Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/lqWLv1aS9leF_siwhIMP-Bclk4I.roa
File: lqWLv1aS9leF_siwhIMP-Bclk4I.roa (raw, json)
Hash identifier: 6rABO9RprIrppiSDZ6a/fU/MrMpHv7mADCZnvBUfKx4=
Subject key identifier: 96:A5:8B:BF:56:92:F6:57:85:FE:C8:B0:84:83:0F:F8:17:25:93:82
Certificate issuer: /CN=29187f811597dd03513be42f43155bc15a3a0b3f
Certificate serial: 0186377965076E886BA8F23B3B4D4B57AFA9
Authority key identifier: 29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/lqWLv1aS9leF_siwhIMP-Bclk4I.roa
Signing time: Thu 09 Feb 2023 18:39:07 +0000
ROA not before: Thu 09 Feb 2023 18:39:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49239
IP address blocks: 193.17.179.0/24 maxlen: 24
193.17.70.0/24 maxlen: 24
193.17.193.0/24 maxlen: 24
193.17.220.0/24 maxlen: 24
2a0f:7540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:37:79:65:07:6e:88:6b:a8:f2:3b:3b:4d:4b:57:af:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29187f811597dd03513be42f43155bc15a3a0b3f
Validity
Not Before: Feb 9 18:39:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96a58bbf5692f65785fec8b084830ff817259382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3f:05:9e:21:7d:9a:da:b4:13:55:2c:f6:0a:
3c:22:8a:13:05:1e:e3:b6:d4:9d:31:59:cd:b9:8c:
2b:b5:2b:42:9f:45:ff:ca:1b:5e:b2:54:8b:74:50:
62:8b:df:bf:bf:f1:15:75:19:47:ad:22:8e:4c:69:
3c:76:4c:2f:a0:28:c0:1f:f1:33:bf:8b:3f:82:54:
2d:08:91:53:aa:07:9c:be:f7:f8:c5:1f:91:01:fe:
2d:15:73:3d:23:b1:ad:5f:9c:11:11:c3:78:bc:b2:
3c:c5:95:af:7f:60:64:d1:43:c2:06:80:f5:23:a7:
28:09:02:a6:8f:8a:64:a1:c3:6b:6d:ee:d6:68:fb:
4b:3f:84:80:be:8b:12:d0:22:9b:87:8b:59:82:b4:
47:89:df:b0:08:65:a8:ed:c9:39:05:3e:9d:39:1e:
49:df:03:25:ce:a1:1c:36:e7:f4:a2:f2:de:20:4f:
c5:a9:99:5e:42:5d:ae:81:67:b0:13:40:81:05:12:
62:d0:89:e6:af:6b:eb:08:5e:3d:63:e2:7b:fc:86:
44:0e:f3:8c:18:80:ae:00:50:b2:6b:52:8a:27:bd:
0b:a5:94:c0:72:56:87:5d:c1:a9:ae:d2:8d:d8:9a:
dc:48:2b:6c:4c:62:1e:30:e2:d9:42:76:ef:c0:1f:
a6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A5:8B:BF:56:92:F6:57:85:FE:C8:B0:84:83:0F:F8:17:25:93:82
X509v3 Authority Key Identifier:
keyid:29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/lqWLv1aS9leF_siwhIMP-Bclk4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.70.0/24
193.17.179.0/24
193.17.193.0/24
193.17.220.0/24
IPv6:
2a0f:7540::/29
Signature Algorithm: sha256WithRSAEncryption
70:c3:00:b2:bb:a7:35:35:5e:7a:e1:25:7e:7d:d9:1e:d8:d2:
c1:38:f9:c5:82:eb:c5:f2:f4:75:91:86:8a:22:b3:7a:24:10:
