Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/lQ8cUtkXBKghB81iyKUQFcWaHaA.roa
File: lQ8cUtkXBKghB81iyKUQFcWaHaA.roa (raw, json)
Hash identifier: GOixBdlZJ8wIGKjEZyqtC5aWp8PIMypQBK0aUFDMVYc=
Subject key identifier: 95:0F:1C:52:D9:17:04:A8:21:07:CD:62:C8:A5:10:15:C5:9A:1D:A0
Certificate issuer: /CN=58a86a6c71fb734c705b5e66e74ac1c56bb9605e
Certificate serial: 01856C81365FD00F52234B0CD432C8A38569
Authority key identifier: 58:A8:6A:6C:71:FB:73:4C:70:5B:5E:66:E7:4A:C1:C5:6B:B9:60:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKhqbHH7c0xwW15m50rBxWu5YF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/lQ8cUtkXBKghB81iyKUQFcWaHaA.roa
Signing time: Sun 01 Jan 2023 08:44:45 +0000
ROA not before: Sun 01 Jan 2023 08:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57022
IP address blocks: 193.35.28.0/23 maxlen: 23
193.35.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:36:5f:d0:0f:52:23:4b:0c:d4:32:c8:a3:85:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58a86a6c71fb734c705b5e66e74ac1c56bb9605e
Validity
Not Before: Jan 1 08:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=950f1c52d91704a82107cd62c8a51015c59a1da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:41:f1:f5:ca:39:b4:66:24:a7:42:6b:73:f2:
bc:28:34:5c:d2:a6:93:35:8e:c8:d4:fd:51:3b:a9:
57:0c:bc:1b:62:18:a0:d7:d4:a4:b7:14:79:7d:b9:
64:1c:6b:ee:e7:5d:38:ed:b7:a8:05:84:05:6b:0d:
ac:f9:19:1e:dc:ff:9b:5f:24:a1:33:12:91:64:40:
88:c5:10:1d:2e:08:05:67:4e:13:30:52:4b:38:14:
b5:bb:65:59:89:79:2e:e1:a2:a2:f1:cd:f8:a4:48:
9c:df:7c:a9:f2:1f:b0:fd:d5:14:5f:76:f4:92:9b:
d4:d5:7f:00:d7:3f:8b:23:d0:37:f4:2d:f6:05:f7:
f3:58:fe:45:c8:f4:75:a2:59:7c:f4:60:57:e7:65:
e4:49:e5:23:f5:5f:44:6c:0c:8a:b2:75:27:ca:91:
24:29:c0:bc:6a:58:e4:72:70:0f:fc:22:87:15:34:
3c:78:9f:f7:5e:d9:1e:7f:40:e8:09:de:76:3e:68:
e6:c8:e3:7e:56:16:95:e8:ec:d4:d7:f4:99:c9:ff:
a6:e3:4b:b7:f5:51:9f:be:92:7d:47:d3:d3:62:23:
98:61:b8:b3:05:39:3a:5c:ab:ce:90:4a:ad:a6:45:
8c:8e:ff:9e:39:ad:a3:a0:58:d9:89:22:ff:52:1c:
5b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0F:1C:52:D9:17:04:A8:21:07:CD:62:C8:A5:10:15:C5:9A:1D:A0
X509v3 Authority Key Identifier:
keyid:58:A8:6A:6C:71:FB:73:4C:70:5B:5E:66:E7:4A:C1:C5:6B:B9:60:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKhqbHH7c0xwW15m50rBxWu5YF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/lQ8cUtkXBKghB81iyKUQFcWaHaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/WKhqbHH7c0xwW15m50rBxWu5YF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.28.0-193.35.30.255
