Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/7882e3-de8f-4751-9b6f-c9ffbe9b94d3/1/sQPK0QPaPiy6ktaE7jFc4hFLJLA.roa
File: sQPK0QPaPiy6ktaE7jFc4hFLJLA.roa (raw, json)
Hash identifier: IyAO45AXggduzwFjtlCh0rmfinnabcQiSkevaq6bRCQ=
Subject key identifier: B1:03:CA:D1:03:DA:3E:2C:BA:92:D6:84:EE:31:5C:E2:11:4B:24:B0
Certificate issuer: /CN=3ef2c312906eb673612bae74da2dd18a036824b1
Certificate serial: 01849A4BE7364140DCC6B5D982E4865EADB1
Authority key identifier: 3E:F2:C3:12:90:6E:B6:73:61:2B:AE:74:DA:2D:D1:8A:03:68:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvLDEpButnNhK6502i3RigNoJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/7882e3-de8f-4751-9b6f-c9ffbe9b94d3/1/sQPK0QPaPiy6ktaE7jFc4hFLJLA.roa
Signing time: Mon 21 Nov 2022 13:06:16 +0000
ROA not before: Mon 21 Nov 2022 13:06:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39599
IP address blocks: 193.93.104.0/23 maxlen: 23
193.93.106.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:4b:e7:36:41:40:dc:c6:b5:d9:82:e4:86:5e:ad:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef2c312906eb673612bae74da2dd18a036824b1
Validity
Not Before: Nov 21 13:06:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b103cad103da3e2cba92d684ee315ce2114b24b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:78:40:61:fe:09:b7:bd:26:5c:6b:04:dd:4d:
e7:a3:d3:af:97:c4:17:49:7c:03:e9:5b:a2:ff:64:
03:75:da:e7:73:aa:14:6c:74:e5:86:df:32:c8:6c:
9c:7e:bf:57:2e:8b:65:b7:55:c7:7d:28:0e:ee:23:
3f:21:c9:7f:9e:a8:cb:83:7b:9a:ee:10:cf:27:d0:
b3:6c:9e:4f:b7:6f:a9:5f:aa:7f:46:b2:ed:46:4e:
33:98:bd:d1:8e:17:1f:e5:d9:af:49:59:34:dd:bb:
ba:cb:73:01:f5:02:02:7a:66:c2:8f:4d:9e:3a:eb:
8b:8e:7c:4b:fb:fe:f5:3a:77:9e:ab:85:b8:60:bd:
e6:d6:d8:f7:c3:f7:e8:b2:b5:c3:8b:28:51:d1:a6:
75:68:9f:8b:a2:53:bd:50:a0:21:34:8a:2b:e6:8b:
87:c5:c6:3f:08:ea:78:85:c0:da:46:79:0e:a1:ab:
66:e1:82:f9:5c:34:41:e4:00:50:f9:c0:a1:03:ac:
76:49:2c:1c:58:14:da:97:fe:43:4a:6e:c7:0f:96:
26:bc:57:40:37:6c:1a:d3:92:35:a7:2c:69:93:3c:
7e:01:0c:91:e6:2c:18:62:f2:90:7b:7d:5f:1f:06:
3c:4a:47:71:80:87:45:c3:58:20:6e:ee:6f:cd:8e:
91:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:03:CA:D1:03:DA:3E:2C:BA:92:D6:84:EE:31:5C:E2:11:4B:24:B0
X509v3 Authority Key Identifier:
keyid:3E:F2:C3:12:90:6E:B6:73:61:2B:AE:74:DA:2D:D1:8A:03:68:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvLDEpButnNhK6502i3RigNoJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7882e3-de8f-4751-9b6f-c9ffbe9b94d3/1/sQPK0QPaPiy6ktaE7jFc4hFLJLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7882e3-de8f-4751-9b6f-c9ffbe9b94d3/1/PvLDEpButnNhK6502i3RigNoJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.104.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:e1:a1:47:bd:14:77:54:7d:96:f9:23:9d:28:40:7f:c2:98:
