Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/shqMVrN4dJ96YysagyNJ1kjm5SU.roa
File: shqMVrN4dJ96YysagyNJ1kjm5SU.roa (raw, json)
Hash identifier: XTHL9jJWuxlQMbcWEXXbaOl4pKMp/zulyCIh34rZVK4=
Subject key identifier: B2:1A:8C:56:B3:78:74:9F:7A:63:2B:1A:83:23:49:D6:48:E6:E5:25
Certificate issuer: /CN=3447a30428254c9970fcfbdffef06b0d6b490f0e
Certificate serial: 018570303D75381DE6C4867949D5530EFBC9
Authority key identifier: 34:47:A3:04:28:25:4C:99:70:FC:FB:DF:FE:F0:6B:0D:6B:49:0F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NEejBCglTJlw_Pvf_vBrDWtJDw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/shqMVrN4dJ96YysagyNJ1kjm5SU.roa
Signing time: Mon 02 Jan 2023 01:54:47 +0000
ROA not before: Mon 02 Jan 2023 01:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42198
IP address blocks: 193.30.32.0/24 maxlen: 24
193.30.32.0/23 maxlen: 23
193.30.35.0/24 maxlen: 24
193.30.34.0/23 maxlen: 23
193.30.34.0/24 maxlen: 24
193.30.33.0/24 maxlen: 24
2a0c:8540:3::/48 maxlen: 48
2a0c:8540:9::/48 maxlen: 48
2a0c:8540:1::/48 maxlen: 48
2a0c:8540:4::/48 maxlen: 48
2a0c:8540:2::/48 maxlen: 48
2a0c:8540::/43 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:3d:75:38:1d:e6:c4:86:79:49:d5:53:0e:fb:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3447a30428254c9970fcfbdffef06b0d6b490f0e
Validity
Not Before: Jan 2 01:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b21a8c56b378749f7a632b1a832349d648e6e525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d9:0a:42:d8:28:25:39:ed:b4:f0:81:2a:a7:
ae:7d:29:0b:41:e7:1a:05:d2:25:b9:d9:70:39:86:
b3:e4:19:44:a3:6d:15:16:57:4a:ef:7f:c1:cc:05:
fb:ab:63:ef:9b:86:c8:1f:0c:34:9c:56:31:18:11:
cd:d1:c3:9f:dc:bc:92:9f:2f:4c:37:cd:54:72:c9:
75:85:59:bf:e8:1b:d5:a5:61:92:19:e7:8c:c7:09:
af:78:e0:96:a3:6b:99:6a:f3:c7:fd:5e:4a:66:a1:
cd:e7:7b:c4:23:da:fe:6f:97:3d:7b:64:57:16:5e:
51:b6:49:79:3a:8f:b6:8a:81:c0:22:d5:3f:a8:15:
9e:96:48:2f:b2:a5:9b:7f:57:90:f0:e3:8f:e2:4c:
b9:3c:ad:27:d7:e2:f4:c8:1a:9c:f9:d9:3f:6b:a7:
53:fb:64:80:a2:d5:1d:4d:05:cc:39:b0:db:6b:2b:
c6:55:61:26:5e:c0:fa:03:0f:ed:2e:d2:49:e0:9f:
14:7c:fc:97:8f:09:6b:e3:a0:f6:c9:26:0e:d9:02:
55:a3:4c:b0:81:71:1a:11:9a:63:28:2d:65:48:c7:
d4:a3:30:de:fd:10:bc:09:94:54:25:9a:57:09:45:
9f:c0:48:90:d9:8b:61:d2:c2:f7:9c:aa:d4:07:cf:
1e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1A:8C:56:B3:78:74:9F:7A:63:2B:1A:83:23:49:D6:48:E6:E5:25
X509v3 Authority Key Identifier:
keyid:34:47:A3:04:28:25:4C:99:70:FC:FB:DF:FE:F0:6B:0D:6B:49:0F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NEejBCglTJlw_Pvf_vBrDWtJDw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/shqMVrN4dJ96YysagyNJ1kjm5SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/NEejBCglTJlw_Pvf_vBrDWtJDw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.32.0/22
