Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/rvMdvq8WUgzr5iIhThM9YpYALSs.roa
File: rvMdvq8WUgzr5iIhThM9YpYALSs.roa (raw, json)
Hash identifier: Np0FvzCi8yYJbf4WTcT6eBjdoKcwd8k8Ofxj1rnvUMs=
Subject key identifier: AE:F3:1D:BE:AF:16:52:0C:EB:E6:22:21:4E:13:3D:62:96:00:2D:2B
Certificate issuer: /CN=40c3d37be435a9c33f1c63e50d0d6464ed161004
Certificate serial: 018572C377DE9B4C28CC26164988C5FA7558
Authority key identifier: 40:C3:D3:7B:E4:35:A9:C3:3F:1C:63:E5:0D:0D:64:64:ED:16:10:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/rvMdvq8WUgzr5iIhThM9YpYALSs.roa
Signing time: Mon 02 Jan 2023 13:54:50 +0000
ROA not before: Mon 02 Jan 2023 13:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20712
IP address blocks: 193.239.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:77:de:9b:4c:28:cc:26:16:49:88:c5:fa:75:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40c3d37be435a9c33f1c63e50d0d6464ed161004
Validity
Not Before: Jan 2 13:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aef31dbeaf16520cebe622214e133d6296002d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ce:e4:8d:c4:99:b5:6d:00:fd:c6:f4:17:84:
9f:ee:87:34:01:d6:78:34:43:63:d7:27:fd:49:11:
84:f9:ce:f9:42:ee:12:fc:07:96:df:d5:b0:82:c8:
6b:36:05:a2:e0:1c:f4:5a:07:a6:e7:77:56:0c:b5:
84:11:ce:0d:88:b4:41:32:bc:61:09:0c:db:c4:ad:
0c:d1:70:ce:cc:b4:1b:f0:13:d4:38:97:e3:f0:f8:
0c:3a:62:71:4c:5d:3d:2a:51:17:f7:39:ff:2b:17:
36:d7:9a:e5:f0:09:69:77:fe:2e:7f:7a:79:08:7b:
af:78:57:3d:92:25:2f:50:6d:9e:db:ce:40:0f:8e:
4b:46:0c:96:74:ba:bd:f5:73:d5:1e:cf:86:ed:29:
cc:7e:3a:a4:b0:fa:03:c9:c4:ec:7d:65:ea:02:33:
c5:e8:66:25:7d:b2:9c:72:99:79:3f:b5:bb:5d:65:
3b:89:52:da:29:15:ff:68:0f:33:78:ff:19:f9:27:
8e:73:13:c6:bd:09:34:f2:71:a4:c8:4e:48:db:df:
a7:2a:ac:ed:96:6f:7f:37:08:d1:f9:78:a7:eb:fa:
69:7f:95:4d:4e:be:90:e7:f1:08:40:2b:27:3e:db:
cf:b3:1a:eb:0b:fd:5a:1a:ed:bc:79:cd:24:f1:ed:
79:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F3:1D:BE:AF:16:52:0C:EB:E6:22:21:4E:13:3D:62:96:00:2D:2B
X509v3 Authority Key Identifier:
keyid:40:C3:D3:7B:E4:35:A9:C3:3F:1C:63:E5:0D:0D:64:64:ED:16:10:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/rvMdvq8WUgzr5iIhThM9YpYALSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.174.0/23
Signature Algorithm: sha256WithRSAEncryption
42:df:a5:17:5c:be:04:f9:0e:df:5e:5e:4d:42:8a:56:5d:fa:
44:aa:4f:2b:b9:0a:07:28:35:38:c3:61:f6:fa:0f:65:99:e1:
