Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/eD1pLS5utAkRtXDcs6tcLdeDnh8.roa
File: eD1pLS5utAkRtXDcs6tcLdeDnh8.roa (raw, json)
Hash identifier: qLMrCTGPhpdfI2PsmuDedHiQnw4ObqXnZATBChL/qrU=
Subject key identifier: 78:3D:69:2D:2E:6E:B4:09:11:B5:70:DC:B3:AB:5C:2D:D7:83:9E:1F
Certificate issuer: /CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Certificate serial: 01839E24647E59F0721A93E39A030B9C882B
Authority key identifier: 4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/eD1pLS5utAkRtXDcs6tcLdeDnh8.roa
Signing time: Mon 03 Oct 2022 13:58:48 +0000
ROA not before: Mon 03 Oct 2022 13:58:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43754
IP address blocks: 193.111.234.0/24 maxlen: 24
193.134.101.0/24 maxlen: 24
193.134.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9e:24:64:7e:59:f0:72:1a:93:e3:9a:03:0b:9c:88:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Validity
Not Before: Oct 3 13:58:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=783d692d2e6eb40911b570dcb3ab5c2dd7839e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4a:8f:4b:09:c4:9c:f2:39:d4:d8:c1:ea:fc:
d7:07:02:ce:50:5d:78:ab:da:ac:5d:bf:53:73:b8:
b3:07:9c:eb:95:d5:ff:13:54:80:47:7b:16:4a:3a:
42:b4:bb:d2:95:72:bc:ee:dc:7e:fd:a1:f0:c9:e9:
15:5a:7e:2f:3a:3d:96:db:6c:a7:e7:ae:35:a1:69:
4d:f6:03:7c:e2:68:b7:fd:9d:89:1e:d5:8a:29:ac:
58:c1:26:1d:4d:9c:93:f9:49:a6:46:10:35:78:e5:
3c:8d:12:31:4f:95:8f:43:ef:d2:bc:1c:41:4b:3b:
04:b8:60:b7:ff:84:04:5d:23:9b:da:4c:80:e2:a3:
a5:ed:18:7d:cf:68:9c:d0:0a:99:b9:ca:47:3c:3d:
f6:a3:d3:00:e3:a4:30:c0:fa:e7:85:be:62:51:66:
0d:1d:ca:e0:4d:f7:fa:53:88:f1:0b:94:fc:71:9a:
a6:69:9b:39:9a:e2:0d:d9:7c:f5:bd:88:d8:6a:0d:
58:84:8b:03:80:5a:84:ce:6d:fd:3b:55:24:c6:0f:
40:73:1a:fe:9b:72:2e:3b:c3:54:bc:e1:8c:a2:73:
5c:7b:91:4d:94:31:92:1b:30:da:78:5b:e4:d9:ba:
5f:dd:32:60:ec:fd:d5:4c:e2:ff:12:ec:39:29:cb:
72:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3D:69:2D:2E:6E:B4:09:11:B5:70:DC:B3:AB:5C:2D:D7:83:9E:1F
X509v3 Authority Key Identifier:
keyid:4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/eD1pLS5utAkRtXDcs6tcLdeDnh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/Ss70X7sPJpMK64M895_EHiLKkjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.234.0/24
193.134.100.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:1c:87:10:7d:a6:47:4c:2b:8d:bc:2c:c6:62:da:85:7f:78:
d4:07:10:07:9e:8a:99:24:2e:dd:cd:88:f9:d7:26:72:85:5d:
6c:f6:cb:6a:b1:36:bd:7b:72:21:e9:30:40:fd:b0:5e:48:cd:
a7:ac:36:62:ee:20:42:01:68:5b:67:fa:45:e2:d7:66:a2:0e:
a5:36:f4:22:c1:32:62:1a:b7:e4:2f:12:9d:e0:99:fd:d1:ec:
13:35:0a:45:2d:0c:28:af:e0:8c:a1:57:16:47:24:6e:54:fb:
ff:02:28:11:16:17:0e:89:4a:3f:f2:2f:f5:4e:54:3d:82:45:
06:33:e7:d3:13:89:7b:04:7d:08:f5:a1:17:7a:c2:d7:da:c2:
1d:62:0c:64:4a:44:fb:4a:8d:70:3c:23:73:63:44:0c:83:ad:
a6:f2:4b:b0:b1:64:9b:81:2e:3b:bc:e6:a6:2b:a8:ad:a0:d2:
e7:db:b3:01:d1:a8:9c:38:a1:cd:ea:da:68:29:c3:f4:39:d0:
af:80:09:62:20:f8:36:dc:d1:16:02:11:ff:e6:b3:c2:a5:3f:
17:96:bf:8e:de:35:f2:bf:91:09:3a:85:2a:5b:ea:8a:b6:17:
43:05:95:fa:06:2b:c6:78:68:b3:9a:c1:68:64:20:a0:19:73:
a0:a7:75:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOeJGR+WfByGpPjmgMLnIgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2VmNDVmYmIwZjI2OTMwYWViODMzY2Y3OWZjNDFlMjJj
YTkyMzUwHhcNMjIxMDAzMTM1ODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODNkNjkyZDJlNmViNDA5MTFiNTcwZGNiM2FiNWMyZGQ3ODM5ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUqPSwnEnPI51NjB6vzXBwLOUF14
q9qsXb9Tc7izB5zrldX/E1SAR3sWSjpCtLvSlXK87tx+/aHwyekVWn4vOj2W22yn
5641oWlN9gN84mi3/Z2JHtWKKaxYwSYdTZyT+UmmRhA1eOU8jRIxT5WPQ+/SvBxB
SzsEuGC3/4QEXSOb2kyA4qOl7Rh9z2ic0AqZucpHPD32o9MA46QwwPrnhb5iUWYN
HcrgTff6U4jxC5T8cZqmaZs5muIN2Xz1vYjYag1YhIsDgFqEzm39O1Ukxg9Acxr+
m3IuO8NUvOGMonNce5FNlDGSGzDaeFvk2bpf3TJg7P3VTOL/Euw5KctySwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHg9aS0ubrQJEbVw3LOrXC3Xg54fMB8GA1UdIwQY
MBaAFErO9F+7DyaTCuuDPPefxB4iypI1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUt
MDZmNzI5MGRjNDRhLzEvZUQxcExTNXV0QWtSdFhEY3M2dGNMZGVEbmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUtMDZmNzI5MGRjNDRh
LzEvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW/qAwQB
wYZkMA0GCSqGSIb3DQEBCwUAA4IBAQCOHIcQfaZHTCuNvCzGYtqFf3jUBxAHnoqZ
JC7dzYj51yZyhV1s9stqsTa9e3Ih6TBA/bBeSM2nrDZi7iBCAWhbZ/pF4tdmog6l
NvQiwTJiGrfkLxKd4Jn90ewTNQpFLQwor+CMoVcWRyRuVPv/AigRFhcOiUo/8i/1
TlQ9gkUGM+fTE4l7BH0I9aEXesLX2sIdYgxkSkT7So1wPCNzY0QMg62m8kuwsWSb
gS47vOamK6itoNLn27MB0aicOKHN6tpoKcP0OdCvgAliIPg23NEWAhH/5rPCpT8X
lr+O3jXyv5EJOoUqW+qKthdDBZX6BivGeGizmsFoZCCgGXOgp3UO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:13 2025 by rpki-client