40:e0:ed:35:68:a9:54:0f:c9:d1:25:b8:d7:7f:94:f0:d6:d6:
cb:30:07:21:74:b8:cc:91:9e:64:a7:bb:53:0e:a3:22:18:8b:
7c:2f:e5:45:24:41:02:df:43:3b:55:05:6e:ce:bf:99:d5:30:
7b:a4:67:e6:59:65:2e:4a:5c:fd:7c:fc:dc:d6:b0:76:dd:4e:
b2:4d:bd:9c:a9:a3:bb:c1:bf:e6:75:cc:97:6d:02:96:95:1f:
e1:59:8f:53:9b:29:45:3c:4b:cd:f8:cf:4f:cd:4c:93:62:6b:
cf:9e:46:e6:83:a7:18:29:46:3f:f8:24:fe:c9:98:1f:54:86:
ab:b9:8b:09:7a:48:ac:00:fe:dc:ce:25:e2:1a:56:c7:05:85:
82:d1:ed:0b:f5:97:a7:f9:dd:5f:a1:4a:97:c3:e6:af:48:42:
cd:61:3a:48:95:f7:97:c8:02:55:99:0d:36:a6:51:a2:3a:22:
f9:03:4d:3f:01:86:2c:49:56:c9:b5:71:c4:42:c0:b0:ae:02:
6d:d9:74:dc:67:37:dc:27:9f:b8:05:da:38:4d:0d:6d:4d:09:
63:71:95:33:a2:1c:89:62:23:5c:92:a7:bb:cc:0f:09:0c:00:
cf:77:7a:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSaS+c2QUDcxrXZguSGXq2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjJjMzEyOTA2ZWI2NzM2MTJiYWU3NGRhMmRkMThhMDM2
ODI0YjEwHhcNMjIxMTIxMTMwNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTAzY2FkMTAzZGEzZTJjYmE5MmQ2ODRlZTMxNWNlMjExNGIyNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXhAYf4Jt70mXGsE3U3no9Ovl8QX
SXwD6Vui/2QDddrnc6oUbHTlht8yyGycfr9XLotlt1XHfSgO7iM/Icl/nqjLg3ua
7hDPJ9CzbJ5Pt2+pX6p/RrLtRk4zmL3Rjhcf5dmvSVk03bu6y3MB9QICembCj02e
OuuLjnxL+/71Oneeq4W4YL3m1tj3w/fosrXDiyhR0aZ1aJ+LolO9UKAhNIor5ouH
xcY/COp4hcDaRnkOoatm4YL5XDRB5ABQ+cChA6x2SSwcWBTal/5DSm7HD5YmvFdA
N2wa05I1pyxpkzx+AQyR5iwYYvKQe31fHwY8SkdxgIdFw1ggbu5vzY6RYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEDytED2j4supLWhO4xXOIRSySwMB8GA1UdIwQY
MBaAFD7ywxKQbrZzYSuudNot0YoDaCSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZMREVwQnV0bk5oSzY1MDJpM1JpZ05vSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC83ODgyZTMtZGU4Zi00NzUxLTliNmYt
YzlmZmJlOWI5NGQzLzEvc1FQSzBRUGFQaXk2a3RhRTdqRmM0aEZMSkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC83ODgyZTMtZGU4Zi00NzUxLTliNmYtYzlmZmJlOWI5NGQz
LzEvUHZMREVwQnV0bk5oSzY1MDJpM1JpZ05vSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwV1oMA0G
CSqGSIb3DQEBCwUAA4IBAQAv4aFHvRR3VH2W+SOdKEB/wphA4O01aKlUD8nRJbjX
f5Tw1tbLMAchdLjMkZ5kp7tTDqMiGIt8L+VFJEEC30M7VQVuzr+Z1TB7pGfmWWUu
Slz9fPzc1rB23U6yTb2cqaO7wb/mdcyXbQKWlR/hWY9TmylFPEvN+M9PzUyTYmvP
nkbmg6cYKUY/+CT+yZgfVIaruYsJekisAP7cziXiGlbHBYWC0e0L9Zen+d1foUqX
w+avSELNYTpIlfeXyAJVmQ02plGiOiL5A00/AYYsSVbJtXHEQsCwrgJt2XTcZzfc
J5+4Bdo4TQ1tTQljcZUzohyJYiNckqe7zA8JDADPd3pi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:23 2025 by rpki-client