Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/ac214b-3772-4810-9206-b92b094f3a3c/1/3v5etOanP1NXXOl1DfyOHYp42_Y.roa
File: 3v5etOanP1NXXOl1DfyOHYp42_Y.roa (raw, json)
Hash identifier: gD83c/eoWZ9A4dg98S9ziZnY9wTlkv3h7ZtFwksHRtA=
Subject key identifier: DE:FE:5E:B4:E6:A7:3F:53:57:5C:E9:75:0D:FC:8E:1D:8A:78:DB:F6
Certificate issuer: /CN=3651cea5ace77f4d7f4dd282f10ab9cb0ee4d1ec
Certificate serial: 023E2291
Authority key identifier: 36:51:CE:A5:AC:E7:7F:4D:7F:4D:D2:82:F1:0A:B9:CB:0E:E4:D1:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NlHOpaznf01_TdKC8Qq5yw7k0ew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/ac214b-3772-4810-9206-b92b094f3a3c/1/3v5etOanP1NXXOl1DfyOHYp42_Y.roa
Signing time: Sat 01 Jan 2022 09:00:33 +0000
ROA not before: Sat 01 Jan 2022 09:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 193.163.186.0/24 maxlen: 24
2a10:f540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37626513 (0x23e2291)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3651cea5ace77f4d7f4dd282f10ab9cb0ee4d1ec
Validity
Not Before: Jan 1 09:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=defe5eb4e6a73f53575ce9750dfc8e1d8a78dbf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e0:d9:26:c2:d6:c3:6d:dd:c0:4e:a7:73:a9:
7b:6b:6b:9f:d4:c2:2c:69:a7:c9:fe:b1:8f:ea:c3:
48:28:60:96:c5:99:c0:cd:6c:49:5b:fd:0e:d3:c7:
30:d4:6c:a7:58:6d:f3:c4:50:78:be:6b:c0:d5:a2:
a7:9c:13:44:24:d4:9a:9f:68:68:93:b0:c6:d0:95:
1f:c8:a8:f5:e5:01:c3:cb:de:7d:c9:09:8a:47:35:
82:83:2f:4e:7c:fd:0b:74:d8:b2:bb:56:d3:8d:d7:
e9:93:5a:21:65:6f:72:db:c1:f4:3f:7e:13:3f:fb:
fc:8e:44:e3:54:ba:f1:61:03:a2:a8:18:86:36:00:
41:39:e8:31:01:6b:be:4e:6a:f2:86:58:0b:fc:f6:
86:e3:2a:5f:b3:76:79:14:ab:6f:2c:15:2d:ba:f4:
f9:6b:41:54:b4:47:32:41:3e:4a:25:00:70:8f:f5:
78:09:17:cc:ba:56:be:02:2d:0a:d6:66:35:51:6d:
25:1c:f9:24:69:d6:87:6a:e1:1a:2e:7d:b5:05:fb:
e5:74:fe:73:74:c9:39:2f:76:e3:50:02:76:3a:56:
cf:a2:94:92:99:bc:f3:33:cb:86:58:32:12:bb:09:
57:aa:49:3f:0f:70:3c:4c:78:76:25:fb:b5:08:b7:
1f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FE:5E:B4:E6:A7:3F:53:57:5C:E9:75:0D:FC:8E:1D:8A:78:DB:F6
X509v3 Authority Key Identifier:
keyid:36:51:CE:A5:AC:E7:7F:4D:7F:4D:D2:82:F1:0A:B9:CB:0E:E4:D1:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NlHOpaznf01_TdKC8Qq5yw7k0ew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/ac214b-3772-4810-9206-b92b094f3a3c/1/3v5etOanP1NXXOl1DfyOHYp42_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/ac214b-3772-4810-9206-b92b094f3a3c/1/NlHOpaznf01_TdKC8Qq5yw7k0ew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.186.0/24
