Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/4NSbYzOnNwFwa8tHcRcWTT1nkDU.roa
File: 4NSbYzOnNwFwa8tHcRcWTT1nkDU.roa (raw, json)
Hash identifier: cyX2rlByX6eHpe0qmaHn373Vp7rbaY5AOaviuZsyHyc=
Subject key identifier: E0:D4:9B:63:33:A7:37:01:70:6B:CB:47:71:17:16:4D:3D:67:90:35
Certificate issuer: /CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Certificate serial: 018853CB2E7A1BE8E33FE065521D32EC86D7
Authority key identifier: A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/4NSbYzOnNwFwa8tHcRcWTT1nkDU.roa
Signing time: Thu 25 May 2023 16:43:24 +0000
ROA not before: Thu 25 May 2023 16:43:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212655
IP address blocks: 185.154.144.0/22 maxlen: 22
193.28.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:cb:2e:7a:1b:e8:e3:3f:e0:65:52:1d:32:ec:86:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Validity
Not Before: May 25 16:43:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0d49b6333a73701706bcb477117164d3d679035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:81:b5:4e:77:d7:95:3f:2c:f8:af:09:35:bb:
83:2c:68:25:ca:1c:66:56:fa:5c:46:e4:5c:a0:35:
dc:da:64:47:37:a3:84:aa:bc:29:ee:00:de:e2:38:
7b:23:f2:eb:40:3a:f9:da:73:89:90:1b:01:24:e1:
25:12:45:f6:fe:c4:38:43:b4:4a:1a:8e:92:e6:2b:
26:15:07:2c:b1:7d:6d:0d:99:40:08:0e:b1:b3:73:
a4:23:2c:ba:e4:af:dd:f3:9d:4b:64:fc:f3:ca:71:
bd:5a:97:89:d7:0e:c3:2d:86:94:93:76:9e:f2:9c:
ff:54:f3:4f:98:7a:7f:72:eb:3e:fc:aa:0a:f8:9d:
0b:38:e5:00:29:09:6c:14:8e:67:23:83:db:ca:68:
c9:2d:86:3d:99:7d:4d:a0:c8:a5:1d:7a:dd:16:1f:
13:c9:fd:22:76:04:40:43:11:36:93:ec:50:b8:4f:
62:cc:ff:62:d8:22:4f:8b:f2:01:75:3d:c1:e4:e1:
6c:9a:0d:84:ad:01:ec:88:b2:1f:c9:d8:a1:19:2f:
3c:7b:bd:d8:10:9c:5d:9a:39:c5:64:c8:7f:a2:bf:
c5:f1:fd:3e:14:28:5a:29:ac:65:a4:94:50:9a:4b:
80:08:d3:c8:54:70:6e:d9:ec:75:e8:a4:1d:4e:3b:
63:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D4:9B:63:33:A7:37:01:70:6B:CB:47:71:17:16:4D:3D:67:90:35
X509v3 Authority Key Identifier:
keyid:A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/4NSbYzOnNwFwa8tHcRcWTT1nkDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.144.0/22
193.28.90.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:5c:b1:72:b1:59:c8:84:b2:81:fb:85:ec:c2:55:d9:d2:d3:
48:7c:1e:26:18:5e:2f:87:bc:2e:07:3d:af:6e:5d:aa:ac:95:
ee:60:78:ec:36:bb:35:39:3d:97:7d:59:07:2b:d2:d8:61:7e:
a7:e4:91:ef:d4:3f:65:5c:ef:4b:a9:c2:8f:f8:ab:47:c0:bd:
7e:f9:c1:6c:d8:d7:f9:6e:5b:91:53:c2:92:b0:69:d6:ee:2d:
08:03:93:d7:de:ed:6f:93:37:f7:6a:eb:40:f2:45:1a:5d:63:
23:6d:e2:65:eb:30:91:bc:9e:7a:f6:eb:ad:43:9d:6d:60:7f:
23:e6:75:6f:bf:3a:c4:4e:9a:57:5a:81:06:96:18:64:2c:11:
9f:06:c1:b3:47:2b:41:6d:b0:c5:52:b7:4c:c9:5c:fb:81:97:
88:1d:d5:16:a8:4a:fb:80:32:43:49:b3:95:ab:4d:71:63:09:
85:82:7f:ea:43:67:71:ac:7f:e1:c0:a7:60:e7:c0:58:09:0d:
a2:3e:32:c4:8b:71:e1:a4:a4:c1:70:6e:e5:d4:83:ed:ac:5b:
ac:7d:a0:02:c9:8b:8e:c0:d9:14:53:c8:86:d1:19:3e:d9:02:
9b:3f:09:5c:b3:e0:9c:ce:be:6f:ae:06:a8:b2:ff:31:02:01:
45:69:68:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhTyy56G+jjP+BlUh0y7IbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OTljZmZhNmU0OGZhMmM0ZjhkMDk4MDMzOTZiNDU3YTYz
MGEzM2QwHhcNMjMwNTI1MTY0MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ0OWI2MzMzYTczNzAxNzA2YmNiNDc3MTE3MTY0ZDNkNjc5MDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4G1TnfXlT8s+K8JNbuDLGglyhxm
VvpcRuRcoDXc2mRHN6OEqrwp7gDe4jh7I/LrQDr52nOJkBsBJOElEkX2/sQ4Q7RK
Go6S5ismFQcssX1tDZlACA6xs3OkIyy65K/d851LZPzzynG9WpeJ1w7DLYaUk3ae
8pz/VPNPmHp/cus+/KoK+J0LOOUAKQlsFI5nI4PbymjJLYY9mX1NoMilHXrdFh8T
yf0idgRAQxE2k+xQuE9izP9i2CJPi/IBdT3B5OFsmg2ErQHsiLIfydihGS88e73Y
EJxdmjnFZMh/or/F8f0+FChaKaxlpJRQmkuACNPIVHBu2ex16KQdTjtjQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFODUm2MzpzcBcGvLR3EXFk09Z5A1MB8GA1UdIwQY
MBaAFKmZz/puSPosT40JgDOWtFemMKM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUt
YjNhNTA5MTBjMmE4LzEvNE5TYll6T25Od0Z3YTh0SGNSY1dUVDFua0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUtYjNhNTA5MTBjMmE4
LzEvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZqQAwQA
wRxaMA0GCSqGSIb3DQEBCwUAA4IBAQCyXLFysVnIhLKB+4XswlXZ0tNIfB4mGF4v
h7wuBz2vbl2qrJXuYHjsNrs1OT2XfVkHK9LYYX6n5JHv1D9lXO9LqcKP+KtHwL1+
+cFs2Nf5bluRU8KSsGnW7i0IA5PX3u1vkzf3autA8kUaXWMjbeJl6zCRvJ569uut
Q51tYH8j5nVvvzrETppXWoEGlhhkLBGfBsGzRytBbbDFUrdMyVz7gZeIHdUWqEr7
gDJDSbOVq01xYwmFgn/qQ2dxrH/hwKdg58BYCQ2iPjLEi3HhpKTBcG7l1IPtrFus
faACyYuOwNkUU8iG0Rk+2QKbPwlcs+Cczr5vrgaosv8xAgFFaWjD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:44 2025 by rpki-client