Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/fQTo9dwKO3KZpZC5G9pgdSEUloo.roa
File: fQTo9dwKO3KZpZC5G9pgdSEUloo.roa (raw, json)
Hash identifier: ew92g7e4AJ8YeR5b7OKT56Y6HO+6z54WvsTXGPZBxDQ=
Subject key identifier: 7D:04:E8:F5:DC:0A:3B:72:99:A5:90:B9:1B:DA:60:75:21:14:96:8A
Certificate issuer: /CN=2d5894923bb002a434128810607dfb526722004f
Certificate serial: 01870E256D92E86A2C9E2D4457618DB3D47A
Authority key identifier: 2D:58:94:92:3B:B0:02:A4:34:12:88:10:60:7D:FB:52:67:22:00:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LViUkjuwAqQ0EogQYH37UmciAE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/fQTo9dwKO3KZpZC5G9pgdSEUloo.roa
Signing time: Thu 23 Mar 2023 11:05:46 +0000
ROA not before: Thu 23 Mar 2023 11:05:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41863
IP address blocks: 193.34.16.0/22 maxlen: 24
2001:678:b64::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:25:6d:92:e8:6a:2c:9e:2d:44:57:61:8d:b3:d4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d5894923bb002a434128810607dfb526722004f
Validity
Not Before: Mar 23 11:05:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d04e8f5dc0a3b7299a590b91bda60752114968a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:25:bd:fc:36:eb:c3:b1:9c:a2:6b:b3:ff:98:
03:1b:af:20:09:40:e8:b3:98:b9:5d:2f:1a:74:55:
26:5d:cc:c8:50:0e:98:2e:5e:fa:08:67:c3:2b:ad:
f4:66:6c:c2:03:bc:89:2b:a8:3e:ee:67:71:33:e0:
d4:06:52:14:2a:c6:90:f1:28:e7:0c:35:27:59:82:
52:a4:1a:2d:74:c4:17:60:01:0d:f7:c1:27:73:7b:
fe:69:a5:15:63:74:99:92:b4:84:b4:71:84:2b:80:
59:e7:36:1c:c1:57:ca:9e:fa:84:7c:42:50:d6:14:
3f:0f:8b:c7:66:30:a8:02:3e:0e:7f:03:d0:8d:08:
9e:da:7c:d3:71:c1:98:89:f2:01:24:8f:d3:08:a2:
01:ee:c7:3f:e3:67:21:fe:27:25:b6:56:30:f1:ed:
e2:8a:b6:82:e5:c6:8b:c0:93:14:ba:09:99:c0:2a:
49:57:bb:fb:df:c8:6e:e1:e5:be:4a:28:05:07:c6:
69:d9:98:b7:76:98:0f:0c:ff:6d:72:c8:fb:6e:32:
e6:e4:e7:88:02:11:5b:d8:81:3f:37:65:ee:9b:00:
20:b5:fc:5d:eb:d9:45:7c:bc:d3:ff:3b:7f:1d:04:
be:07:2c:5d:7b:a8:70:10:87:f0:24:3d:34:8c:19:
17:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:04:E8:F5:DC:0A:3B:72:99:A5:90:B9:1B:DA:60:75:21:14:96:8A
X509v3 Authority Key Identifier:
keyid:2D:58:94:92:3B:B0:02:A4:34:12:88:10:60:7D:FB:52:67:22:00:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LViUkjuwAqQ0EogQYH37UmciAE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/fQTo9dwKO3KZpZC5G9pgdSEUloo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/LViUkjuwAqQ0EogQYH37UmciAE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.16.0/22
IPv6:
2001:678:b64::/48
