Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/444ccc-2b56-4a5f-9a3a-dd4b514fcd08/1/kH2U0omrlArnhd7in1ZFHAakIGc.roa
File: kH2U0omrlArnhd7in1ZFHAakIGc.roa (raw, json)
Hash identifier: qx+K3p8FaVRKz3hZZG+WYCGNL8KPsQcs2DHFgmYO3lc=
Subject key identifier: 90:7D:94:D2:89:AB:94:0A:E7:85:DE:E2:9F:56:45:1C:06:A4:20:67
Certificate issuer: /CN=9260a8c66abdb6e50681007006d57f7d1fe9ca2e
Certificate serial: 01856D6F645C5B1C84FD0F2A199F275FE915
Authority key identifier: 92:60:A8:C6:6A:BD:B6:E5:06:81:00:70:06:D5:7F:7D:1F:E9:CA:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmCoxmq9tuUGgQBwBtV_fR_pyi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/444ccc-2b56-4a5f-9a3a-dd4b514fcd08/1/kH2U0omrlArnhd7in1ZFHAakIGc.roa
Signing time: Sun 01 Jan 2023 13:04:54 +0000
ROA not before: Sun 01 Jan 2023 13:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 193.34.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:64:5c:5b:1c:84:fd:0f:2a:19:9f:27:5f:e9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9260a8c66abdb6e50681007006d57f7d1fe9ca2e
Validity
Not Before: Jan 1 13:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=907d94d289ab940ae785dee29f56451c06a42067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:df:3c:17:f7:c7:c9:be:c6:b4:41:e9:33:
1f:cb:57:61:e9:48:6f:fb:15:4e:d0:21:b7:e8:4e:
14:ff:81:6d:13:af:6b:42:c9:8f:ae:b4:8b:b8:ae:
ec:21:48:ff:1f:ee:e0:7f:b4:4a:3c:ba:e2:b1:3f:
20:e1:bd:50:21:53:05:63:45:89:81:80:68:53:57:
5b:20:da:94:96:67:9d:44:fb:4d:1f:b1:52:e9:64:
91:af:74:a1:6c:97:8a:07:92:c3:33:8b:93:9a:de:
21:b3:c2:e2:6b:17:ab:87:dc:d3:fa:d3:50:46:c7:
9f:43:c4:2f:65:88:3f:95:9b:de:bf:57:52:22:95:
1c:30:c5:24:e5:2b:fa:6f:64:dd:09:be:10:ab:8c:
d9:d7:c2:6b:2a:10:9b:8d:93:89:f2:33:fb:97:c9:
af:20:b9:49:05:10:a5:d0:76:b2:a2:c2:c0:06:c9:
bf:76:8e:f0:0e:1d:08:79:32:0c:4e:da:07:de:c4:
62:9e:77:81:15:89:38:18:59:2e:2d:46:53:0e:5b:
96:ac:b8:7e:fb:84:35:b8:b5:c5:53:89:7d:b8:3e:
78:55:48:ee:16:3f:e8:d2:47:04:65:84:1e:da:c0:
53:84:f1:3e:b6:55:85:38:63:5b:a1:3d:96:04:cc:
4b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7D:94:D2:89:AB:94:0A:E7:85:DE:E2:9F:56:45:1C:06:A4:20:67
X509v3 Authority Key Identifier:
keyid:92:60:A8:C6:6A:BD:B6:E5:06:81:00:70:06:D5:7F:7D:1F:E9:CA:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmCoxmq9tuUGgQBwBtV_fR_pyi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/444ccc-2b56-4a5f-9a3a-dd4b514fcd08/1/kH2U0omrlArnhd7in1ZFHAakIGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/444ccc-2b56-4a5f-9a3a-dd4b514fcd08/1/kmCoxmq9tuUGgQBwBtV_fR_pyi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.227.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:3c:98:ea:f7:d6:e2:02:c0:ae:2e:bf:3b:b2:39:e1:52:5d:
