Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/Fd1UXxS3TBAVFp0_rUMBegIQuZc.roa
File: Fd1UXxS3TBAVFp0_rUMBegIQuZc.roa (raw, json)
Hash identifier: aTMpKxWCmyTKCIr3o7E5Zizg+aweVYoKlOVVSPAm2JY=
Subject key identifier: 15:DD:54:5F:14:B7:4C:10:15:16:9D:3F:AD:43:01:7A:02:10:B9:97
Certificate issuer: /CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Certificate serial: 0184864D00839E63D294236AFD0D9D66ADF1
Authority key identifier: 96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/Fd1UXxS3TBAVFp0_rUMBegIQuZc.roa
Signing time: Thu 17 Nov 2022 15:55:04 +0000
ROA not before: Thu 17 Nov 2022 15:55:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202498
IP address blocks: 193.143.64.0/24 maxlen: 24
193.143.65.0/24 maxlen: 24
193.143.66.0/24 maxlen: 24
193.143.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:4d:00:83:9e:63:d2:94:23:6a:fd:0d:9d:66:ad:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Validity
Not Before: Nov 17 15:55:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15dd545f14b74c1015169d3fad43017a0210b997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5e:0c:7a:73:d4:a2:f5:02:49:f1:74:2d:75:
9a:68:5b:3a:2b:eb:bd:4f:0a:7b:a6:08:24:eb:ae:
05:62:c1:53:90:ce:d3:ea:e9:7e:85:0f:4e:91:96:
ad:37:e8:e3:c0:1c:19:88:b0:69:83:9d:0b:75:36:
b4:30:70:00:4c:b8:50:52:63:c4:6e:4c:50:8d:40:
13:6c:bd:3e:13:b1:2b:c3:99:bc:96:63:05:c9:74:
d5:c1:db:4e:6d:c1:94:75:3b:11:33:a8:37:a4:07:
03:18:ac:89:51:c8:4a:fe:27:04:f4:67:3e:73:5f:
3c:9a:b6:0f:ce:16:24:4a:49:5a:2d:67:61:99:4c:
4a:0e:d3:49:1f:01:cd:21:86:ef:d6:e4:fa:44:4f:
f0:de:40:48:24:ee:56:a4:07:b7:89:99:5a:c0:e6:
d3:57:85:51:c1:c2:66:ed:24:ee:28:1e:db:ec:0e:
48:58:28:c4:a1:01:a5:b4:09:26:12:58:0d:ad:24:
7a:c7:fb:99:17:9f:a2:5e:19:83:c4:37:60:88:2a:
0b:06:39:d5:b7:8c:b7:84:c3:72:36:84:af:ea:07:
47:5d:94:44:a2:a6:a5:13:1e:e5:02:28:ac:19:7a:
b6:af:dc:f3:6f:1e:d7:d5:4a:c3:7c:81:8c:3f:46:
52:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DD:54:5F:14:B7:4C:10:15:16:9D:3F:AD:43:01:7A:02:10:B9:97
X509v3 Authority Key Identifier:
keyid:96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/Fd1UXxS3TBAVFp0_rUMBegIQuZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/lv9F5t5Iv8A5faytg6hIMdt5UtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.64.0/22
Signature Algorithm: sha256WithRSAEncryption
52:15:18:e5:89:33:8f:11:f0:16:92:ec:fb:14:59:07:95:33:
1d:fa:db:22:4c:ed:b8:55:b3:52:ce:a3:01:51:df:24:28:f6:
db:53:64:e1:70:ff:10:41:4c:87:f8:2b:d5:e9:91:29:74:79:
0c:be:9e:42:11:1a:6c:65:ca:06:1d:0b:f6:c5:60:b6:46:a6:
47:2c:6c:ff:ea:8c:a0:7d:8d:3b:d4:85:ca:3f:f6:1f:4a:79:
fe:ea:70:3f:a3:a1:9f:e9:1a:6c:02:ec:99:f9:f3:66:c2:a1:
6e:8b:fc:f8:01:01:e8:63:c5:c5:b1:50:79:d7:1d:a6:7c:47:
73:a1:44:dd:8f:74:af:20:05:14:b0:5d:01:93:72:58:44:9e:
31:df:c7:37:95:fe:cc:cb:d2:90:f1:66:f7:43:8d:60:3f:20:
39:b8:ff:33:a9:0d:ea:56:f0:25:d3:56:20:52:ab:75:30:e6:
d3:70:f9:37:6e:40:d5:cd:9e:6d:90:00:d5:2d:1f:ea:3a:43:
3e:db:2e:fb:d4:29:6c:0a:9f:c0:a6:94:e6:db:80:ea:59:7d:
ce:dd:25:a3:b2:6a:58:86:62:b2:c2:16:43:7a:12:5e:6d:31:
36:3a:1b:4f:d4:54:6b:2e:57:98:b8:da:6d:df:3a:4e:54:d3:
d5:10:b4:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSGTQCDnmPSlCNq/Q2dZq3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZmY0NWU2ZGU0OGJmYzAzOTdkYWNhZDgzYTg0ODMxZGI3
OTUyZDEwHhcNMjIxMTE3MTU1NTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWRkNTQ1ZjE0Yjc0YzEwMTUxNjlkM2ZhZDQzMDE3YTAyMTBiOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV4MenPUovUCSfF0LXWaaFs6K+u9
Twp7pggk664FYsFTkM7T6ul+hQ9OkZatN+jjwBwZiLBpg50LdTa0MHAATLhQUmPE
bkxQjUATbL0+E7Erw5m8lmMFyXTVwdtObcGUdTsRM6g3pAcDGKyJUchK/icE9Gc+
c188mrYPzhYkSklaLWdhmUxKDtNJHwHNIYbv1uT6RE/w3kBIJO5WpAe3iZlawObT
V4VRwcJm7STuKB7b7A5IWCjEoQGltAkmElgNrSR6x/uZF5+iXhmDxDdgiCoLBjnV
t4y3hMNyNoSv6gdHXZREoqalEx7lAiisGXq2r9zzbx7X1UrDfIGMP0ZSgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBXdVF8Ut0wQFRadP61DAXoCELmXMB8GA1UdIwQY
MBaAFJb/RebeSL/AOX2srYOoSDHbeVLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAt
MGY1ZDM3OTdhMzI1LzEvRmQxVVh4UzNUQkFWRnAwX3JVTUJlZ0lRdVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAtMGY1ZDM3OTdhMzI1
LzEvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwY9AMA0G
CSqGSIb3DQEBCwUAA4IBAQBSFRjliTOPEfAWkuz7FFkHlTMd+tsiTO24VbNSzqMB
Ud8kKPbbU2ThcP8QQUyH+CvV6ZEpdHkMvp5CERpsZcoGHQv2xWC2RqZHLGz/6oyg
fY071IXKP/YfSnn+6nA/o6Gf6RpsAuyZ+fNmwqFui/z4AQHoY8XFsVB51x2mfEdz
oUTdj3SvIAUUsF0Bk3JYRJ4x38c3lf7My9KQ8Wb3Q41gPyA5uP8zqQ3qVvAl01Yg
Uqt1MObTcPk3bkDVzZ5tkADVLR/qOkM+2y771ClsCp/AppTm24DqWX3O3SWjsmpY
hmKywhZDehJebTE2OhtP1FRrLleYuNpt3zpOVNPVELTa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org