Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/PksZ6A404Sp9l76EoesiNgxxb20.roa
File: PksZ6A404Sp9l76EoesiNgxxb20.roa (raw, json)
Hash identifier: 2CZ1M4VpQkIRJssvcwJmZI4vJ5/WEouO29lqWsltxiQ=
Subject key identifier: 3E:4B:19:E8:0E:34:E1:2A:7D:97:BE:84:A1:EB:22:36:0C:71:6F:6D
Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b
Certificate serial: 018570CC0B2A64371ACAEEDF8E5292377A05
Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/PksZ6A404Sp9l76EoesiNgxxb20.roa
Signing time: Mon 02 Jan 2023 04:44:58 +0000
ROA not before: Mon 02 Jan 2023 04:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 193.186.198.0/24 maxlen: 24
193.186.196.0/22 maxlen: 22
193.186.196.0/24 maxlen: 24
193.186.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cc:0b:2a:64:37:1a:ca:ee:df:8e:52:92:37:7a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b
Validity
Not Before: Jan 2 04:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e4b19e80e34e12a7d97be84a1eb22360c716f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:af:b1:80:5a:f1:09:9f:3c:5a:75:41:7a:84:
12:4e:17:06:76:07:3b:ae:98:dc:16:3b:36:90:6c:
b0:6d:20:77:d6:81:a3:4c:07:5f:45:e9:bd:d2:f4:
a0:5b:b1:ff:8c:f3:ed:91:d1:49:30:77:d8:d8:f1:
83:51:95:61:68:fe:e6:90:97:64:10:d8:bb:3f:a2:
42:ae:d6:1a:eb:8d:e6:26:3b:61:17:21:a1:3a:41:
d3:3c:94:c5:15:2d:9d:28:48:c2:99:3c:9a:40:2d:
52:57:7f:b1:0e:fc:24:31:f0:94:b1:01:4d:14:f0:
fd:9f:55:89:96:99:64:0f:7d:fc:76:35:35:06:ba:
6a:8f:04:b5:88:42:8e:00:a6:1a:22:9a:c6:d5:d2:
ca:a6:fd:1a:22:39:af:4f:9b:10:87:0b:38:66:84:
19:33:20:0d:39:fc:7d:6e:0f:6f:e0:69:f5:73:69:
49:ec:69:33:6b:43:53:dd:f7:04:57:65:c0:3c:d0:
97:3b:c0:09:bc:9f:66:18:95:a3:64:8d:f0:47:6e:
d9:30:96:75:be:9c:9e:9a:d0:49:53:73:5e:48:51:
fa:c1:ed:9b:fb:a1:ee:d4:88:1b:19:93:8c:da:b4:
c0:e8:ae:25:04:97:83:36:85:76:63:88:f6:ce:d6:
81:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4B:19:E8:0E:34:E1:2A:7D:97:BE:84:A1:EB:22:36:0C:71:6F:6D
X509v3 Authority Key Identifier:
keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/PksZ6A404Sp9l76EoesiNgxxb20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.196.0/22
Signature Algorithm: sha256WithRSAEncryption
43:2c:25:eb:20:a3:d1:06:8c:dc:a5:43:26:93:62:9c:eb:b1:
38:9e:e8:ba:0a:ac:e9:7f:65:58:c9:30:63:da:1f:57:31:7f:
2a:eb:1f:64:74:3e:77:f6:a1:3b:0a:d5:9e:d8:1f:e8:4c:9c:
65:ab:94:1d:ce:3d:78:ba:41:64:15:62:60:af:0e:16:3f:44:
d8:c2:d0:f0:7c:75:76:46:82:f3:4c:86:39:26:06:78:82:e4:
50:96:0b:33:44:db:01:74:73:e8:97:5c:a5:00:b7:ae:41:2f:
82:80:37:82:cb:64:6f:eb:7d:36:8c:1e:ab:11:29:19:20:65:
f7:48:e7:11:4b:1e:08:b2:1e:e4:2e:d7:55:83:e4:f6:dd:42:
b3:9d:92:62:35:23:80:44:79:ab:83:4f:9f:c1:c4:d1:82:3e:
42:73:8d:68:7f:28:a4:50:00:7f:bb:e9:68:8a:13:89:61:91:
9d:8b:56:94:1c:71:fa:70:fe:44:51:5e:3d:4b:d9:8e:e1:b5:
e4:f8:e8:84:14:14:cd:69:b6:47:68:e0:b3:a0:46:f7:3b:77:
f2:f1:62:46:c1:1f:3a:d6:73:c8:16:44:5d:1f:9a:0f:d6:5d:
81:45:47:64:59:90:55:6e:43:7b:37:62:fd:68:88:c6:3f:c4:
4d:1d:65:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwzAsqZDcayu7fjlKSN3oFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4
MDY1MmIwHhcNMjMwMTAyMDQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRiMTllODBlMzRlMTJhN2Q5N2JlODRhMWViMjIzNjBjNzE2ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6+xgFrxCZ88WnVBeoQSThcGdgc7
rpjcFjs2kGywbSB31oGjTAdfRem90vSgW7H/jPPtkdFJMHfY2PGDUZVhaP7mkJdk
ENi7P6JCrtYa643mJjthFyGhOkHTPJTFFS2dKEjCmTyaQC1SV3+xDvwkMfCUsQFN
FPD9n1WJlplkD338djU1BrpqjwS1iEKOAKYaIprG1dLKpv0aIjmvT5sQhws4ZoQZ
MyANOfx9bg9v4Gn1c2lJ7Gkza0NT3fcEV2XAPNCXO8AJvJ9mGJWjZI3wR27ZMJZ1
vpyemtBJU3NeSFH6we2b+6Hu1IgbGZOM2rTA6K4lBJeDNoV2Y4j2ztaBFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5LGegONOEqfZe+hKHrIjYMcW9tMB8GA1UdIwQY
MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt
YTdhZGU0MzRkNDUxLzEvUGtzWjZBNDA0U3A5bDc2RW9lc2lOZ3h4YjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx
LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwbrEMA0G
CSqGSIb3DQEBCwUAA4IBAQBDLCXrIKPRBozcpUMmk2Kc67E4nui6Cqzpf2VYyTBj
2h9XMX8q6x9kdD539qE7CtWe2B/oTJxlq5Qdzj14ukFkFWJgrw4WP0TYwtDwfHV2
RoLzTIY5JgZ4guRQlgszRNsBdHPol1ylALeuQS+CgDeCy2Rv6302jB6rESkZIGX3
SOcRSx4Ish7kLtdVg+T23UKznZJiNSOARHmrg0+fwcTRgj5Cc41ofyikUAB/u+lo
ihOJYZGdi1aUHHH6cP5EUV49S9mO4bXk+OiEFBTNabZHaOCzoEb3O3fy8WJGwR86
1nPIFkRdH5oP1l2BRUdkWZBVbkN7N2L9aIjGP8RNHWVN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:32 2025 by rpki-client