IPv6:
2a0c:8540::/43
Signature Algorithm: sha256WithRSAEncryption
1e:43:d7:26:3d:c7:6f:2b:50:2b:f4:1f:c7:d1:c1:12:b4:b3:
ae:86:fc:a1:47:f8:22:df:2c:7b:b9:30:63:30:88:f1:0a:eb:
da:09:c2:9a:f0:a8:1a:c9:8c:5a:2a:e3:a3:a6:78:c8:d3:ef:
6d:c2:6d:5a:90:3f:3d:da:56:c5:9d:79:09:57:8b:41:2e:85:
d1:61:f6:b1:df:d4:ff:b0:c2:25:d5:6d:f7:18:e1:53:3e:37:
24:f7:26:90:ad:cb:be:39:b7:18:1a:81:e8:a5:f2:38:e2:71:
f8:8f:01:f4:ae:15:0b:04:39:a6:1b:63:d1:2e:26:26:f5:5a:
03:b0:3c:c5:31:e3:d1:f7:b0:dd:c5:f7:9d:8f:58:47:9e:d2:
d0:94:2b:fe:4c:5d:ce:8c:a7:a4:a6:b0:a1:a2:fb:06:0b:b2:
7b:9f:1e:19:62:50:28:f9:ed:1f:91:92:24:42:0b:4a:b2:15:
d6:37:dd:9d:16:b2:92:eb:10:53:46:a0:d6:d3:a5:21:2d:33:
a3:ef:8d:18:13:8c:bd:20:72:74:8e:7c:a3:68:fa:fd:f1:2d:
a4:9a:a2:dd:de:5e:4f:d6:11:a5:d2:e6:66:e6:7f:84:59:60:
88:03:3d:9a:69:31:d8:cf:7d:00:7d:3c:a1:b2:23:28:ba:c7:
c6:c2:c6:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwMD11OB3mxIZ5SdVTDvvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NDdhMzA0MjgyNTRjOTk3MGZjZmJkZmZlZjA2YjBkNmI0
OTBmMGUwHhcNMjMwMTAyMDE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFhOGM1NmIzNzg3NDlmN2E2MzJiMWE4MzIzNDlkNjQ4ZTZlNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidkKQtgoJTnttPCBKqeufSkLQeca
BdIludlwOYaz5BlEo20VFldK73/BzAX7q2Pvm4bIHww0nFYxGBHN0cOf3LySny9M
N81Ucsl1hVm/6BvVpWGSGeeMxwmveOCWo2uZavPH/V5KZqHN53vEI9r+b5c9e2RX
Fl5Rtkl5Oo+2ioHAItU/qBWelkgvsqWbf1eQ8OOP4ky5PK0n1+L0yBqc+dk/a6dT
+2SAotUdTQXMObDbayvGVWEmXsD6Aw/tLtJJ4J8UfPyXjwlr46D2ySYO2QJVo0yw
gXEaEZpjKC1lSMfUozDe/RC8CZRUJZpXCUWfwEiQ2Yth0sL3nKrUB88e6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLIajFazeHSfemMrGoMjSdZI5uUlMB8GA1UdIwQY
MBaAFDRHowQoJUyZcPz73/7waw1rSQ8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVlakJDZ2xUSmx3X1B2Zl92QnJEV3RKRHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9mYzQxOWEtNWMyMS00ZDJmLTliODAt
YmRlMDI4YWQ1OTMwLzEvc2hxTVZyTjRkSjk2WXlzYWd5Tkoxa2ptNVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9mYzQxOWEtNWMyMS00ZDJmLTliODAtYmRlMDI4YWQ1OTMw
LzEvTkVlakJDZ2xUSmx3X1B2Zl92QnJEV3RKRHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwR4gMA8E
AgACMAkDBwUqDIVAAAAwDQYJKoZIhvcNAQELBQADggEBAB5D1yY9x28rUCv0H8fR
wRK0s66G/KFH+CLfLHu5MGMwiPEK69oJwprwqBrJjFoq46OmeMjT723CbVqQPz3a
VsWdeQlXi0EuhdFh9rHf1P+wwiXVbfcY4VM+NyT3JpCty745txgageil8jjicfiP
AfSuFQsEOaYbY9EuJib1WgOwPMUx49H3sN3F952PWEee0tCUK/5MXc6Mp6SmsKGi
+wYLsnufHhliUCj57R+RkiRCC0qyFdY33Z0WspLrEFNGoNbTpSEtM6PvjRgTjL0g
cnSOfKNo+v3xLaSaot3eXk/WEaXS5mbmf4RZYIgDPZppMdjPfQB9PKGyIyi6x8bC
xjE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:13:17 2025 by rpki-client