Signature Algorithm: sha256WithRSAEncryption
24:1a:50:78:c7:73:cc:02:36:f6:38:2b:db:3d:92:19:6c:0c:
87:77:a0:c7:1c:52:c4:77:be:b6:d4:da:c2:88:33:a5:d1:d2:
2d:52:33:40:53:b5:07:f5:44:a1:71:30:08:da:db:ac:30:85:
a2:2d:07:53:b6:6f:1a:3b:d9:6e:2f:30:cc:7f:d8:01:ef:1e:
9f:c1:ad:c1:89:84:fe:85:87:ae:3f:b5:6d:a4:e6:47:1b:0d:
59:44:7f:1e:ea:e1:59:7c:f0:9a:82:0a:5b:41:9c:2f:d2:e3:
da:8a:17:ee:71:64:14:5e:4d:f1:84:2d:0f:c5:12:dc:d5:8d:
ec:40:d2:9b:df:66:2b:e2:d3:63:8a:7e:35:7f:40:48:20:68:
5f:c7:f2:78:83:0c:7a:88:16:fc:69:ed:82:14:47:56:5a:b6:
2c:53:2c:18:b5:e9:8d:02:88:56:4b:4e:51:68:67:5c:74:f6:
91:cc:02:56:35:7a:53:fb:7e:f6:22:32:2b:25:35:9a:96:05:
2d:39:48:5f:a3:98:07:97:e4:67:0a:7c:93:87:1b:ec:e8:a9:
6c:3e:fc:2f:b3:88:cb:b0:15:b7:31:21:eb:db:2c:0f:e9:b7:
5b:ac:b6:aa:c7:69:13:1b:70:fe:62:b6:5e:c0:b4:45:fa:98:
80:54:dd:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcOJW2S6Gosni1EV2GNs9R6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNTg5NDkyM2JiMDAyYTQzNDEyODgxMDYwN2RmYjUyNjcy
MjAwNGYwHhcNMjMwMzIzMTEwNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDA0ZThmNWRjMGEzYjcyOTlhNTkwYjkxYmRhNjA3NTIxMTQ5NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7CW9/Dbrw7Gcomuz/5gDG68gCUDo
s5i5XS8adFUmXczIUA6YLl76CGfDK630ZmzCA7yJK6g+7mdxM+DUBlIUKsaQ8Sjn
DDUnWYJSpBotdMQXYAEN98Enc3v+aaUVY3SZkrSEtHGEK4BZ5zYcwVfKnvqEfEJQ
1hQ/D4vHZjCoAj4OfwPQjQie2nzTccGYifIBJI/TCKIB7sc/42ch/icltlYw8e3i
iraC5caLwJMUugmZwCpJV7v738hu4eW+SigFB8Zp2Zi3dpgPDP9tcsj7bjLm5OeI
AhFb2IE/N2XumwAgtfxd69lFfLzT/zt/HQS+Byxde6hwEIfwJD00jBkXhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0E6PXcCjtymaWQuRvaYHUhFJaKMB8GA1UdIwQY
MBaAFC1YlJI7sAKkNBKIEGB9+1JnIgBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFZpVWtqdXdBcVEwRW9nUVlIMzdVbWNpQUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84YTUzNTMtMTRmMS00MGY2LWE0ODIt
YWVlNTkyN2I0ZGQyLzEvZlFUbzlkd0tPM0tacFpDNUc5cGdkU0VVbG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84YTUzNTMtMTRmMS00MGY2LWE0ODItYWVlNTkyN2I0ZGQy
LzEvTFZpVWtqdXdBcVEwRW9nUVlIMzdVbWNpQUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwSIQMA8E
AgACMAkDBwAgAQZ4C2QwDQYJKoZIhvcNAQELBQADggEBACQaUHjHc8wCNvY4K9s9
khlsDId3oMccUsR3vrbU2sKIM6XR0i1SM0BTtQf1RKFxMAja26wwhaItB1O2bxo7
2W4vMMx/2AHvHp/BrcGJhP6Fh64/tW2k5kcbDVlEfx7q4Vl88JqCCltBnC/S49qK
F+5xZBReTfGELQ/FEtzVjexA0pvfZivi02OKfjV/QEggaF/H8niDDHqIFvxp7YIU
R1ZatixTLBi16Y0CiFZLTlFoZ1x09pHMAlY1elP7fvYiMislNZqWBS05SF+jmAeX
5GcKfJOHG+zoqWw+/C+ziMuwFbcxIevbLA/pt1ustqrHaRMbcP5itl7AtEX6mIBU
3fg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:29:07 2025 by rpki-client