Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/nE658tb40NZmbOh-xElFAzoSbG4.roa
File: nE658tb40NZmbOh-xElFAzoSbG4.roa (raw, json)
Hash identifier: rHe2S7UoyvX+5yIi+tYx3FbGQTVbfZ477tq2GSC7Qj0=
Subject key identifier: 9C:4E:B9:F2:D6:F8:D0:D6:66:6C:E8:7E:C4:49:45:03:3A:12:6C:6E
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 01857082BBEBD6493BA2BC232CC81EFDAC13
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/nE658tb40NZmbOh-xElFAzoSbG4.roa
Signing time: Mon 02 Jan 2023 03:24:54 +0000
ROA not before: Mon 02 Jan 2023 03:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2089
IP address blocks: 193.48.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:bb:eb:d6:49:3b:a2:bc:23:2c:c8:1e:fd:ac:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 2 03:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c4eb9f2d6f8d0d6666ce87ec44945033a126c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:31:93:56:79:1b:ad:ee:de:eb:55:56:97:aa:
e5:60:3e:43:a2:8f:d8:c9:66:47:61:75:5f:a2:08:
52:81:34:3a:51:7c:cc:cd:a6:52:09:69:47:1b:87:
e7:8a:8b:b3:f1:db:ca:6f:9f:ef:d5:58:d7:ca:33:
df:76:d5:9e:21:3c:d4:fa:ff:dd:97:c6:cb:59:fb:
60:ad:b8:73:4a:1e:94:cd:d1:60:4f:f7:6c:c9:75:
30:d2:c0:c6:d2:53:1d:c0:c2:7a:ea:3f:80:f2:0a:
5f:02:ab:36:c7:48:d0:be:14:82:1d:30:09:9d:81:
ae:22:c6:1b:53:5b:ac:f6:9a:ca:c7:27:9c:c5:37:
65:f1:5a:70:2e:a3:a0:06:98:d7:04:4f:4e:f5:4d:
ce:ee:8b:aa:f9:28:3c:c7:94:89:fa:57:f2:bf:fb:
96:44:63:e1:7a:09:eb:51:45:b8:9f:85:97:8b:3b:
c2:13:7a:16:d0:65:fc:50:34:14:b7:5e:8e:eb:4d:
5b:6b:36:4f:cb:11:87:62:12:e4:7a:cf:7a:4c:bc:
d5:14:98:b4:4b:df:2f:a7:fe:35:0d:36:11:e2:97:
b5:09:f6:09:59:03:d1:7a:d0:b4:00:aa:94:68:ad:
c7:d9:dd:94:dc:e6:96:50:04:b3:fc:7e:0c:93:50:
12:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:B9:F2:D6:F8:D0:D6:66:6C:E8:7E:C4:49:45:03:3A:12:6C:6E
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/nE658tb40NZmbOh-xElFAzoSbG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.48.92.0/24
Signature Algorithm: sha256WithRSAEncryption
60:9e:4b:c3:f1:d6:a1:c7:ec:96:34:c7:00:46:dc:fe:80:83:
6e:e2:05:1c:af:f7:c8:3f:a9:4e:3f:a5:fb:ed:b2:e2:3f:5c:
e7:e8:0f:bc:db:d1:65:ff:95:6d:3c:8d:9c:5d:94:9d:42:0b:
15:c9:40:f6:70:da:17:ea:4c:fd:04:27:4b:11:2e:d8:06:69:
b3:c2:cc:7f:2a:d8:08:d0:07:05:bb:bc:df:2c:bd:16:49:3f:
6f:21:bd:9d:ac:8c:d4:b8:dc:40:1f:80:d4:c8:2a:0a:84:87:
81:bc:55:99:21:0d:68:f7:e2:f0:c6:1f:f9:ec:73:e2:9d:c2:
92:87:c3:94:b8:66:f7:23:e4:06:03:0a:fb:bf:00:3b:41:39:
7c:fd:98:ce:48:4e:88:97:79:2e:18:c7:0c:50:81:2a:8f:09:
45:da:95:56:3b:1c:57:fa:94:18:68:61:59:f3:2a:bc:7d:eb:
74:89:13:a1:84:96:f6:6e:61:71:fc:c6:10:9a:5b:71:92:41:
cb:26:1c:fa:b5:3b:5d:a2:d8:7d:7e:b5:54:ea:ad:4a:4d:ae:
d8:95:9b:cb:4a:fd:41:36:88:b4:d3:91:cd:28:40:c7:cf:50:
20:14:48:ce:14:74:32:33:e9:8e:52:8a:e4:6f:84:61:56:b6:
9d:b3:11:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgrvr1kk7orwjLMge/awTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjMwMTAyMDMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRlYjlmMmQ2ZjhkMGQ2NjY2Y2U4N2VjNDQ5NDUwMzNhMTI2YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjGTVnkbre7e61VWl6rlYD5Doo/Y
yWZHYXVfoghSgTQ6UXzMzaZSCWlHG4fniouz8dvKb5/v1VjXyjPfdtWeITzU+v/d
l8bLWftgrbhzSh6UzdFgT/dsyXUw0sDG0lMdwMJ66j+A8gpfAqs2x0jQvhSCHTAJ
nYGuIsYbU1us9prKxyecxTdl8VpwLqOgBpjXBE9O9U3O7ouq+Sg8x5SJ+lfyv/uW
RGPhegnrUUW4n4WXizvCE3oW0GX8UDQUt16O601bazZPyxGHYhLkes96TLzVFJi0
S98vp/41DTYR4pe1CfYJWQPRetC0AKqUaK3H2d2U3OaWUASz/H4Mk1ASwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxOufLW+NDWZmzofsRJRQM6EmxuMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvbkU2NTh0YjQwTlptYk9oLXhFbEZBem9TYkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTBcMA0G
CSqGSIb3DQEBCwUAA4IBAQBgnkvD8dahx+yWNMcARtz+gINu4gUcr/fIP6lOP6X7
7bLiP1zn6A+829Fl/5VtPI2cXZSdQgsVyUD2cNoX6kz9BCdLES7YBmmzwsx/KtgI
0AcFu7zfLL0WST9vIb2drIzUuNxAH4DUyCoKhIeBvFWZIQ1o9+Lwxh/57HPincKS
h8OUuGb3I+QGAwr7vwA7QTl8/ZjOSE6Il3kuGMcMUIEqjwlF2pVWOxxX+pQYaGFZ
8yq8fet0iROhhJb2bmFx/MYQmltxkkHLJhz6tTtdoth9frVU6q1KTa7YlZvLSv1B
Noi005HNKEDHz1AgFEjOFHQyM+mOUorkb4RhVradsxEm
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:16 2025 by rpki-client