2d:28:f8:9b:07:0e:44:02:19:b0:2e:f4:54:4e:ae:eb:44:f5:
ee:f6:1e:17:26:04:cf:01:14:d8:5e:b6:89:2d:62:88:55:f1:
65:7c:bc:0d:80:3a:08:cf:bf:b5:d5:41:ee:98:ac:44:ec:9a:
2c:44:00:f0:b0:d7:e4:94:33:bf:49:49:57:13:dc:96:fd:23:
8e:36:7a:6f:6e:f9:b8:a9:f8:45:95:aa:eb:ec:0a:fe:f2:b5:
3d:7b:bc:c8:a4:7e:aa:f7:3d:d0:38:ef:17:2d:da:f1:a5:7e:
95:82:53:f0:87:1f:31:82:6d:af:98:bb:62:d5:76:34:04:ff:
82:11:ae:b6:03:6c:29:f2:b4:68:73:51:4a:ca:e1:28:94:89:
12:62:28:e1:ea:1b:b4:52:da:57:41:6c:1b:49:c9:3f:72:6c:
2c:0e:80:fd:af:18:46:4f:69:1d:12:cb:25:79:dd:74:81:8b:
85:af:36:67:87:7c:b3:35:03:14:93:fb:48:e9:34:b7:1c:64:
03:eb:21:40:15:29:9a:dc:55:6e:6d:fa:03:97:ef:65:ca:45:
f3:22:22:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw3fem0wozCYWSYjF+nVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYzNkMzdiZTQzNWE5YzMzZjFjNjNlNTBkMGQ2NDY0ZWQx
NjEwMDQwHhcNMjMwMTAyMTM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWYzMWRiZWFmMTY1MjBjZWJlNjIyMjE0ZTEzM2Q2Mjk2MDAyZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM7kjcSZtW0A/cb0F4Sf7oc0AdZ4
NENj1yf9SRGE+c75Qu4S/AeW39WwgshrNgWi4Bz0Wgem53dWDLWEEc4NiLRBMrxh
CQzbxK0M0XDOzLQb8BPUOJfj8PgMOmJxTF09KlEX9zn/Kxc215rl8Alpd/4uf3p5
CHuveFc9kiUvUG2e285AD45LRgyWdLq99XPVHs+G7SnMfjqksPoDycTsfWXqAjPF
6GYlfbKccpl5P7W7XWU7iVLaKRX/aA8zeP8Z+SeOcxPGvQk08nGkyE5I29+nKqzt
lm9/NwjR+Xin6/ppf5VNTr6Q5/EIQCsnPtvPsxrrC/1aGu28ec0k8e15dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7zHb6vFlIM6+YiIU4TPWKWAC0rMB8GA1UdIwQY
MBaAFEDD03vkNanDPxxj5Q0NZGTtFhAEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU1QVGUtUTFxY01fSEdQbERRMWtaTzBXRUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83ZTNjN2YtMjE4NC00MDNkLTgwY2Yt
NmU0YjNjOTJhODI3LzEvcnZNZHZxOFdVZ3pyNWlJaFRoTTlZcFlBTFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83ZTNjN2YtMjE4NC00MDNkLTgwY2YtNmU0YjNjOTJhODI3
LzEvUU1QVGUtUTFxY01fSEdQbERRMWtaTzBXRUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwe+uMA0G
CSqGSIb3DQEBCwUAA4IBAQBC36UXXL4E+Q7fXl5NQopWXfpEqk8ruQoHKDU4w2H2
+g9lmeEtKPibBw5EAhmwLvRUTq7rRPXu9h4XJgTPARTYXraJLWKIVfFlfLwNgDoI
z7+11UHumKxE7JosRADwsNfklDO/SUlXE9yW/SOONnpvbvm4qfhFlarr7Ar+8rU9
e7zIpH6q9z3QOO8XLdrxpX6VglPwhx8xgm2vmLti1XY0BP+CEa62A2wp8rRoc1FK
yuEolIkSYijh6hu0UtpXQWwbSck/cmwsDoD9rxhGT2kdEssled10gYuFrzZnh3yz
NQMUk/tI6TS3HGQD6yFAFSma3FVubfoDl+9lykXzIiKd
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:25:15 2025 by rpki-client