Signature Algorithm: sha256WithRSAEncryption
9f:2d:07:c0:cc:ed:dc:c3:c8:15:cd:24:9c:a8:9f:ef:b1:ee:
9b:e1:82:07:7e:b0:04:fc:56:c6:a5:c4:3a:3e:d5:01:78:c5:
c2:1d:03:ff:59:c5:be:02:5c:79:05:66:df:e2:fe:93:a5:43:
b2:3a:2c:5b:4f:e8:09:67:ec:57:a6:1e:51:8b:d6:77:d3:21:
3c:76:d6:d2:9e:19:91:0f:f4:17:19:c5:bf:b1:02:aa:fd:90:
aa:f4:89:ca:c3:3c:c5:65:9b:e1:85:f5:d6:fc:f8:a1:94:78:
1b:25:d0:a0:ff:c8:50:8f:02:2e:b5:ca:b3:13:38:11:d2:54:
a6:b9:92:15:a6:d2:ef:44:00:a5:6c:0f:1b:56:91:3c:79:13:
a5:ad:48:42:4d:73:c0:cb:be:41:32:8e:84:e6:64:ae:6e:b0:
ba:bc:02:b9:67:47:1e:5e:4c:9d:19:4e:b0:58:45:0f:c9:0d:
ca:dc:5d:43:7a:61:a7:af:2a:9a:78:7b:57:39:df:89:e8:17:
03:d3:c2:f8:77:62:3e:75:db:5f:8e:f6:97:9e:41:f3:38:bf:
42:15:a3:89:7b:8b:b9:16:7f:b6:a4:9d:c8:4b:c5:fd:74:ad:
4d:82:8c:ec:ab:c6:61:7d:08:e7:79:a5:73:42:92:ea:1f:a1:
4a:fa:84:0d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsgTZf0A9SI0sM1DLIo4VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTg2YTZjNzFmYjczNGM3MDViNWU2NmU3NGFjMWM1NmJi
OTYwNWUwHhcNMjMwMTAxMDg0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBmMWM1MmQ5MTcwNGE4MjEwN2NkNjJjOGE1MTAxNWM1OWExZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EHx9co5tGYkp0Jrc/K8KDRc0qaT
NY7I1P1RO6lXDLwbYhig19SktxR5fblkHGvu51047beoBYQFaw2s+Rke3P+bXySh
MxKRZECIxRAdLggFZ04TMFJLOBS1u2VZiXku4aKi8c34pEic33yp8h+w/dUUX3b0
kpvU1X8A1z+LI9A39C32BffzWP5FyPR1oll89GBX52XkSeUj9V9EbAyKsnUnypEk
KcC8aljkcnAP/CKHFTQ8eJ/3Xtkef0DoCd52PmjmyON+VhaV6OzU1/SZyf+m40u3
9VGfvpJ9R9PTYiOYYbizBTk6XKvOkEqtpkWMjv+eOa2joFjZiSL/UhxbxwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJUPHFLZFwSoIQfNYsilEBXFmh2gMB8GA1UdIwQY
MBaAFFioamxx+3NMcFteZudKwcVruWBeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tocWJISDdjMHh3VzE1bTUwckJ4V3U1WUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85YzQzNjUtYTk4Zi00M2ZlLTk5NTAt
YTliMTNjMjgwMGFmLzEvbFE4Y1V0a1hCS2doQjgxaXlLVVFGY1dhSGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85YzQzNjUtYTk4Zi00M2ZlLTk5NTAtYTliMTNjMjgwMGFm
LzEvV0tocWJISDdjMHh3VzE1bTUwckJ4V3U1WUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALBIxwD
BADBIx4wDQYJKoZIhvcNAQELBQADggEBAJ8tB8DM7dzDyBXNJJyon++x7pvhggd+
sAT8VsalxDo+1QF4xcIdA/9Zxb4CXHkFZt/i/pOlQ7I6LFtP6Aln7FemHlGL1nfT
ITx21tKeGZEP9BcZxb+xAqr9kKr0icrDPMVlm+GF9db8+KGUeBsl0KD/yFCPAi61
yrMTOBHSVKa5khWm0u9EAKVsDxtWkTx5E6WtSEJNc8DLvkEyjoTmZK5usLq8Arln
Rx5eTJ0ZTrBYRQ/JDcrcXUN6YaevKpp4e1c534noFwPTwvh3Yj5121+O9peeQfM4
v0IVo4l7i7kWf7aknchLxf10rU2CjOyrxmF9COd5pXNCkuofoUr6hA0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:05 2025 by rpki-client