71:6f:3c:3c:9d:32:ef:6c:58:f0:24:23:d4:3b:99:59:a7:e7:
7c:02:a2:74:3c:b4:61:c5:a8:53:32:d3:33:53:20:fe:ff:a4:
df:4d:e8:b4:3a:ae:bd:2f:cb:f0:bf:e8:ef:ca:e6:ed:91:04:
ad:c3:ca:56:3f:0b:71:de:f2:af:9f:8b:c3:8b:ba:1f:4c:de:
86:1d:78:8c:76:1e:6d:ab:20:1a:76:f3:1c:96:95:8b:45:a2:
9f:fa:14:f0:d6:a5:8e:e0:be:2a:a5:8a:07:d2:4b:42:5a:3c:
e0:76:64:96:02:25:28:d1:1b:02:72:58:3b:ef:0d:b2:0d:a2:
10:bf:31:63:aa:e8:70:a6:7a:fb:38:99:6d:60:13:e7:4f:c3:
ec:43:9d:b1:e2:bb:0e:93:81:46:02:1f:ca:9d:9f:ec:76:26:
11:c8:88:bd:08:25:d1:15:f3:05:fc:05:91:8c:45:bc:74:25:
ee:64:78:88:47:83:f0:7b:73:3e:c6:c2:10:a3:48:f6:a9:92:
e1:36:eb:c6:49:fd:92:f9:89:d9:c5:c2:5f:ee:36:ff:83:b8:
d3:71:46:ab:91:4b:05:f2:8a:9d:f5:42:f2:3b:80:79:2e:43:
0a:bf:b1:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb2RcWxyE/Q8qGZ8nX+kVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjBhOGM2NmFiZGI2ZTUwNjgxMDA3MDA2ZDU3ZjdkMWZl
OWNhMmUwHhcNMjMwMTAxMTMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdkOTRkMjg5YWI5NDBhZTc4NWRlZTI5ZjU2NDUxYzA2YTQyMDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2vfPBf3x8m+xrRB6TMfy1dh6Uhv
+xVO0CG36E4U/4FtE69rQsmPrrSLuK7sIUj/H+7gf7RKPLrisT8g4b1QIVMFY0WJ
gYBoU1dbINqUlmedRPtNH7FS6WSRr3ShbJeKB5LDM4uTmt4hs8Liaxerh9zT+tNQ
RsefQ8QvZYg/lZvev1dSIpUcMMUk5Sv6b2TdCb4Qq4zZ18JrKhCbjZOJ8jP7l8mv
ILlJBRCl0HayosLABsm/do7wDh0IeTIMTtoH3sRinneBFYk4GFkuLUZTDluWrLh+
+4Q1uLXFU4l9uD54VUjuFj/o0kcEZYQe2sBThPE+tlWFOGNboT2WBMxLBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJB9lNKJq5QK54Xe4p9WRRwGpCBnMB8GA1UdIwQY
MBaAFJJgqMZqvbblBoEAcAbVf30f6couMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21Db3htcTl0dVVHZ1FCd0J0Vl9mUl9weWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80NDRjY2MtMmI1Ni00YTVmLTlhM2Et
ZGQ0YjUxNGZjZDA4LzEva0gyVTBvbXJsQXJuaGQ3aW4xWkZIQWFrSUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80NDRjY2MtMmI1Ni00YTVmLTlhM2EtZGQ0YjUxNGZjZDA4
LzEva21Db3htcTl0dVVHZ1FCd0J0Vl9mUl9weWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSLjMA0G
CSqGSIb3DQEBCwUAA4IBAQC1PJjq99biAsCuLr87sjnhUl1xbzw8nTLvbFjwJCPU
O5lZp+d8AqJ0PLRhxahTMtMzUyD+/6TfTei0Oq69L8vwv+jvyubtkQStw8pWPwtx
3vKvn4vDi7ofTN6GHXiMdh5tqyAadvMclpWLRaKf+hTw1qWO4L4qpYoH0ktCWjzg
dmSWAiUo0RsCclg77w2yDaIQvzFjquhwpnr7OJltYBPnT8PsQ52x4rsOk4FGAh/K
nZ/sdiYRyIi9CCXRFfMF/AWRjEW8dCXuZHiIR4Pwe3M+xsIQo0j2qZLhNuvGSf2S
+YnZxcJf7jb/g7jTcUarkUsF8oqd9ULyO4B5LkMKv7HJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:48 2025 by rpki-client