Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4qfWNVyBDQb6-xOTCbnELi3VtKk.roa
File: 4qfWNVyBDQb6-xOTCbnELi3VtKk.roa (raw, json)
Hash identifier: 5FUKzT+hFYNCtM3Pp1U7Xj2MuXHpljzrsE9xpVPo/Tc=
Subject key identifier: E2:A7:D6:35:5C:81:0D:06:FA:FB:13:93:09:B9:C4:2E:2D:D5:B4:A9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0183A34BA169CA820534CF88641D387F3CE5
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4qfWNVyBDQb6-xOTCbnELi3VtKk.roa
Signing time: Tue 04 Oct 2022 13:59:46 +0000
ROA not before: Tue 04 Oct 2022 13:59:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211434
IP address blocks: 192.71.206.0/24 maxlen: 24
194.71.106.0/24 maxlen: 24
194.68.22.0/23 maxlen: 23
194.132.172.0/23 maxlen: 24
192.36.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:4b:a1:69:ca:82:05:34:cf:88:64:1d:38:7f:3c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 4 13:59:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2a7d6355c810d06fafb139309b9c42e2dd5b4a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:8b:eb:3b:8a:4a:77:33:06:20:cb:bb:6a:
09:7e:84:e6:e5:69:96:2e:1f:45:6f:07:c1:69:be:
40:9d:c1:c0:85:55:fb:f8:cd:80:7c:ee:92:74:e4:
64:78:c9:0e:ac:74:bd:a0:79:57:a7:e2:35:69:c6:
a7:b8:c3:cc:6a:d3:b4:2c:1c:fd:17:bf:c6:d5:e9:
ab:96:7a:3c:3c:d2:e6:a5:5c:f8:47:d5:1f:cd:f7:
84:5b:71:f1:34:0a:f5:3a:c4:d2:97:7e:1f:32:29:
ba:0c:3e:0e:43:c5:69:24:e4:4e:aa:e4:dc:87:43:
cf:54:54:fb:cd:5e:60:79:f2:36:36:08:e3:29:0d:
ee:20:30:5c:95:b6:eb:ac:b5:35:32:6a:85:8c:3d:
13:c7:72:28:e2:3e:b4:bb:d5:dc:83:94:96:0d:64:
18:46:b3:3b:2e:00:3e:9c:5d:38:a8:db:2e:00:7c:
84:79:c6:90:57:76:2d:0e:99:d8:41:fd:3d:44:3a:
67:85:e7:66:19:7d:2b:f2:1c:5e:80:92:72:c5:8b:
3a:1a:c1:1e:a9:ef:e2:50:8e:3c:5b:7a:c5:d8:20:
6a:e3:1b:d1:4e:e8:cc:0d:16:a0:50:7b:6b:f0:ee:
7c:e3:ec:8f:56:57:7e:09:85:9c:73:f6:a4:2c:84:
c1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A7:D6:35:5C:81:0D:06:FA:FB:13:93:09:B9:C4:2E:2D:D5:B4:A9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4qfWNVyBDQb6-xOTCbnELi3VtKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.200.0/24
192.71.206.0/24
194.68.22.0/23
194.71.106.0/24
194.132.172.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:eb:ed:f0:e2:89:34:f6:9b:ab:ac:80:03:8b:f2:fd:31:d2:
3c:72:19:e4:32:28:72:a3:2f:4b:8b:51:a0:79:3c:50:e5:dc:
8b:b1:3a:c8:3b:56:af:ae:9f:ed:b0:8e:86:7a:4d:d8:f4:13:
4c:c6:81:eb:f9:11:ca:41:c2:2e:a8:65:b1:c0:2f:0a:e7:2b:
7b:dc:7f:fb:4c:39:19:f0:89:bb:07:1e:e8:cf:91:73:8a:51:
0f:d9:08:9a:f5:a0:4c:32:1d:14:4f:55:fa:95:d4:ac:85:95:
da:31:18:b2:0f:04:df:8e:6a:d1:75:77:56:90:7a:c6:0e:13:
67:df:3b:7e:bf:2c:63:ad:18:36:c1:d8:bc:df:79:ab:5d:79:
71:07:fb:e1:d5:c7:8a:43:28:f6:4d:5a:03:5f:e7:3d:46:82:
b3:2c:59:d7:b8:7c:94:b2:8d:09:3b:77:d2:ec:57:ef:98:57:
08:bf:92:67:7d:7f:d6:ac:76:bb:43:d0:9f:09:5c:57:4a:11:
ec:6c:75:68:24:af:cb:7f:19:83:95:c8:7e:6c:7e:24:38:1d:
7d:96:e9:95:b8:04:77:d9:15:2e:a0:64:a3:bc:ab:4b:d9:a9:
f8:94:8f:88:50:8f:a8:81:43:e9:1d:0d:6f:89:cf:9d:33:95:
bc:09:93:36
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYOjS6FpyoIFNM+IZB04fzzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMDA0MTM1OTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE3ZDYzNTVjODEwZDA2ZmFmYjEzOTMwOWI5YzQyZTJkZDViNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt2L6zuKSnczBiDLu2oJfoTm5WmW
Lh9FbwfBab5AncHAhVX7+M2AfO6SdORkeMkOrHS9oHlXp+I1acanuMPMatO0LBz9
F7/G1emrlno8PNLmpVz4R9UfzfeEW3HxNAr1OsTSl34fMim6DD4OQ8VpJOROquTc
h0PPVFT7zV5gefI2NgjjKQ3uIDBclbbrrLU1MmqFjD0Tx3Io4j60u9Xcg5SWDWQY
RrM7LgA+nF04qNsuAHyEecaQV3YtDpnYQf09RDpnhedmGX0r8hxegJJyxYs6GsEe
qe/iUI48W3rF2CBq4xvRTujMDRagUHtr8O584+yPVld+CYWcc/akLITBSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOKn1jVcgQ0G+vsTkwm5xC4t1bSpMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNHFmV05WeUJEUWI2LXhPVENibkVMaTNWdEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwCTIAwQA
wEfOAwQBwkQWAwQAwkdqAwQBwoSsMA0GCSqGSIb3DQEBCwUAA4IBAQAO6+3w4ok0
9purrIADi/L9MdI8chnkMihyoy9Li1GgeTxQ5dyLsTrIO1avrp/tsI6Gek3Y9BNM
xoHr+RHKQcIuqGWxwC8K5yt73H/7TDkZ8Im7Bx7oz5FzilEP2Qia9aBMMh0UT1X6
ldSshZXaMRiyDwTfjmrRdXdWkHrGDhNn3zt+vyxjrRg2wdi833mrXXlxB/vh1ceK
Qyj2TVoDX+c9RoKzLFnXuHyUso0JO3fS7FfvmFcIv5JnfX/WrHa7Q9CfCVxXShHs
bHVoJK/LfxmDlch+bH4kOB19lumVuAR32RUuoGSjvKtL2an4lI+IUI+ogUPpHQ1v
ic+dM5W8CZM2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:32 2025 by rpki-client