IPv6:
2a10:f540::/29
Signature Algorithm: sha256WithRSAEncryption
69:8b:0f:e7:cd:23:a5:5b:f1:99:ca:c8:cf:32:7c:e7:58:d0:
ff:1c:17:eb:49:8a:f7:66:b5:93:f3:7b:a0:59:68:a6:8a:df:
d9:9d:14:55:c7:51:92:0a:7c:46:b9:7e:07:5d:e2:50:93:99:
c1:6f:d7:a3:83:ab:c7:61:0d:ab:bf:10:a4:56:41:74:12:b5:
d5:9b:d7:3a:fe:bd:e1:af:1e:a3:c0:e2:13:e1:ee:8e:34:b6:
97:a8:8e:e3:d3:51:b5:28:a1:3b:0d:06:4b:b6:4a:59:9d:f1:
38:84:a5:14:26:28:78:e7:c3:25:4d:c7:32:5b:06:2c:04:9d:
ce:8a:fd:a6:99:4d:7f:5a:76:71:26:50:95:66:91:b9:dc:61:
88:a1:67:c8:7c:fb:ee:6c:5f:d7:07:7c:00:d7:0f:90:57:8c:
22:ac:19:36:0b:2a:6a:8b:0b:e5:65:05:03:72:2f:83:6d:7a:
ba:d0:cb:7d:5e:cf:89:c7:6d:15:15:7c:aa:b7:fb:c3:f9:2b:
8c:1a:ff:80:63:54:e5:93:24:89:55:a9:a8:7e:29:a9:8c:2b:
59:58:66:d2:ef:70:fb:0d:01:42:a7:ba:03:8e:c8:00:17:f1:
ee:0e:4e:3c:e2:4c:12:ab:9c:ac:3b:ab:1e:f3:72:f9:cb:d9:
d6:ad:fe:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAj4ikTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjUxY2VhNWFjZTc3ZjRkN2Y0ZGQyODJmMTBhYjljYjBlZTRkMWVjMB4XDTIyMDEw
MTA5MDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVmZTVlYjRlNmE3
M2Y1MzU3NWNlOTc1MGRmYzhlMWQ4YTc4ZGJmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXg2SbC1sNt3cBOp3Ope2trn9TCLGmnyf6xj+rDSChglsWZ
wM1sSVv9DtPHMNRsp1ht88RQeL5rwNWip5wTRCTUmp9oaJOwxtCVH8io9eUBw8ve
fckJikc1goMvTnz9C3TYsrtW043X6ZNaIWVvctvB9D9+Ez/7/I5E41S68WEDoqgY
hjYAQTnoMQFrvk5q8oZYC/z2huMqX7N2eRSrbywVLbr0+WtBVLRHMkE+SiUAcI/1
eAkXzLpWvgItCtZmNVFtJRz5JGnWh2rhGi59tQX75XT+c3TJOS9241ACdjpWz6KU
kpm88zPLhlgyErsJV6pJPw9wPEx4diX7tQi3H3cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTe/l605qc/U1dc6XUN/I4dinjb9jAfBgNVHSMEGDAWgBQ2Uc6lrOd/TX9N
0oLxCrnLDuTR7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05sSE9wYXpuZjAxX1RkS0M4UXE1eXc3azBldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvYWMyMTRiLTM3NzItNDgxMC05MjA2LWI5MmIwOTRmM2EzYy8x
LzN2NWV0T2FuUDFOWFhPbDFEZnlPSFlwNDJfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
YWMyMTRiLTM3NzItNDgxMC05MjA2LWI5MmIwOTRmM2EzYy8xL05sSE9wYXpuZjAx
X1RkS0M4UXE1eXc3azBldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMGjujANBAIAAjAHAwUDKhD1QDAN
BgkqhkiG9w0BAQsFAAOCAQEAaYsP580jpVvxmcrIzzJ851jQ/xwX60mK92a1k/N7
oFloporf2Z0UVcdRkgp8Rrl+B13iUJOZwW/Xo4Orx2ENq78QpFZBdBK11ZvXOv69
4a8eo8DiE+HujjS2l6iO49NRtSihOw0GS7ZKWZ3xOISlFCYoeOfDJU3HMlsGLASd
zor9pplNf1p2cSZQlWaRudxhiKFnyHz77mxf1wd8ANcPkFeMIqwZNgsqaosL5WUF
A3Ivg216utDLfV7PicdtFRV8qrf7w/krjBr/gGNU5ZMkiVWpqH4pqYwrWVhm0u9w
+w0BQqe6A47IABfx7g5OPOJMEqucrDurHvNy+cvZ1q3+tQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:12 2025 by rpki-client