Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/51d445-f070-4ca9-a02b-2e1f9be95573/1/TQmFq3lLbwytNpy59wpyX2Xxy3o.roa
File: TQmFq3lLbwytNpy59wpyX2Xxy3o.roa (raw, json)
Hash identifier: NY1JbhqQAxYTbLLFmpNgRm3rxin3vdf5+3fbOPGoeMg=
Subject key identifier: 4D:09:85:AB:79:4B:6F:0C:AD:36:9C:B9:F7:0A:72:5F:65:F1:CB:7A
Certificate issuer: /CN=d32d1eb0ec8ef5a230457a9702e7aa396858180c
Certificate serial: 01856271C59D25858BA184E9D4A42CB43515
Authority key identifier: D3:2D:1E:B0:EC:8E:F5:A2:30:45:7A:97:02:E7:AA:39:68:58:18:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0y0esOyO9aIwRXqXAueqOWhYGAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/51d445-f070-4ca9-a02b-2e1f9be95573/1/TQmFq3lLbwytNpy59wpyX2Xxy3o.roa
Signing time: Fri 30 Dec 2022 09:51:41 +0000
ROA not before: Fri 30 Dec 2022 09:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201099
IP address blocks: 193.111.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:71:c5:9d:25:85:8b:a1:84:e9:d4:a4:2c:b4:35:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d32d1eb0ec8ef5a230457a9702e7aa396858180c
Validity
Not Before: Dec 30 09:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d0985ab794b6f0cad369cb9f70a725f65f1cb7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e9:2b:48:2e:51:65:5b:8b:67:57:fc:9c:99:
db:6c:6c:fa:90:89:64:a1:a7:9f:0e:65:b3:f0:c8:
d7:03:2e:d7:a7:57:ed:22:30:09:55:0c:fe:3c:a0:
2a:5a:86:e5:3a:68:70:1f:04:6d:97:24:33:64:f2:
f0:87:6d:fc:6d:17:55:a7:47:61:27:65:24:c3:ed:
73:85:a8:68:35:bd:af:22:d4:a3:ae:64:59:e5:3a:
38:13:23:cd:cd:64:d3:b7:8b:05:22:e5:34:59:a5:
94:ac:47:76:85:dd:06:0b:00:ea:ee:38:07:38:2e:
09:0e:aa:d0:16:24:1a:9a:26:85:3c:7e:73:27:06:
43:8c:c5:2b:c1:a3:9f:3d:4d:8f:80:67:6a:6e:b5:
54:2f:ba:0f:69:01:26:19:6d:76:99:5f:eb:84:e3:
54:5d:e4:39:1a:2e:e3:2e:25:3e:50:e3:dc:a6:fe:
c6:9d:fb:dc:fd:8f:f0:56:5c:47:a9:b4:e1:25:4a:
8e:3a:c3:90:35:c3:01:e2:37:5f:bb:26:fd:d1:2a:
b0:9e:62:7a:6e:aa:4d:0a:89:a7:74:a8:fc:97:b5:
6d:6e:72:61:c1:8d:d2:61:13:f4:51:5c:88:3a:44:
ca:47:73:91:be:6e:a7:4f:56:99:8a:03:34:5a:d1:
2d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:09:85:AB:79:4B:6F:0C:AD:36:9C:B9:F7:0A:72:5F:65:F1:CB:7A
X509v3 Authority Key Identifier:
keyid:D3:2D:1E:B0:EC:8E:F5:A2:30:45:7A:97:02:E7:AA:39:68:58:18:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0y0esOyO9aIwRXqXAueqOWhYGAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/51d445-f070-4ca9-a02b-2e1f9be95573/1/TQmFq3lLbwytNpy59wpyX2Xxy3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/51d445-f070-4ca9-a02b-2e1f9be95573/1/0y0esOyO9aIwRXqXAueqOWhYGAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.66.0/23
