Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/cNGDomyul8sEYmGJj525CyN9X3w.roa
File: cNGDomyul8sEYmGJj525CyN9X3w.roa (raw, json)
Hash identifier: V8E+qCNElQMNAcBThCyLjyl2IZYgBeAbmxURO2pigP4=
Subject key identifier: 70:D1:83:A2:6C:AE:97:CB:04:62:61:89:8F:9D:B9:0B:23:7D:5F:7C
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018AB1E921031AAC659A863A808847002763
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/cNGDomyul8sEYmGJj525CyN9X3w.roa
Signing time: Wed 20 Sep 2023 09:26:00 +0000
ROA not before: Wed 20 Sep 2023 09:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45382
IP address blocks: 93.152.210.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:e9:21:03:1a:ac:65:9a:86:3a:80:88:47:00:27:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 20 09:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70d183a26cae97cb046261898f9db90b237d5f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:24:db:43:23:ac:f5:b9:04:f8:92:4d:26:27:
7b:68:82:0c:81:d8:f5:36:ee:6e:ca:b2:0d:ac:ad:
25:c8:70:5c:0e:86:e9:87:8f:16:9b:fb:89:8e:c9:
3b:22:5c:fc:9b:4a:90:64:95:da:d9:25:54:43:2f:
9e:1b:c6:a8:20:7f:19:ee:12:84:65:ba:e6:37:a7:
97:17:59:62:83:8b:d2:58:99:25:86:4b:ec:52:b4:
25:c4:fe:5f:69:f6:e7:a0:94:ac:5b:12:22:5b:1d:
15:09:5b:61:7d:04:06:5b:33:ed:b4:86:31:20:c9:
e2:01:37:47:2f:0a:aa:da:02:4a:a0:c0:99:c0:34:
fb:33:58:72:1e:78:fc:64:b0:73:35:32:83:b6:04:
b0:68:44:20:be:16:41:bd:4d:cd:6d:69:0d:3d:e2:
d2:64:a4:d1:56:03:0b:43:d6:ea:fc:20:6d:67:92:
21:bd:f2:bc:2d:99:f0:e3:1c:d7:42:d5:a3:d3:3b:
14:77:bc:fe:fb:5a:46:91:0b:d0:e4:bf:91:66:b0:
87:dd:37:fd:dc:f2:97:9b:f6:b9:76:26:63:64:67:
3f:9b:73:d5:3a:42:22:d9:9a:ae:fd:5e:49:6e:dd:
2f:a5:a3:85:31:53:5b:13:4c:ac:a9:3f:d1:fe:6a:
44:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D1:83:A2:6C:AE:97:CB:04:62:61:89:8F:9D:B9:0B:23:7D:5F:7C
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/cNGDomyul8sEYmGJj525CyN9X3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.210.0/24
93.152.212.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:16:fe:a8:92:ac:83:24:ce:b3:42:d4:1e:f4:21:76:2e:9c:
fb:26:19:63:00:3a:cb:09:7f:4e:1b:e0:df:98:c8:2e:04:7c:
a1:0b:87:0d:f8:97:02:57:fd:ff:c3:3c:08:d3:f9:44:5a:f7:
7a:1f:2a:ea:74:70:22:a2:31:d6:d0:98:4c:d7:c1:66:e3:dc:
2a:36:7e:90:c1:d3:7d:38:1a:f9:56:b9:07:69:16:fb:35:c4:
21:4d:67:92:98:89:59:b0:77:5c:28:1e:22:5d:be:e5:7e:70:
30:19:38:93:cf:ec:cb:0c:f5:00:72:42:a4:c3:fa:a9:84:eb:
a2:5f:6c:b9:76:d7:5b:68:83:26:51:6a:ae:02:59:25:b3:82:
1c:79:44:7d:0a:f4:74:8e:4e:4e:7b:31:dd:a8:1a:91:e7:57:
2e:9e:65:78:57:9f:37:00:37:18:10:bf:00:e2:46:eb:2c:41:
a4:34:d7:ed:83:16:6e:e8:c5:53:f6:f8:fa:27:08:9e:62:55:
17:80:92:e8:d0:2f:87:23:2b:bb:d4:87:c3:d7:f2:b4:67:a1:
d2:bc:30:a4:21:63:c3:46:07:21:63:ae:f6:67:ab:ee:0a:bb:
a5:fc:9c:69:b6:02:ce:74:86:37:ab:42:74:ac:69:45:52:6a:
77:24:33:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqx6SEDGqxlmoY6gIhHACdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwOTIwMDkyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQxODNhMjZjYWU5N2NiMDQ2MjYxODk4ZjlkYjkwYjIzN2Q1ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iTbQyOs9bkE+JJNJid7aIIMgdj1
Nu5uyrINrK0lyHBcDobph48Wm/uJjsk7Ilz8m0qQZJXa2SVUQy+eG8aoIH8Z7hKE
ZbrmN6eXF1lig4vSWJklhkvsUrQlxP5fafbnoJSsWxIiWx0VCVthfQQGWzPttIYx
IMniATdHLwqq2gJKoMCZwDT7M1hyHnj8ZLBzNTKDtgSwaEQgvhZBvU3NbWkNPeLS
ZKTRVgMLQ9bq/CBtZ5IhvfK8LZnw4xzXQtWj0zsUd7z++1pGkQvQ5L+RZrCH3Tf9
3PKXm/a5diZjZGc/m3PVOkIi2Zqu/V5Jbt0vpaOFMVNbE0ysqT/R/mpE4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHDRg6JsrpfLBGJhiY+duQsjfV98MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvY05HRG9teXVsOHNFWW1HSmo1MjVDeU45WDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXZjSAwQA
XZjUMA0GCSqGSIb3DQEBCwUAA4IBAQBPFv6okqyDJM6zQtQe9CF2Lpz7JhljADrL
CX9OG+DfmMguBHyhC4cN+JcCV/3/wzwI0/lEWvd6HyrqdHAiojHW0JhM18Fm49wq
Nn6QwdN9OBr5VrkHaRb7NcQhTWeSmIlZsHdcKB4iXb7lfnAwGTiTz+zLDPUAckKk
w/qphOuiX2y5dtdbaIMmUWquAlkls4IceUR9CvR0jk5OezHdqBqR51cunmV4V583
ADcYEL8A4kbrLEGkNNftgxZu6MVT9vj6JwieYlUXgJLo0C+HIyu71IfD1/K0Z6HS
vDCkIWPDRgchY672Z6vuCrul/JxptgLOdIY3q0J0rGlFUmp3JDNC
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:34:18 2025 by rpki-client