Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/A1vLtqPKPIA3NoZ97MZW28qJEHk.roa
File: A1vLtqPKPIA3NoZ97MZW28qJEHk.roa (raw, json)
Hash identifier: 4tx3ep6ct45WjlzSv2eZJIIa+ajQMBKeTAHaWUrr7lg=
Subject key identifier: 03:5B:CB:B6:A3:CA:3C:80:37:36:86:7D:EC:C6:56:DB:CA:89:10:79
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 0187BE0C7A4193D569A7274229C4DB9A5FF0
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/A1vLtqPKPIA3NoZ97MZW28qJEHk.roa
Signing time: Wed 26 Apr 2023 14:51:41 +0000
ROA not before: Wed 26 Apr 2023 14:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2541
IP address blocks: 193.169.145.0/24 maxlen: 24
193.169.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:0c:7a:41:93:d5:69:a7:27:42:29:c4:db:9a:5f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Apr 26 14:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=035bcbb6a3ca3c803736867decc656dbca891079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6d:a5:c6:8d:b7:fb:84:d3:4c:63:f6:09:a2:
79:25:c7:08:68:b4:7a:a4:6a:58:37:d3:39:3b:f2:
7b:21:bd:8f:fd:f0:0a:dc:90:75:98:50:43:62:05:
80:ce:86:79:33:36:1d:27:e8:c3:8a:c0:1f:a5:8b:
17:61:39:24:9f:3d:0c:96:d5:d4:18:62:5b:36:63:
87:e1:bf:19:47:66:05:e5:8a:e3:d1:53:04:b9:7d:
db:e5:66:d8:52:a0:70:be:de:25:07:2c:07:1f:82:
3c:4b:b1:bd:dd:c1:2b:06:2e:3e:41:72:9f:51:a3:
c7:57:22:a3:17:ff:c9:a5:de:b8:1d:5f:56:ed:b0:
5d:b2:0e:cf:42:90:2d:18:16:d1:5d:53:03:d9:07:
e3:ca:b0:ce:31:12:04:5e:28:0b:db:0f:6a:e5:ff:
2d:62:8a:9b:76:57:98:22:7b:8b:75:62:dc:24:fc:
0f:d1:bf:92:47:a3:b6:88:e6:2f:82:1c:97:87:8f:
17:0a:a3:94:de:2c:95:8b:a4:73:5c:9f:18:54:78:
25:c1:63:10:b2:63:0e:46:2d:3b:03:64:b6:fb:7e:
94:2b:25:4c:eb:03:ab:94:0c:1f:ee:fe:72:09:9c:
de:3f:d1:c4:2d:a3:3c:6f:70:9a:be:c3:a7:61:03:
84:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5B:CB:B6:A3:CA:3C:80:37:36:86:7D:EC:C6:56:DB:CA:89:10:79
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/A1vLtqPKPIA3NoZ97MZW28qJEHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.144.0/23
Signature Algorithm: sha256WithRSAEncryption
81:90:00:6f:67:87:13:a8:83:aa:d6:b6:5b:26:cc:20:74:22:
35:2d:16:75:db:9a:26:6a:42:b8:5c:25:dc:f7:0a:07:2e:bc:
e0:a9:cf:d2:ba:05:16:45:06:2e:4e:5d:1b:ac:d2:c1:8d:df:
f8:e9:d7:d8:b8:9d:5c:72:86:f9:4c:8a:7c:e0:17:56:a6:cb:
34:86:73:d4:2c:33:d5:9c:48:0e:e7:75:74:6b:63:8d:57:33:
a2:74:c5:eb:14:52:32:43:63:97:8c:33:9d:c5:5e:5b:94:65:
2c:5a:0f:f0:29:2b:43:4b:82:c5:ac:88:2d:3d:f8:49:48:79:
cf:b3:fb:a6:ab:60:30:59:71:87:1c:0c:04:51:86:53:d4:df:
2b:ee:b4:bc:f5:69:62:f2:6d:28:b2:82:45:5b:48:55:ed:a4:
ec:73:fc:b6:00:a3:eb:98:1a:16:c0:45:84:b0:40:cc:c3:2f:
69:2c:b8:2b:2d:fa:3f:4b:28:84:b3:56:5d:5b:b2:e1:ff:23:
f1:2a:9c:3b:e9:8c:8a:58:67:4c:22:91:98:a8:75:79:11:61:
dc:ca:e4:9f:0a:20:a5:3a:bd:bc:0a:6d:4a:8e:e4:3b:cf:21:
4f:16:d7:ca:02:ee:76:17:d2:f6:85:b9:44:13:73:f6:8c:14:
10:d4:7f:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe+DHpBk9VppydCKcTbml/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjMwNDI2MTQ1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzViY2JiNmEzY2EzYzgwMzczNjg2N2RlY2M2NTZkYmNhODkxMDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm2lxo23+4TTTGP2CaJ5JccIaLR6
pGpYN9M5O/J7Ib2P/fAK3JB1mFBDYgWAzoZ5MzYdJ+jDisAfpYsXYTkknz0MltXU
GGJbNmOH4b8ZR2YF5Yrj0VMEuX3b5WbYUqBwvt4lBywHH4I8S7G93cErBi4+QXKf
UaPHVyKjF//Jpd64HV9W7bBdsg7PQpAtGBbRXVMD2QfjyrDOMRIEXigL2w9q5f8t
YoqbdleYInuLdWLcJPwP0b+SR6O2iOYvghyXh48XCqOU3iyVi6RzXJ8YVHglwWMQ
smMORi07A2S2+36UKyVM6wOrlAwf7v5yCZzeP9HELaM8b3CavsOnYQOEkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANby7ajyjyANzaGfezGVtvKiRB5MB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvQTF2THRxUEtQSUEzTm9aOTdNWlcyOHFKRUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwamQMA0G
CSqGSIb3DQEBCwUAA4IBAQCBkABvZ4cTqIOq1rZbJswgdCI1LRZ125omakK4XCXc
9woHLrzgqc/SugUWRQYuTl0brNLBjd/46dfYuJ1ccob5TIp84BdWpss0hnPULDPV
nEgO53V0a2ONVzOidMXrFFIyQ2OXjDOdxV5blGUsWg/wKStDS4LFrIgtPfhJSHnP
s/umq2AwWXGHHAwEUYZT1N8r7rS89Wli8m0osoJFW0hV7aTsc/y2AKPrmBoWwEWE
sEDMwy9pLLgrLfo/SyiEs1ZdW7Lh/yPxKpw76YyKWGdMIpGYqHV5EWHcyuSfCiCl
Or28Cm1KjuQ7zyFPFtfKAu52F9L2hblEE3P2jBQQ1H90
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:12 2025 by rpki-client