Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/M5eTz2NMQ6FNWoNOI9xhp13T7jk.roa
File: M5eTz2NMQ6FNWoNOI9xhp13T7jk.roa (raw, json)
Hash identifier: s0Io5ZIsF+QFrn6Sh1mJGLydMh9GjTOLh/EkmCG4cZE=
Subject key identifier: 33:97:93:CF:63:4C:43:A1:4D:5A:83:4E:23:DC:61:A7:5D:D3:EE:39
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018B38010A9723A9B647183B4D630DBC3FBA
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/M5eTz2NMQ6FNWoNOI9xhp13T7jk.roa
Signing time: Mon 16 Oct 2023 10:21:14 +0000
ROA not before: Mon 16 Oct 2023 10:21:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57011
IP address blocks: 188.93.108.0/22 maxlen: 22
188.93.110.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:01:0a:97:23:a9:b6:47:18:3b:4d:63:0d:bc:3f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Oct 16 10:21:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=339793cf634c43a14d5a834e23dc61a75dd3ee39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ba:29:ef:34:79:68:82:e3:d4:63:88:b1:9b:
17:ec:96:1f:83:49:4b:17:29:d6:6a:66:0e:95:1a:
23:0c:51:46:16:b4:a1:f3:43:76:c5:1f:ff:f2:1b:
00:b2:60:e5:00:e1:0f:c8:46:08:f4:61:8d:29:41:
bc:48:36:64:37:93:8c:2a:75:79:97:6f:d7:c4:24:
82:7b:78:12:57:0a:d7:31:35:53:d9:23:63:c1:91:
b9:66:5e:18:26:7b:2c:78:75:a8:ef:5a:d6:b3:f4:
f9:ec:e3:74:07:8c:0d:87:0d:11:cd:33:78:d5:02:
9c:6a:91:d7:0b:c9:92:33:08:4f:54:07:b1:c2:5d:
c8:7e:35:4e:5f:f9:35:ea:94:af:83:e4:2f:16:20:
fc:0b:21:c3:78:a7:01:b1:3a:ef:68:89:aa:ce:f7:
d9:77:0c:9d:30:a4:85:80:3c:9d:6a:58:29:60:2b:
f1:a4:ca:69:56:d2:0b:f2:1d:c2:09:d5:c1:c9:6e:
e1:ab:9c:2a:66:fe:a4:65:04:fe:d8:ae:8e:fa:69:
03:a8:71:e1:e1:2f:d3:d7:c8:de:81:2a:c0:42:48:
63:3a:0d:ba:03:d7:34:2d:14:43:30:9c:52:62:fd:
4f:b9:b0:4d:c2:e1:eb:e9:f0:c1:7f:ee:49:45:57:
bd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:97:93:CF:63:4C:43:A1:4D:5A:83:4E:23:DC:61:A7:5D:D3:EE:39
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/M5eTz2NMQ6FNWoNOI9xhp13T7jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.108.0/22
Signature Algorithm: sha256WithRSAEncryption
23:f6:2d:b3:be:8b:0d:16:21:88:cc:71:c2:03:79:2f:6b:33:
86:25:71:76:b9:4f:01:51:77:8c:50:44:d1:bc:87:92:6d:5a:
98:47:8a:94:73:53:c8:a3:6f:30:83:0a:ed:da:33:90:19:c5:
78:e6:88:52:8f:51:bf:a8:a6:61:19:18:60:e9:a9:21:e9:ab:
50:0b:f4:7a:0b:db:14:e3:f8:b5:0f:24:f2:06:c1:c2:ab:5d:
0a:85:b2:18:59:e9:99:db:9c:e7:6b:83:8c:c0:b1:fb:ff:5b:
18:bb:6b:85:ac:ab:3e:34:0b:25:9d:ec:de:01:eb:81:de:57:
55:ff:77:87:96:28:a9:9d:8b:c3:41:d3:0f:79:4e:45:a9:20:
42:2a:ca:85:06:cb:1d:38:65:97:52:d5:f9:04:10:10:e1:da:
bf:8c:1c:eb:9a:aa:a7:18:18:93:d0:a6:74:70:a4:d1:71:6c:
c0:b0:b7:3d:db:ae:2c:d6:64:86:40:5f:78:3d:fb:57:4b:63:
43:f4:b8:f3:4d:ed:1c:45:b7:af:21:56:18:98:85:48:7a:cd:
a5:b7:ec:35:33:1a:3c:50:8a:c8:83:a0:71:20:77:9c:7e:36:
b6:fa:30:b0:b7:1b:b3:68:d2:76:80:71:cb:cf:bd:59:47:54:
a3:bf:a6:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs4AQqXI6m2Rxg7TWMNvD+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMxMDE2MTAyMTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk3OTNjZjYzNGM0M2ExNGQ1YTgzNGUyM2RjNjFhNzVkZDNlZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLop7zR5aILj1GOIsZsX7JYfg0lL
FynWamYOlRojDFFGFrSh80N2xR//8hsAsmDlAOEPyEYI9GGNKUG8SDZkN5OMKnV5
l2/XxCSCe3gSVwrXMTVT2SNjwZG5Zl4YJnsseHWo71rWs/T57ON0B4wNhw0RzTN4
1QKcapHXC8mSMwhPVAexwl3IfjVOX/k16pSvg+QvFiD8CyHDeKcBsTrvaImqzvfZ
dwydMKSFgDydalgpYCvxpMppVtIL8h3CCdXByW7hq5wqZv6kZQT+2K6O+mkDqHHh
4S/T18jegSrAQkhjOg26A9c0LRRDMJxSYv1PubBNwuHr6fDBf+5JRVe97QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDOXk89jTEOhTVqDTiPcYadd0+45MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvTTVlVHoyTk1RNkZOV29OT0k5eGhwMTNUN2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvF1sMA0G
CSqGSIb3DQEBCwUAA4IBAQAj9i2zvosNFiGIzHHCA3kvazOGJXF2uU8BUXeMUETR
vIeSbVqYR4qUc1PIo28wgwrt2jOQGcV45ohSj1G/qKZhGRhg6akh6atQC/R6C9sU
4/i1DyTyBsHCq10KhbIYWemZ25zna4OMwLH7/1sYu2uFrKs+NAslnezeAeuB3ldV
/3eHliipnYvDQdMPeU5FqSBCKsqFBssdOGWXUtX5BBAQ4dq/jBzrmqqnGBiT0KZ0
cKTRcWzAsLc9264s1mSGQF94PftXS2ND9LjzTe0cRbevIVYYmIVIes2lt+w1Mxo8
UIrIg6BxIHecfja2+jCwtxuzaNJ2gHHLz71ZR1Sjv6Zu
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:13:23 2025 by rpki-client