Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/CPmJ3LoCYYmdvlTZ3co7YLEWlSQ.roa
File: CPmJ3LoCYYmdvlTZ3co7YLEWlSQ.roa (raw, json)
Hash identifier: luak2MLz5FNoVzzJyEoStyV7DWzBq/GjFnwGOSxSsJk=
Subject key identifier: 08:F9:89:DC:BA:02:61:89:9D:BE:54:D9:DD:CA:3B:60:B1:16:95:24
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 018BC957D11AB48B9663C2B1514E551095F4
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/CPmJ3LoCYYmdvlTZ3co7YLEWlSQ.roa
Signing time: Mon 13 Nov 2023 15:40:57 +0000
ROA not before: Mon 13 Nov 2023 15:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 193.106.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:57:d1:1a:b4:8b:96:63:c2:b1:51:4e:55:10:95:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Nov 13 15:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08f989dcba0261899dbe54d9ddca3b60b1169524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:81:2a:f0:e9:74:57:0a:aa:da:3d:a2:c2:9c:
25:a7:e0:b2:0f:17:60:30:5a:a3:f7:f3:61:ab:d0:
b4:8a:bc:32:0d:b4:a2:7d:f1:6b:0b:85:83:f4:5e:
05:d7:55:d6:38:dd:2b:78:b2:4d:9d:07:19:78:80:
c0:93:fb:dc:26:07:a9:c7:fa:68:ab:07:31:a8:a2:
db:e8:84:6d:21:54:54:dd:9a:ed:1b:c4:e5:e9:eb:
98:75:e8:76:f0:a0:1f:56:1c:eb:b4:4b:64:52:00:
55:0d:d6:44:38:07:65:a0:22:bd:98:10:3c:bc:7f:
04:c2:43:ef:09:75:34:60:95:29:d3:81:02:8c:62:
f7:d3:70:d3:eb:3c:9a:80:fd:33:b2:ab:44:75:6c:
55:32:d1:38:62:4c:34:eb:6f:6e:db:c0:85:44:2f:
83:74:71:56:cf:76:ea:7d:12:e0:63:68:b7:4a:17:
68:2f:8e:b9:f8:65:51:82:b9:2d:4f:08:7f:8c:c8:
16:6f:3d:0b:e4:f3:3e:4f:a1:db:6d:d6:a8:fc:5f:
10:2b:07:16:67:3e:1a:8c:87:e7:d0:70:44:e7:08:
04:24:cb:3b:68:24:34:d0:a4:bc:16:47:0c:a6:ab:
f2:70:56:84:91:c0:d2:d7:c5:5e:c0:a4:f0:20:93:
d3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F9:89:DC:BA:02:61:89:9D:BE:54:D9:DD:CA:3B:60:B1:16:95:24
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/CPmJ3LoCYYmdvlTZ3co7YLEWlSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.196.0/24
Signature Algorithm: sha256WithRSAEncryption
82:0b:00:a4:2b:57:32:9f:e1:7b:0d:ec:1a:c4:1d:15:26:c2:
0f:a4:eb:73:89:70:ea:ef:9d:4b:73:65:73:bc:92:f1:86:43:
25:91:b5:57:eb:31:ab:97:b0:ba:79:dc:3e:b6:19:68:14:43:
46:4e:0b:2b:ab:9e:c1:2b:cd:e0:32:21:f0:e7:35:7c:2b:2b:
d7:f0:b7:3e:9b:f5:bd:fa:79:1b:43:d2:a6:86:6c:1a:12:f5:
7e:b4:4b:3f:04:d1:6b:8c:b2:9a:a7:91:f3:c9:31:12:e0:41:
e8:bb:5a:bd:3f:65:1b:7d:b9:49:4f:60:ee:f5:a3:82:6e:76:
36:41:89:16:bd:77:44:da:05:0b:be:34:ff:e0:eb:61:c3:6e:
2c:3f:fa:52:89:8d:2e:aa:b7:83:5c:6e:3a:c2:b3:ab:ae:ed:
e8:ec:ef:64:40:ea:da:fc:58:0a:a3:5f:c9:19:09:be:5a:2e:
e6:8c:90:f4:bc:8c:eb:9e:77:5a:8d:a0:d6:72:c2:da:99:59:
d6:1c:2e:9b:46:26:8b:dc:6f:20:ee:dd:ad:be:ae:33:ba:2a:
de:11:72:e6:14:38:b7:a0:97:3f:94:a6:2e:9f:cd:8b:10:b2:
ac:07:98:7d:35:0e:9d:52:f8:63:88:d0:3a:c3:6f:ac:9d:f6:
73:14:7a:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvJV9EatIuWY8KxUU5VEJX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjMxMTEzMTU0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGY5ODlkY2JhMDI2MTg5OWRiZTU0ZDlkZGNhM2I2MGIxMTY5NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoEq8Ol0Vwqq2j2iwpwlp+CyDxdg
MFqj9/Nhq9C0irwyDbSiffFrC4WD9F4F11XWON0reLJNnQcZeIDAk/vcJgepx/po
qwcxqKLb6IRtIVRU3ZrtG8Tl6euYdeh28KAfVhzrtEtkUgBVDdZEOAdloCK9mBA8
vH8EwkPvCXU0YJUp04ECjGL303DT6zyagP0zsqtEdWxVMtE4Ykw0629u28CFRC+D
dHFWz3bqfRLgY2i3ShdoL465+GVRgrktTwh/jMgWbz0L5PM+T6Hbbdao/F8QKwcW
Zz4ajIfn0HBE5wgEJMs7aCQ00KS8FkcMpqvycFaEkcDS18VewKTwIJPTkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAj5idy6AmGJnb5U2d3KO2CxFpUkMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvQ1BtSjNMb0NZWW1kdmxUWjNjbzdZTEVXbFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWrEMA0G
CSqGSIb3DQEBCwUAA4IBAQCCCwCkK1cyn+F7DewaxB0VJsIPpOtziXDq751Lc2Vz
vJLxhkMlkbVX6zGrl7C6edw+thloFENGTgsrq57BK83gMiHw5zV8KyvX8Lc+m/W9
+nkbQ9KmhmwaEvV+tEs/BNFrjLKap5HzyTES4EHou1q9P2UbfblJT2Du9aOCbnY2
QYkWvXdE2gULvjT/4Othw24sP/pSiY0uqreDXG46wrOrru3o7O9kQOra/FgKo1/J
GQm+Wi7mjJD0vIzrnndajaDWcsLamVnWHC6bRiaL3G8g7t2tvq4zuireEXLmFDi3
oJc/lKYun82LELKsB5h9NQ6dUvhjiNA6w2+snfZzFHq7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:38 2025 by rpki-client