Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e1849f-24a6-4f92-8063-626fc0403ac9/1/PnO9AwwY06_WFW_i0XLbPzYhM_U.roa
File: PnO9AwwY06_WFW_i0XLbPzYhM_U.roa (raw, json)
Hash identifier: QBttzEGSIWs0+h3MDSYzRmip2yC2UoqWt9oEFONozwE=
Subject key identifier: 3E:73:BD:03:0C:18:D3:AF:D6:15:6F:E2:D1:72:DB:3F:36:21:33:F5
Certificate issuer: /CN=82c78627794e87ff9718db1b0df7eee2edb33595
Certificate serial: 02F69435
Authority key identifier: 82:C7:86:27:79:4E:87:FF:97:18:DB:1B:0D:F7:EE:E2:ED:B3:35:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gseGJ3lOh_-XGNsbDffu4u2zNZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e1849f-24a6-4f92-8063-626fc0403ac9/1/PnO9AwwY06_WFW_i0XLbPzYhM_U.roa
Signing time: Sat 01 Jan 2022 15:59:11 +0000
ROA not before: Sat 01 Jan 2022 15:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 193.8.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49714229 (0x2f69435)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82c78627794e87ff9718db1b0df7eee2edb33595
Validity
Not Before: Jan 1 15:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e73bd030c18d3afd6156fe2d172db3f362133f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:66:20:b1:07:6d:da:50:b9:f6:19:4e:3b:
8f:af:bd:1e:86:af:81:a6:50:f9:69:34:4f:18:79:
f5:34:bb:a9:27:59:10:94:b5:cb:92:d0:ea:7a:3d:
ec:87:31:08:02:94:34:ec:1e:50:5d:fc:c9:d0:06:
77:b1:f7:87:0b:76:4a:b3:06:a8:5d:18:0c:09:8c:
30:cd:d8:aa:d6:93:67:dd:8c:2c:35:dc:b3:23:ee:
62:8b:b7:f8:86:a1:9f:78:6c:ef:39:a4:78:6e:67:
97:b9:39:01:86:c4:14:96:61:1b:92:cd:fb:2a:12:
57:0b:b7:d7:83:d7:8d:ab:6f:61:c2:c6:70:8d:6d:
e2:10:06:2e:29:a2:3d:01:46:11:71:a1:1a:9d:dc:
75:42:3a:af:f4:f5:31:f5:24:b4:9b:91:b0:7b:80:
77:2c:d5:3f:ee:68:20:19:86:ff:92:ce:f1:89:82:
6a:5f:a4:10:0b:88:cb:2a:5c:6a:25:16:a2:a4:d5:
08:b7:80:91:06:a7:bb:91:e6:df:75:e0:a7:92:8d:
75:79:1a:84:d0:51:24:27:88:cf:60:6f:00:05:94:
4e:7e:86:ee:c5:93:71:c6:ae:5c:0b:37:24:04:b4:
bf:3d:bc:3d:19:15:ca:ca:e7:6a:e6:44:39:06:78:
f5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:73:BD:03:0C:18:D3:AF:D6:15:6F:E2:D1:72:DB:3F:36:21:33:F5
X509v3 Authority Key Identifier:
keyid:82:C7:86:27:79:4E:87:FF:97:18:DB:1B:0D:F7:EE:E2:ED:B3:35:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gseGJ3lOh_-XGNsbDffu4u2zNZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e1849f-24a6-4f92-8063-626fc0403ac9/1/PnO9AwwY06_WFW_i0XLbPzYhM_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e1849f-24a6-4f92-8063-626fc0403ac9/1/gseGJ3lOh_-XGNsbDffu4u2zNZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.145.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:9b:2c:85:74:1b:c0:54:3f:38:03:3b:d2:cf:b9:05:2f:bd:
