:11:b0:
f8:85:88:11:99:bf:23:b7:7f:69:0c:cc:9b:e6:b5:
48:1a:70:54:8a:4c:8c:06:df:c3:83:0a:fd:68:31:
31:e6:5d:29:af:a3:b3:0d:93:64:eb:0a:85:9f:dc:
9f:df:4f:e6:77:19:87:20:15:b5:25:b4:d8:f9:62:
8a:6b:56:ab:c0:93:7b:b1:2a:f6:b0:d0:4a:44:39:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A3:E7:B1:2B:60:E4:30:29:7C:8E:44:A8:6E:DD:30:2D:86:36:A5
X509v3 Authority Key Identifier:
keyid:34:32:BA:1C:6D:0B:02:BE:FE:68:CC:94:AE:9D:2D:E3:10:7A:60:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/pKPnsStg5DApfI5EqG7dMC2GNqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.207.0/28
Signature Algorithm: sha256WithRSAEncryption
20:d8:e3:6d:8c:e8:a7:83:67:fd:f1:d3:31:17:c8:49:a9:4d:
b1:d2:f6:be:ab:60:dc:b9:f7:26:2a:3b:2f:2d:90:d8:71:ea:
24:af:56:b8:f3:4c:09:41:91:43:f5:01:a7:ae:6d:ea:26:4d:
6a:fb:e8:38:09:a9:00:31:68:d2:48:93:fa:c6:1e:c3:db:cb:
5c:28:9e:3d:08:97:64:d6:5f:20:de:95:11:eb:b0:e8:de:66:
c4:e9:13:0a:76:47:3a:77:02:d1:3c:27:d8:18:10:c3:3c:cb:
61:0a:89:14:75:1c:3f:0c:da:53:f2:c9:b9:de:49:50:b2:7f:
a9:56:f7:4c:bc:a2:d5:33:b6:50:cc:89:76:a0:c0:da:6b:7c:
11:84:a9:93:ff:e3:c9:5e:07:ea:51:d0:c7:94:46:39:2c:1b:
21:11:12:5a:32:30:53:c7:ca:24:59:49:04:7d:50:3c:75:6a:
1e:33:08:22:f6:ba:0d:e5:b1:70:71:7c:c1:33:fe:40:3d:87:
ba:07:38:05:e0:ab:bf:05:ea:73:f7:88:30:72:83:e9:32:9f:
6b:ee:a6:45:69:69:cf:23:55:df:ab:9a:02:be:1c:53:ab:a0:
6b:53:a2:42:12:be:fd:7c:d6:bc:2f:35:e0:b6:b4:b4:13:ca:
fb:1a:26:f3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyJ+Y3D8S4K8+JU7TI6Zj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJiYTFjNmQwYjAyYmVmZTY4Y2M5NGFlOWQyZGUzMTA3
YTYwNDYwHhcNMjMwMTAyMTEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGEzZTdiMTJiNjBlNDMwMjk3YzhlNDRhODZlZGQzMDJkODYzNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTevKFU1FB/Vcs4sHaqxUDPkiFK3
ZoOcuPiX4aPjVj+Q4FQIkUyPfSPBdGusdIBzwQx/8r6M26twSxvCn6XpBUQ3r3Qk
2hCjm4t7mKrqkD9Qg9gif8/OpoeDhh1Hq1oiHg5qxUExs6ft/HbG6EEn5CRw9XH6
BpAFHW92ljZL3PbhDUKQVKxJeJ2rEjtMiE2eL/3xFown+lHGcWR5BJnh+DlJAIq9
OoyWBcV3Axvk0qYDEbD4hYgRmb8jt39pDMyb5rVIGnBUikyMBt/Dgwr9aDEx5l0p
r6OzDZNk6wqFn9yf30/mdxmHIBW1JbTY+WKKa1arwJN7sSr2sNBKRDkCfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKSj57ErYOQwKXyORKhu3TAthjalMB8GA1UdIwQY
MBaAFDQyuhxtCwK+/mjMlK6dLeMQemBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRLNkhHMExBcjctYU15VXJwMHQ0eEI2WUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yNWUxN2ItODI0ZS00ZTdkLWIzZTgt
MjdiODdiZmJlZTdiLzEvcEtQbnNTdGc1REFwZkk1RXFHN2RNQzJHTnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yNWUxN2ItODI0ZS00ZTdkLWIzZTgtMjdiODdiZmJlZTdi
LzEvTkRLNkhHMExBcjctYU15VXJwMHQ0eEI2WUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUEwdrPADAN
BgkqhkiG9w0BAQsFAAOCAQEAINjjbYzop4Nn/fHTMRfISalNsdL2vqtg3Ln3Jio7
Ly2Q2HHqJK9WuPNMCUGRQ/UBp65t6iZNavvoOAmpADFo0kiT+sYew9vLXCiePQiX
ZNZfIN6VEeuw6N5mxOkTCnZHOncC0Twn2BgQwzzLYQqJFHUcPwzaU/LJud5JULJ/
qVb3TLyi1TO2UMyJdqDA2mt8EYSpk//jyV4H6lHQx5RGOSwbIRESWjIwU8fKJFlJ
BH1QPHVqHjMIIva6DeWxcHF8wTP+QD2Hugc4BeCrvwXqc/eIMHKD6TKfa+6mRWlp
zyNV36uaAr4cU6uga1OiQhK+/XzWvC814La0tBPK+xom8w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:37 2025 by rpki-client