Signature Algorithm: sha256WithRSAEncryption
45:5d:a0:e6:16:57:9f:62:f7:22:74:d6:88:f6:81:28:0e:2d:
5a:ff:6f:ba:59:1d:ad:ef:06:66:d3:16:00:2e:12:8f:7f:cc:
05:73:ea:31:9d:eb:3f:b6:5f:94:80:40:36:9c:93:53:f9:07:
22:04:15:bc:62:cc:f8:97:ec:53:8a:be:fa:39:d7:e6:ed:1b:
84:9e:5c:52:ed:8b:d2:ee:19:ca:11:cb:b4:99:1a:d1:35:0f:
38:b6:91:5c:e7:cf:83:b7:22:bf:4a:0b:23:6c:db:2a:c8:ae:
f9:1a:8c:3d:5a:56:d2:e4:75:89:2a:ac:e3:48:39:08:4a:84:
c4:c1:d2:96:06:5f:eb:5a:58:c2:fc:b7:44:b4:cf:c6:cf:0e:
61:54:d7:19:65:53:52:f9:b5:4e:65:9d:ce:05:fb:f7:fb:7b:
77:69:66:16:bd:3e:02:95:93:ce:c6:9b:4e:72:31:e2:33:00:
cb:57:04:62:e9:a2:64:c6:78:9c:be:3e:50:20:e2:3c:cd:99:
fe:32:5a:1b:2f:77:3e:c8:a8:d4:1a:aa:05:6b:16:50:d8:b7:
55:18:09:dc:b9:8a:c3:93:e5:88:22:c5:48:54:88:9d:9d:bd:
99:23:08:93:dd:c7:4f:f4:fd:b9:4e:2f:ab:f6:56:93:84:96:
b0:99:00:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYViccWdJYWLoYTp1KQstDUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMmQxZWIwZWM4ZWY1YTIzMDQ1N2E5NzAyZTdhYTM5Njg1
ODE4MGMwHhcNMjIxMjMwMDk1MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA5ODVhYjc5NGI2ZjBjYWQzNjljYjlmNzBhNzI1ZjY1ZjFjYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwekrSC5RZVuLZ1f8nJnbbGz6kIlk
oaefDmWz8MjXAy7Xp1ftIjAJVQz+PKAqWoblOmhwHwRtlyQzZPLwh238bRdVp0dh
J2Ukw+1zhahoNb2vItSjrmRZ5To4EyPNzWTTt4sFIuU0WaWUrEd2hd0GCwDq7jgH
OC4JDqrQFiQamiaFPH5zJwZDjMUrwaOfPU2PgGdqbrVUL7oPaQEmGW12mV/rhONU
XeQ5Gi7jLiU+UOPcpv7Gnfvc/Y/wVlxHqbThJUqOOsOQNcMB4jdfuyb90SqwnmJ6
bqpNComndKj8l7VtbnJhwY3SYRP0UVyIOkTKR3ORvm6nT1aZigM0WtEt6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0Jhat5S28MrTacufcKcl9l8ct6MB8GA1UdIwQY
MBaAFNMtHrDsjvWiMEV6lwLnqjloWBgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHkwZXNPeU85YUl3UlhxWEF1ZXFPV2hZR0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81MWQ0NDUtZjA3MC00Y2E5LWEwMmIt
MmUxZjliZTk1NTczLzEvVFFtRnEzbExid3l0TnB5NTl3cHlYMlh4eTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81MWQ0NDUtZjA3MC00Y2E5LWEwMmItMmUxZjliZTk1NTcz
LzEvMHkwZXNPeU85YUl3UlhxWEF1ZXFPV2hZR0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwW9CMA0G
CSqGSIb3DQEBCwUAA4IBAQBFXaDmFlefYvcidNaI9oEoDi1a/2+6WR2t7wZm0xYA
LhKPf8wFc+oxnes/tl+UgEA2nJNT+QciBBW8Ysz4l+xTir76Odfm7RuEnlxS7YvS
7hnKEcu0mRrRNQ84tpFc58+DtyK/SgsjbNsqyK75Gow9WlbS5HWJKqzjSDkISoTE
wdKWBl/rWljC/LdEtM/Gzw5hVNcZZVNS+bVOZZ3OBfv3+3t3aWYWvT4ClZPOxptO
cjHiMwDLVwRi6aJkxnicvj5QIOI8zZn+MlobL3c+yKjUGqoFaxZQ2LdVGAncuYrD
k+WIIsVIVIidnb2ZIwiT3cdP9P25Ti+r9laThJawmQCq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:59 2025 by rpki-client