de:76:1f:06:49:e6:21:1b:2e:12:9a:e5:d0:05:16:f7:c3:da:
af:d7:47:5a:79:cd:8a:c4:98:2f:cd:02:1f:fc:da:73:5b:5d:
2b:58:24:8b:2e:2f:e1:bf:f0:6b:2b:61:7f:44:08:8d:66:18:
8a:1c:d5:a3:c4:20:6f:28:ed:ae:de:b0:6d:70:d2:e9:78:fe:
56:ef:ad:bf:72:6b:c0:92:85:89:10:77:b8:d3:48:50:07:68:
32:88:67:52:48:18:f6:9c:ce:2c:5d:5b:17:a7:6e:0e:34:3b:
dc:8e:07:85:9e:bc:18:9a:7d:73:41:4b:1f:15:4d:ec:bf:9b:
ab:f8:16:2e:9e:7e:97:56:c7:aa:45:aa:4a:50:98:dc:fd:9e:
43:d3:b8:e4:56:90:91:1b:ed:68:55:70:6e:c3:35:37:b8:9a:
4d:bc:3c:54:4b:58:da:da:a5:bc:ad:d7:2a:35:78:8b:ad:26:
da:b9:60:9c:97:a6:d5:46:07:1d:c4:0a:84:e7:75:29:06:45:
89:88:f3:5b:47:62:90:33:61:ad:f6:08:fd:f5:2a:ae:d2:43:
ae:e9:9f:67
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYY3eWUHbohrqPI7O01LV6+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTg3ZjgxMTU5N2RkMDM1MTNiZTQyZjQzMTU1YmMxNWEz
YTBiM2YwHhcNMjMwMjA5MTgzOTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmE1OGJiZjU2OTJmNjU3ODVmZWM4YjA4NDgzMGZmODE3MjU5MzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApT8FniF9mtq0E1Us9go8IooTBR7j
ttSdMVnNuYwrtStCn0X/yhteslSLdFBii9+/v/EVdRlHrSKOTGk8dkwvoCjAH/Ez
v4s/glQtCJFTqgecvvf4xR+RAf4tFXM9I7GtX5wREcN4vLI8xZWvf2Bk0UPCBoD1
I6coCQKmj4pkocNrbe7WaPtLP4SAvosS0CKbh4tZgrRHid+wCGWo7ck5BT6dOR5J
3wMlzqEcNuf0ovLeIE/FqZleQl2ugWewE0CBBRJi0Inmr2vrCF49Y+J7/IZEDvOM
GICuAFCya1KKJ70LpZTAclaHXcGprtKN2JrcSCtsTGIeMOLZQnbvwB+mgQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJali79WkvZXhf7IsISDD/gXJZOCMB8GA1UdIwQY
MBaAFCkYf4EVl90DUTvkL0MVW8FaOgs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JoX2dSV1gzUU5STy1RdlF4VmJ3Vm82Q3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84YzAwNmQtNTBmNS00NDVkLWI3ZTgt
MjQ5OTRiMDQwZjQxLzEvbHFXTHYxYVM5bGVGX3Npd2hJTVAtQmNsazRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84YzAwNmQtNTBmNS00NDVkLWI3ZTgtMjQ5OTRiMDQwZjQx
LzEvS1JoX2dSV1gzUU5STy1RdlF4VmJ3Vm82Q3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRFGAwQA
wRGzAwQAwRHBAwQAwRHcMA0EAgACMAcDBQMqD3VAMA0GCSqGSIb3DQEBCwUAA4IB
AQBwwwCyu6c1NV564SV+fdke2NLBOPnFguvF8vR1kYaKIrN6JBDedh8GSeYhGy4S
muXQBRb3w9qv10daec2KxJgvzQIf/NpzW10rWCSLLi/hv/BrK2F/RAiNZhiKHNWj
xCBvKO2u3rBtcNLpeP5W762/cmvAkoWJEHe400hQB2gyiGdSSBj2nM4sXVsXp24O
NDvcjgeFnrwYmn1zQUsfFU3sv5ur+BYunn6XVseqRapKUJjc/Z5D07jkVpCRG+1o
VXBuwzU3uJpNvDxUS1ja2qW8rdcqNXiLrSbauWCcl6bVRgcdxAqE53UpBkWJiPNb
R2KQM2Gt9gj99Squ0kOu6Z9n
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:49 2025 by rpki-client