Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/EYiJ2SJNijpexEMMaUiLRaLreL8.roa
File: EYiJ2SJNijpexEMMaUiLRaLreL8.roa (raw, json)
Hash identifier: j8nsBP+zIs0XJf9BT9sHXoGB3JqowUDw9M2taJGhltc=
Subject key identifier: 11:88:89:D9:22:4D:8A:3A:5E:C4:43:0C:69:48:8B:45:A2:EB:78:BF
Certificate issuer: /CN=e43f91b02152882bf9605d76bea421aa0bd4e628
Certificate serial: 018A2C9DE339E6936394E031BCDAC4D82ED4
Authority key identifier: E4:3F:91:B0:21:52:88:2B:F9:60:5D:76:BE:A4:21:AA:0B:D4:E6:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D-RsCFSiCv5YF12vqQhqgvU5ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/EYiJ2SJNijpexEMMaUiLRaLreL8.roa
Signing time: Fri 25 Aug 2023 12:14:19 +0000
ROA not before: Fri 25 Aug 2023 12:14:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212766
IP address blocks: 193.163.116.0/24 maxlen: 24
2a11:e340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:9d:e3:39:e6:93:63:94:e0:31:bc:da:c4:d8:2e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f91b02152882bf9605d76bea421aa0bd4e628
Validity
Not Before: Aug 25 12:14:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=118889d9224d8a3a5ec4430c69488b45a2eb78bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a8:c8:c8:dd:2d:27:1c:7d:b2:1e:fc:42:03:
ab:c1:5a:7d:9d:4c:59:5b:14:b3:29:4a:4c:73:5b:
fa:66:65:33:66:e5:d8:6a:24:7c:ee:a5:9a:84:19:
63:17:f1:7c:34:e8:33:cf:f3:5f:29:6a:bc:bd:ae:
7d:6c:d2:db:1d:04:f1:8d:52:4b:41:86:15:60:91:
d1:82:0c:69:86:11:ea:37:c4:61:cb:f5:18:80:52:
e9:d1:d7:a1:fe:df:12:79:0f:2b:76:5b:93:ad:b4:
19:f6:7a:4f:86:bd:18:8d:d7:28:f6:34:2a:76:24:
1c:0b:a3:eb:99:ab:4a:8f:54:41:28:f0:cc:ef:37:
a6:92:28:45:f5:6d:81:5f:ef:7a:62:07:e7:84:68:
63:df:75:78:bf:0a:b4:3a:33:77:26:c8:2a:87:83:
a4:cb:5c:74:0d:ca:70:12:0a:60:16:24:d9:ec:74:
94:13:99:df:cb:ed:bd:0f:15:20:9f:d8:6d:12:be:
d1:1a:d2:08:77:ba:f9:ac:d9:cb:af:4b:25:40:89:
95:66:64:93:d1:74:34:3e:3c:ff:cd:87:4d:bd:e7:
83:e4:0c:2d:8d:8b:33:f1:b6:d5:5c:e1:77:c8:39:
56:34:44:ab:92:0c:6b:8d:da:76:ba:c8:c5:14:49:
0f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:88:89:D9:22:4D:8A:3A:5E:C4:43:0C:69:48:8B:45:A2:EB:78:BF
X509v3 Authority Key Identifier:
keyid:E4:3F:91:B0:21:52:88:2B:F9:60:5D:76:BE:A4:21:AA:0B:D4:E6:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D-RsCFSiCv5YF12vqQhqgvU5ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/EYiJ2SJNijpexEMMaUiLRaLreL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/5D-RsCFSiCv5YF12vqQhqgvU5ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.116.0/24
IPv6:
2a11:e340::/29
