Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/QmdnuX6pskSqJmC6TT_Ng6rjEjY.roa
File: QmdnuX6pskSqJmC6TT_Ng6rjEjY.roa (raw, json)
Hash identifier: GNihx3lqU4x5uMFCh/FTyHYFOCKN0Q98Zn5omPwmJms=
Subject key identifier: 42:67:67:B9:7E:A9:B2:44:AA:26:60:BA:4D:3F:CD:83:AA:E3:12:36
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 0184E6957758ACE4E9BBE5AEB623C493B1B0
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/QmdnuX6pskSqJmC6TT_Ng6rjEjY.roa
Signing time: Tue 06 Dec 2022 08:37:45 +0000
ROA not before: Tue 06 Dec 2022 08:37:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203865
IP address blocks: 93.94.0.0/23 maxlen: 23
93.94.2.0/24 maxlen: 24
2a03:1e02::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:95:77:58:ac:e4:e9:bb:e5:ae:b6:23:c4:93:b1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Dec 6 08:37:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=426767b97ea9b244aa2660ba4d3fcd83aae31236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f7:54:aa:e7:68:a8:17:d5:53:52:da:d3:cf:
96:06:3f:e0:a1:f5:f5:92:9d:57:d2:84:aa:52:08:
c1:2e:29:d0:2d:ca:d4:fb:17:4d:f9:7c:11:12:77:
87:14:d1:37:3c:fd:9f:a3:09:ad:ab:10:90:fc:d8:
b7:b3:2d:f8:1a:b7:55:0f:69:67:4f:38:cd:50:40:
c0:5f:7c:6b:db:ce:d0:32:2f:8c:11:ea:36:90:35:
f9:b1:04:5b:50:2d:02:be:e7:ac:f7:44:97:bf:7c:
47:f9:7d:33:ef:3b:16:7d:95:ab:04:02:96:de:d7:
e7:9c:0b:83:72:a5:18:f0:17:1b:6a:c7:f2:5e:aa:
5d:9c:37:7b:bd:d0:9d:4d:c7:b6:c2:78:d6:02:2f:
44:d8:de:5c:f2:90:9c:ee:1e:71:49:7f:ed:13:c8:
9e:ed:84:61:8e:54:46:a2:67:c7:5a:2a:67:8d:e5:
a3:34:9d:c7:72:a2:15:dc:61:44:d6:bc:d5:b2:28:
df:06:25:f9:cb:98:ef:a9:e8:82:c1:7b:02:e3:95:
9c:ff:2a:a1:ff:6d:cc:d4:b3:51:72:35:ed:e3:3b:
75:8e:3c:89:fa:78:13:09:a9:17:5c:ef:55:9c:37:
bc:e5:cb:8b:bb:f7:e2:58:7a:c0:74:e0:d6:38:15:
12:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:67:67:B9:7E:A9:B2:44:AA:26:60:BA:4D:3F:CD:83:AA:E3:12:36
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/QmdnuX6pskSqJmC6TT_Ng6rjEjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.0.0-93.94.2.255
IPv6:
2a03:1e02::/32
Signature Algorithm: sha256WithRSAEncryption
8c:47:ec:50:ae:83:3d:b4:45:ca:1e:60:ef:24:96:8a:e4:2b:
fc:c7:e5:53:36:77:fe:7b:88:5d:1a:75:80:56:f8:53:2e:bf:
9f:99:3a:ff:65:e0:28:52:df:4c:03:13:cc:ab:44:0f:91:64:
c3:e4:07:fb:23:e5:de:c3:4a:a1:d7:1e:6c:7c:3d:cf:ba:c4:
b7:b3:85:6d:b8:48:78:f4:0b:eb:d5:b8:4c:23:e2:ab:92:08:
88:35:11:11:eb:63:08:dd:bb:cc:af:ac:11:5d:ab:95:a3:e8:
7a:34:89:38:6f:41:a0:7a:c3:d7:b0:a8:1e:f2:f2:5e:90:0d:
98:76:c9:19:ed:bc:ea:87:cb:bf:ab:3a:96:e3:bb:27:12:82:
ed:fd:ac:be:2f:1a:9a:00:53:d5:37:67:30:28:f2:d2:8f:81:
86:c3:f1:76:bf:65:af:42:2c:47:d2:2f:d7:13:05:6e:f3:6f:
09:4b:e9:67:74:fe:99:fb:6f:86:3b:6d:8f:41:9b:34:ce:85:
7a:b6:8d:f1:03:08:5a:1b:4c:11:45:2c:a4:f3:92:5d:29:ba:
90:af:55:de:13:d9:82:b3:c9:0f:61:c7:bc:82:4a:df:c7:7e:
71:e1:7b:be:33:fd:a4:03:88:c2:b1:e8:c6:57:da:4b:e2:ea:
a2:2f:8b:7b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYTmlXdYrOTpu+WutiPEk7GwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjIxMjA2MDgzNzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY3NjdiOTdlYTliMjQ0YWEyNjYwYmE0ZDNmY2Q4M2FhZTMxMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PdUqudoqBfVU1La08+WBj/gofX1
kp1X0oSqUgjBLinQLcrU+xdN+XwREneHFNE3PP2fowmtqxCQ/Ni3sy34GrdVD2ln
TzjNUEDAX3xr287QMi+MEeo2kDX5sQRbUC0Cvues90SXv3xH+X0z7zsWfZWrBAKW
3tfnnAuDcqUY8BcbasfyXqpdnDd7vdCdTce2wnjWAi9E2N5c8pCc7h5xSX/tE8ie
7YRhjlRGomfHWipnjeWjNJ3HcqIV3GFE1rzVsijfBiX5y5jvqeiCwXsC45Wc/yqh
/23M1LNRcjXt4zt1jjyJ+ngTCakXXO9VnDe85cuLu/fiWHrAdODWOBUSWQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEJnZ7l+qbJEqiZguk0/zYOq4xI2MB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvUW1kbnVYNnBza1NxSm1DNlRUX05nNnJqRWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwFdXgME
AF1eAjANBAIAAjAHAwUAKgMeAjANBgkqhkiG9w0BAQsFAAOCAQEAjEfsUK6DPbRF
yh5g7ySWiuQr/MflUzZ3/nuIXRp1gFb4Uy6/n5k6/2XgKFLfTAMTzKtED5Fkw+QH
+yPl3sNKodcebHw9z7rEt7OFbbhIePQL69W4TCPiq5IIiDUREetjCN27zK+sEV2r
laPoejSJOG9BoHrD17CoHvLyXpANmHbJGe286ofLv6s6luO7JxKC7f2svi8amgBT
1TdnMCjy0o+BhsPxdr9lr0IsR9Iv1xMFbvNvCUvpZ3T+mftvhjttj0GbNM6FeraN
8QMIWhtMEUUspPOSXSm6kK9V3hPZgrPJD2HHvIJK38d+ceF7vjP9pAOIwrHoxlfa
S+Lqoi+Lew==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-fra.rpki-client.org