Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/4ONgJ7rDUV3sM3R2ZRsQYJ1wT2Y.roa
File: 4ONgJ7rDUV3sM3R2ZRsQYJ1wT2Y.roa (raw, json)
Hash identifier: 9S0aQNStciKzYN0u6nmdHthIlaPeY/ZrTJ4FgWStp4U=
Subject key identifier: E0:E3:60:27:BA:C3:51:5D:EC:33:74:76:65:1B:10:60:9D:70:4F:66
Certificate issuer: /CN=c50e0801823f19d51b962ab6d4ebbbc27dd4ed96
Certificate serial: 018C0222C223A87A53ACDA734CE8B780F545
Authority key identifier: C5:0E:08:01:82:3F:19:D5:1B:96:2A:B6:D4:EB:BB:C2:7D:D4:ED:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/4ONgJ7rDUV3sM3R2ZRsQYJ1wT2Y.roa
Signing time: Fri 24 Nov 2023 16:21:21 +0000
ROA not before: Fri 24 Nov 2023 16:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210917
IP address blocks: 193.30.116.0/24 maxlen: 24
167.94.24.0/24 maxlen: 24
2a13:4b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:22:c2:23:a8:7a:53:ac:da:73:4c:e8:b7:80:f5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c50e0801823f19d51b962ab6d4ebbbc27dd4ed96
Validity
Not Before: Nov 24 16:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0e36027bac3515dec337476651b10609d704f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:01:08:07:ef:dd:45:77:83:e1:c4:03:f3:63:
93:27:03:68:c6:36:b7:be:a2:c7:ef:b4:14:00:b8:
77:97:5c:31:a8:bf:88:45:83:0e:7f:ee:c6:eb:5b:
5f:ce:2a:4f:7e:3a:3f:20:d3:82:75:17:7d:aa:64:
6d:43:b1:ba:85:76:33:87:44:c6:48:09:8b:ca:5e:
fc:67:71:45:c2:89:1d:7b:80:fa:51:b3:ac:ee:76:
5a:69:26:c4:9b:ad:e3:da:20:a5:1b:3e:9f:13:39:
d0:21:bf:c9:5e:ee:6e:b4:d3:37:32:5b:c8:42:e1:
04:c5:e6:19:b0:45:27:9c:81:50:32:4b:63:65:05:
8b:38:fc:ea:1e:22:81:95:f7:7a:10:ef:7c:38:ac:
36:26:07:eb:c1:39:44:59:e1:d9:42:cc:c8:29:c7:
cc:17:63:87:50:44:6d:ba:b2:80:65:d8:cf:5d:38:
45:a4:29:ee:f5:22:81:2d:9d:ba:75:78:41:86:27:
74:a1:22:61:81:4a:fb:57:4d:5c:bc:6b:e2:04:1e:
0e:6a:50:f2:ba:bd:49:27:29:4f:e7:93:8b:d7:57:
a0:97:61:66:97:b2:d0:37:ac:cd:db:d8:29:67:df:
7c:3f:3d:45:3a:b9:f5:dc:64:af:36:51:d7:b9:bf:
00:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E3:60:27:BA:C3:51:5D:EC:33:74:76:65:1B:10:60:9D:70:4F:66
X509v3 Authority Key Identifier:
keyid:C5:0E:08:01:82:3F:19:D5:1B:96:2A:B6:D4:EB:BB:C2:7D:D4:ED:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/4ONgJ7rDUV3sM3R2ZRsQYJ1wT2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.94.24.0/24
193.30.116.0/24
IPv6:
2a13:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
01:8a:fd:e7:49:0b:16:9b:6a:c2:c8:cd:92:3d:fe:c2:9c:23:
