Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/05CnpCfQqTe2GzqSRiRkNdXdcLQ.roa
File: 05CnpCfQqTe2GzqSRiRkNdXdcLQ.roa (raw, json)
Hash identifier: TSg30C1tZRqH1sfU7ur8G5A7mR8++iZLfHx32T8+k18=
Subject key identifier: D3:90:A7:A4:27:D0:A9:37:B6:1B:3A:92:46:24:64:35:D5:DD:70:B4
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 018CA52E361939D0014BD152ABBB4BDB96D2
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/05CnpCfQqTe2GzqSRiRkNdXdcLQ.roa
Signing time: Tue 26 Dec 2023 08:11:58 +0000
ROA not before: Tue 26 Dec 2023 08:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 212.26.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:2e:36:19:39:d0:01:4b:d1:52:ab:bb:4b:db:96:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Dec 26 08:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d390a7a427d0a937b61b3a9246246435d5dd70b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:24:fa:cf:1c:c8:f6:14:35:ca:52:f0:21:48:
eb:f9:9a:81:53:40:06:a8:e2:22:50:b8:39:cd:89:
10:82:c9:6e:58:3c:cb:e6:60:71:d8:75:dc:fb:f0:
8e:79:8c:51:92:dc:49:0e:b5:ef:b7:e3:81:bb:0f:
ae:af:3f:6d:75:9f:4d:b0:86:6b:d6:1f:0e:ca:bf:
8c:b9:1f:7c:77:88:c0:04:ff:49:f1:90:b5:c4:5c:
91:af:47:a3:a7:e7:80:ca:35:29:c8:99:84:4d:e8:
cd:14:6a:ea:13:f0:47:5f:82:48:20:df:fb:c9:e1:
ed:85:54:18:9e:a6:24:7c:7e:e1:db:52:f4:f9:07:
c2:d7:31:39:53:8b:3f:d1:02:27:b4:c1:ba:db:c1:
47:8f:81:ea:48:dc:bb:ff:b1:b2:dd:b5:51:a9:8a:
03:f3:2b:a8:9e:63:41:7d:2e:6e:ad:38:55:15:4b:
79:66:8e:ee:0e:53:83:4a:c4:ff:64:85:54:c9:34:
2a:8f:02:89:34:33:e9:be:3f:c0:f1:84:ad:20:62:
01:5d:cb:f4:ac:0f:a1:74:f5:7a:bd:bb:df:3c:3d:
73:a6:6a:e2:0b:04:66:55:a6:ed:23:b8:74:c7:ca:
84:71:ff:ea:89:cd:a7:f2:5d:95:ac:aa:a1:d9:95:
2f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:90:A7:A4:27:D0:A9:37:B6:1B:3A:92:46:24:64:35:D5:DD:70:B4
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/05CnpCfQqTe2GzqSRiRkNdXdcLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.26.18.0/24
Signature Algorithm: sha256WithRSAEncryption
95:cf:d9:7f:43:2c:9c:6e:ce:a2:f9:98:9f:fe:ab:41:1e:97:
11:41:ed:ac:56:12:80:52:72:14:81:1a:cf:0e:2f:3c:d7:5b:
93:ff:c6:5c:33:b4:c2:32:26:8c:48:ff:55:cb:85:64:63:4a:
18:fe:30:74:a9:b5:18:d9:56:87:10:21:64:ca:0d:a6:ee:e9:
bf:e2:89:1d:ad:21:88:e9:28:1a:5d:20:60:f8:05:5c:66:9b:
71:56:73:ea:a6:d8:27:87:4a:82:a0:1b:32:5e:ac:60:c6:79:
af:a0:08:b6:0d:01:be:32:cd:35:c4:d8:34:5a:7d:06:4f:b3:
29:4d:c5:b7:31:62:eb:b9:c5:a8:a7:6e:b2:2a:25:12:c1:07:
4c:0e:43:35:91:ad:90:31:f3:43:cb:62:4b:76:a0:0f:29:df:
07:9e:72:5c:80:db:81:d7:9c:d8:ea:90:21:e3:c2:d1:34:62:
ed:39:ce:72:71:93:b2:32:eb:e8:7e:c3:8a:b6:62:ad:2f:89:
2a:74:b6:a8:5a:56:64:86:8b:14:a1:90:f4:9b:e2:34:80:cb:
5d:da:18:5a:c4:2b:ed:cb:1b:9f:3a:02:c3:85:d2:2e:e5:be:
fa:44:ea:73:af:48:7c:77:16:d6:54:dc:a7:8b:e2:f1:55:8a:
4c:18:c8:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYylLjYZOdABS9FSq7tL25bSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjMxMjI2MDgxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzkwYTdhNDI3ZDBhOTM3YjYxYjNhOTI0NjI0NjQzNWQ1ZGQ3MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyT6zxzI9hQ1ylLwIUjr+ZqBU0AG
qOIiULg5zYkQgsluWDzL5mBx2HXc+/COeYxRktxJDrXvt+OBuw+urz9tdZ9NsIZr
1h8Oyr+MuR98d4jABP9J8ZC1xFyRr0ejp+eAyjUpyJmETejNFGrqE/BHX4JIIN/7
yeHthVQYnqYkfH7h21L0+QfC1zE5U4s/0QIntMG628FHj4HqSNy7/7Gy3bVRqYoD
8yuonmNBfS5urThVFUt5Zo7uDlODSsT/ZIVUyTQqjwKJNDPpvj/A8YStIGIBXcv0
rA+hdPV6vbvfPD1zpmriCwRmVabtI7h0x8qEcf/qic2n8l2VrKqh2ZUvuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOQp6Qn0Kk3ths6kkYkZDXV3XC0MB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvMDVDbnBDZlFxVGUyR3pxU1JpUmtOZFhkY0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BoSMA0G
CSqGSIb3DQEBCwUAA4IBAQCVz9l/Qyycbs6i+Zif/qtBHpcRQe2sVhKAUnIUgRrP
Di8811uT/8ZcM7TCMiaMSP9Vy4VkY0oY/jB0qbUY2VaHECFkyg2m7um/4okdrSGI
6SgaXSBg+AVcZptxVnPqptgnh0qCoBsyXqxgxnmvoAi2DQG+Ms01xNg0Wn0GT7Mp
TcW3MWLrucWop26yKiUSwQdMDkM1ka2QMfNDy2JLdqAPKd8HnnJcgNuB15zY6pAh
48LRNGLtOc5ycZOyMuvofsOKtmKtL4kqdLaoWlZkhosUoZD0m+I0gMtd2hhaxCvt
yxufOgLDhdIu5b76ROpzr0h8dxbWVNyni+LxVYpMGMjN
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:31:43 2025 by rpki-client