Signature Algorithm: sha256WithRSAEncryption
77:13:d3:c6:bb:4d:38:cc:0e:a6:6d:70:33:e9:c5:97:51:9a:
19:88:27:ac:3c:9a:9e:70:b4:b0:52:ea:34:35:24:0e:26:ae:
50:c4:c6:3e:ac:57:f9:16:42:86:77:57:54:4b:94:d3:55:11:
03:18:91:10:08:a1:5d:94:e0:d2:d5:db:f6:f1:59:ab:60:f7:
71:b1:5b:bd:b9:b6:c4:2b:d1:e9:16:e3:c6:c8:cf:19:a0:fe:
89:a9:cd:5e:ed:d6:dd:77:6c:c4:bd:dd:b7:2e:46:95:5c:ce:
8a:18:20:48:91:70:af:4e:18:f5:dc:3c:38:88:aa:dd:53:1e:
89:9e:e8:a5:8e:94:d4:53:28:0e:3a:8d:00:c6:ea:ba:ff:09:
79:cc:c5:8e:e0:59:e8:ac:c7:dd:39:a9:be:e9:14:f1:7d:f3:
29:0c:5b:ac:66:c4:ff:0d:2b:0f:54:c5:be:81:2c:6c:fb:c0:
ba:1f:05:b6:ff:f9:00:82:63:13:44:aa:74:0b:50:95:71:12:
22:11:bc:9e:9c:c2:d7:91:8d:2d:d5:2a:03:78:c0:f5:cc:2e:
71:13:8f:dc:c8:de:52:66:9c:75:3b:cc:42:74:d1:c6:08:bf:
53:f6:ee:28:b7:d8:6a:4f:2e:85:26:e9:ca:b1:a9:d3:47:70:
8a:4a:d3:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYosneM55pNjlOAxvNrE2C7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2Y5MWIwMjE1Mjg4MmJmOTYwNWQ3NmJlYTQyMWFhMGJk
NGU2MjgwHhcNMjMwODI1MTIxNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTg4ODlkOTIyNGQ4YTNhNWVjNDQzMGM2OTQ4OGI0NWEyZWI3OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqjIyN0tJxx9sh78QgOrwVp9nUxZ
WxSzKUpMc1v6ZmUzZuXYaiR87qWahBljF/F8NOgzz/NfKWq8va59bNLbHQTxjVJL
QYYVYJHRggxphhHqN8Rhy/UYgFLp0deh/t8SeQ8rdluTrbQZ9npPhr0Yjdco9jQq
diQcC6PrmatKj1RBKPDM7zemkihF9W2BX+96YgfnhGhj33V4vwq0OjN3Jsgqh4Ok
y1x0DcpwEgpgFiTZ7HSUE5nfy+29DxUgn9htEr7RGtIId7r5rNnLr0slQImVZmST
0XQ0Pjz/zYdNveeD5AwtjYsz8bbVXOF3yDlWNESrkgxrjdp2usjFFEkPuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBGIidkiTYo6XsRDDGlIi0Wi63i/MB8GA1UdIwQY
MBaAFOQ/kbAhUogr+WBddr6kIaoL1OYoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQtUnNDRlNpQ3Y1WUYxMnZxUWhxZ3ZVNWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8zMzRjNTYtMmU2OS00ZGEyLWIwMWQt
MDMwODAyNjQxYzY3LzEvRVlpSjJTSk5panBleEVNTWFVaUxSYUxyZUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8zMzRjNTYtMmU2OS00ZGEyLWIwMWQtMDMwODAyNjQxYzY3
LzEvNUQtUnNDRlNpQ3Y1WUYxMnZxUWhxZ3ZVNWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaN0MA0E
AgACMAcDBQMqEeNAMA0GCSqGSIb3DQEBCwUAA4IBAQB3E9PGu004zA6mbXAz6cWX
UZoZiCesPJqecLSwUuo0NSQOJq5QxMY+rFf5FkKGd1dUS5TTVREDGJEQCKFdlODS
1dv28VmrYPdxsVu9ubbEK9HpFuPGyM8ZoP6Jqc1e7dbdd2zEvd23LkaVXM6KGCBI
kXCvThj13Dw4iKrdUx6JnuiljpTUUygOOo0Axuq6/wl5zMWO4FnorMfdOam+6RTx
ffMpDFusZsT/DSsPVMW+gSxs+8C6HwW2//kAgmMTRKp0C1CVcRIiEbyenMLXkY0t
1SoDeMD1zC5xE4/cyN5SZpx1O8xCdNHGCL9T9u4ot9hqTy6FJunKsanTR3CKStPg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:03 2025 by rpki-client