ba:85:60:51:c8:14:ec:03:ea:a3:57:95:af:9b:80:74:a1:0a:
46:73:36:c4:f9:6e:29:12:a7:27:b0:b3:ee:f1:bc:51:19:1b:
41:c6:96:17:de:f0:60:c6:74:8f:31:28:38:dd:2d:23:45:b5:
88:69:b6:bd:79:00:b8:aa:27:e4:50:c0:fb:02:7b:f1:bf:22:
b5:df:5b:84:aa:b7:09:96:9a:18:26:ed:fc:2d:b4:4c:79:6b:
b1:77:79:a1:3c:c7:0b:f4:63:f0:bc:e4:9f:a3:26:bb:30:1e:
67:e6:c7:7b:ac:d9:81:a2:95:fe:ee:b8:fd:03:c3:15:ed:9f:
5b:96:cd:4f:27:96:1d:8a:0f:07:65:79:3f:7b:a6:36:23:a6:
8d:84:b5:9b:d2:fa:99:98:db:ea:8e:2d:25:e8:cd:86:58:e7:
f7:86:fa:07:1e:17:27:01:f3:15:ee:9e:71:91:dd:11:b7:73:
b3:4d:1d:b2:47:46:c5:1a:de:f2:6e:77:0b:81:47:1b:7c:26:
74:9d:e5:87:ff:56:f7:e2:8f:b7:7b:f5:1b:3f:af:17:fd:72:
e1:cc:84:fe:3e:94:4e:ea:2b:10:94:fd:11:0c:c0:ed:b4:3d:
c5:3b:f8:1d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwCIsIjqHpTrNpzTOi3gPVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MGUwODAxODIzZjE5ZDUxYjk2MmFiNmQ0ZWJiYmMyN2Rk
NGVkOTYwHhcNMjMxMTI0MTYyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGUzNjAyN2JhYzM1MTVkZWMzMzc0NzY2NTFiMTA2MDlkNzA0ZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgEIB+/dRXeD4cQD82OTJwNoxja3
vqLH77QUALh3l1wxqL+IRYMOf+7G61tfzipPfjo/INOCdRd9qmRtQ7G6hXYzh0TG
SAmLyl78Z3FFwokde4D6UbOs7nZaaSbEm63j2iClGz6fEznQIb/JXu5utNM3MlvI
QuEExeYZsEUnnIFQMktjZQWLOPzqHiKBlfd6EO98OKw2JgfrwTlEWeHZQszIKcfM
F2OHUERturKAZdjPXThFpCnu9SKBLZ26dXhBhid0oSJhgUr7V01cvGviBB4OalDy
ur1JJylP55OL11egl2Fml7LQN6zN29gpZ998Pz1FOrn13GSvNlHXub8AzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFODjYCe6w1Fd7DN0dmUbEGCdcE9mMB8GA1UdIwQY
MBaAFMUOCAGCPxnVG5YqttTru8J91O2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFE0SUFZSV9HZFVibGlxMjFPdTd3bjNVN1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80NzRmNjUtZmUyOS00ODIyLWJhMTQt
Y2U4MjE0Y2VmNmI1LzEvNE9OZ0o3ckRVVjNzTTNSMlpSc1FZSjF3VDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80NzRmNjUtZmUyOS00ODIyLWJhMTQtY2U4MjE0Y2VmNmI1
LzEveFE0SUFZSV9HZFVibGlxMjFPdTd3bjNVN1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAp14YAwQA
wR50MA0EAgACMAcDBQMqE0sAMA0GCSqGSIb3DQEBCwUAA4IBAQABiv3nSQsWm2rC
yM2SPf7CnCO6hWBRyBTsA+qjV5Wvm4B0oQpGczbE+W4pEqcnsLPu8bxRGRtBxpYX
3vBgxnSPMSg43S0jRbWIaba9eQC4qifkUMD7AnvxvyK131uEqrcJlpoYJu38LbRM
eWuxd3mhPMcL9GPwvOSfoya7MB5n5sd7rNmBopX+7rj9A8MV7Z9bls1PJ5Ydig8H
ZXk/e6Y2I6aNhLWb0vqZmNvqji0l6M2GWOf3hvoHHhcnAfMV7p5xkd0Rt3OzTR2y
R0bFGt7ybncLgUcbfCZ0neWH/1b34o+3e/UbP68X/XLhzIT+PpRO6isQlP0RDMDt
tD3FO/gd
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:38:16 2025 by rpki-client