4b:97:91:c1:60:2d:bd:cf:79:f8:82:be:1b:02:a7:15:ad:94:
80:0f:83:c7:41:d6:9f:e4:6b:22:21:d4:36:a9:88:97:e0:a8:
76:63:be:74:de:8f:d3:84:3f:8c:14:84:d7:38:65:2d:47:e5:
9a:ea:83:e5:64:9e:fa:5f:ec:3b:ea:4d:6c:c2:43:fe:9c:f0:
2d:47:a0:e9:cd:80:d9:c8:5d:03:ad:48:5a:d3:b4:dc:21:73:
98:2a:94:1d:ee:59:d5:e8:30:18:50:f7:25:4c:23:0a:30:27:
2c:c9:98:13:4e:05:d6:4f:c5:5e:40:e5:84:58:9b:2d:61:7b:
1e:e1:c2:3a:18:d1:a3:d5:44:35:08:08:99:20:58:fe:65:9e:
3d:7d:0d:25:07:40:0e:4b:0b:ed:b6:2f:ba:c4:e7:38:a4:1b:
a4:1b:01:06:7d:9d:c4:4a:ec:b5:5c:b9:20:57:f2:05:72:d4:
13:52:10:4d:b6:df:83:ac:56:cf:e5:a5:65:48:6f:3f:69:ac:
8a:4f:13:ad:81:fc:67:11:ea:71:e0:09:91:d0:11:f2:bf:28:
6e:8b:f2:37:d1:95:55:27:91:31:88:f4:69:47:f8:49:6c:46:
32:1c:ab:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvaUNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MmM3ODYyNzc5NGU4N2ZmOTcxOGRiMWIwZGY3ZWVlMmVkYjMzNTk1MB4XDTIyMDEw
MTE1NTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U3M2JkMDMwYzE4
ZDNhZmQ2MTU2ZmUyZDE3MmRiM2YzNjIxMzNmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpFZiCxB23aULn2GU47j6+9HoavgaZQ+Wk0Txh59TS7qSdZ
EJS1y5LQ6no97IcxCAKUNOweUF38ydAGd7H3hwt2SrMGqF0YDAmMMM3YqtaTZ92M
LDXcsyPuYou3+Iahn3hs7zmkeG5nl7k5AYbEFJZhG5LN+yoSVwu314PXjatvYcLG
cI1t4hAGLimiPQFGEXGhGp3cdUI6r/T1MfUktJuRsHuAdyzVP+5oIBmG/5LO8YmC
al+kEAuIyypcaiUWoqTVCLeAkQanu5Hm33Xgp5KNdXkahNBRJCeIz2BvAAWUTn6G
7sWTccauXAs3JAS0vz28PRkVysrnauZEOQZ49YkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+c70DDBjTr9YVb+LRcts/NiEz9TAfBgNVHSMEGDAWgBSCx4YneU6H/5cY
2xsN9+7i7bM1lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dzZUdKM2xPaF8tWEdOc2JEZmZ1NHUyek5aVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvZTE4NDlmLTI0YTYtNGY5Mi04MDYzLTYyNmZjMDQwM2FjOS8x
L1BuTzlBd3dZMDZfV0ZXX2kwWExiUHpZaE1fVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ZTE4NDlmLTI0YTYtNGY5Mi04MDYzLTYyNmZjMDQwM2FjOS8xL2dzZUdKM2xPaF8t
WEdOc2JEZmZ1NHUyek5aVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEIkTANBgkqhkiG9w0BAQsFAAOC
AQEAa5sshXQbwFQ/OAM70s+5BS+9S5eRwWAtvc95+IK+GwKnFa2UgA+Dx0HWn+Rr
IiHUNqmIl+CodmO+dN6P04Q/jBSE1zhlLUflmuqD5WSe+l/sO+pNbMJD/pzwLUeg
6c2A2chdA61IWtO03CFzmCqUHe5Z1egwGFD3JUwjCjAnLMmYE04F1k/FXkDlhFib
LWF7HuHCOhjRo9VENQgImSBY/mWePX0NJQdADksL7bYvusTnOKQbpBsBBn2dxErs
tVy5IFfyBXLUE1IQTbbfg6xWz+WlZUhvP2msik8TrYH8ZxHqceAJkdAR8r8obovy
N9GVVSeRMYj0aUf4SWxGMhyrzw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:57 2025 by rpki-client