Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/ywXDIpUmze3zwC6T7swUUdB_t0M.roa
File: ywXDIpUmze3zwC6T7swUUdB_t0M.roa (raw, json)
Hash identifier: hBlw+YHSsoeFKhvfF4sMqWyTbw6lUQ2L9byaNt7F0ug=
Subject key identifier: CB:05:C3:22:95:26:CD:ED:F3:C0:2E:93:EE:CC:14:51:D0:7F:B7:43
Certificate issuer: /CN=248f5e26f1c08f4486c9911c8b609eae8b6cb74d
Certificate serial: 01856C6EEAA7F7435879EF9FBF7BB1C82909
Authority key identifier: 24:8F:5E:26:F1:C0:8F:44:86:C9:91:1C:8B:60:9E:AE:8B:6C:B7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JI9eJvHAj0SGyZEci2Cerotst00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/ywXDIpUmze3zwC6T7swUUdB_t0M.roa
Signing time: Sun 01 Jan 2023 08:24:46 +0000
ROA not before: Sun 01 Jan 2023 08:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39679
IP address blocks: 193.188.192.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:ea:a7:f7:43:58:79:ef:9f:bf:7b:b1:c8:29:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=248f5e26f1c08f4486c9911c8b609eae8b6cb74d
Validity
Not Before: Jan 1 08:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb05c3229526cdedf3c02e93eecc1451d07fb743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:84:33:40:92:ec:58:63:ac:da:85:4d:8d:66:
bd:dc:0b:f3:fe:88:a8:5d:02:1b:a4:54:32:63:07:
e2:c2:8c:7f:8b:e5:b4:da:a8:f4:e2:a4:58:47:cd:
fc:9b:32:e1:60:ce:75:f3:05:69:86:e4:7f:f7:f3:
48:ed:e8:ba:ea:15:50:63:d0:a2:ca:4d:7b:46:c1:
95:f7:e5:6b:e3:fc:33:2f:6e:1b:85:44:cb:20:e8:
69:e2:e5:38:8b:e9:d2:d3:37:3d:f0:b6:f7:fe:ca:
69:6d:23:68:f1:4e:bb:6f:b9:be:ab:c3:71:a3:56:
3c:1c:8e:58:a2:05:60:01:2e:b5:04:b7:50:93:b2:
35:e3:31:80:18:a9:6e:3b:5a:a9:f1:e3:56:3b:7a:
ca:97:dc:89:4c:76:e8:fd:6a:5c:6e:43:e1:58:df:
a5:7c:d1:e4:5b:5b:98:0d:ed:aa:91:db:97:84:78:
a3:cd:b7:2d:d7:cb:58:36:8c:8f:af:54:4f:a3:9b:
4e:ad:97:ce:27:aa:70:5c:30:88:e3:57:c0:3f:1c:
dc:3b:5e:ea:7f:77:79:9f:1b:fb:2b:f8:85:af:43:
52:62:9e:b9:9a:72:27:b0:0f:27:ea:35:62:66:28:
21:fa:e1:8b:f5:11:f3:e9:f5:24:6d:9b:8b:1b:4f:
70:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:05:C3:22:95:26:CD:ED:F3:C0:2E:93:EE:CC:14:51:D0:7F:B7:43
X509v3 Authority Key Identifier:
keyid:24:8F:5E:26:F1:C0:8F:44:86:C9:91:1C:8B:60:9E:AE:8B:6C:B7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JI9eJvHAj0SGyZEci2Cerotst00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/ywXDIpUmze3zwC6T7swUUdB_t0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/JI9eJvHAj0SGyZEci2Cerotst00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.192.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e6:40:c0:93:ee:30:46:9a:53:e1:cf:e3:41:3c:a6:93:cc:
e9:85:d4:5e:5c:2a:7b:a3:be:73:0f:7c:7d:ec:0a:34:75:ad:
1c:e1:f6:57:20:46:7f:45:65:b5:d3:e6:0f:e6:fd:c8:a5:cf:
72:a4:79:3a:cb:51:05:2a:8d:bb:9d:4d:0b:eb:aa:94:e4:13:
b8:46:04:6c:73:b6:36:52:4a:76:19:e9:5e:66:95:b2:d5:3e:
b7:3a:ba:7c:1a:ec:bc:34:a2:77:ec:32:69:38:2d:e6:79:27:
e3:a8:85:2a:34:a1:37:4b:7f:bb:ef:0d:8e:70:7b:9f:09:9e:
98:3a:44:dd:32:2c:7f:03:07:11:12:27:3f:ee:ff:9f:1d:74:
02:59:49:38:61:47:85:1f:9f:5a:48:a5:a9:8b:6c:81:20:b8:
97:6f:8b:5d:82:ec:5e:36:c0:2c:92:5b:c8:5d:b4:fa:1a:70:
7c:37:82:a9:4c:62:36:4d:2e:cc:b9:ae:aa:49:7c:92:e4:4e:
1d:09:e9:fb:5b:0a:5f:de:81:2e:17:21:53:64:2c:31:e6:da:
d3:6e:f3:b4:f6:fa:b6:51:14:c3:1c:1c:e1:20:95:9b:81:44:
d1:a8:02:a5:0a:5c:1e:ef:59:4d:ee:55:c3:60:78:7f:c2:4a:
5f:a4:de:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbuqn90NYee+fv3uxyCkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0OGY1ZTI2ZjFjMDhmNDQ4NmM5OTExYzhiNjA5ZWFlOGI2
Y2I3NGQwHhcNMjMwMTAxMDgyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA1YzMyMjk1MjZjZGVkZjNjMDJlOTNlZWNjMTQ1MWQwN2ZiNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYQzQJLsWGOs2oVNjWa93Avz/oio
XQIbpFQyYwfiwox/i+W02qj04qRYR838mzLhYM518wVphuR/9/NI7ei66hVQY9Ci
yk17RsGV9+Vr4/wzL24bhUTLIOhp4uU4i+nS0zc98Lb3/sppbSNo8U67b7m+q8Nx
o1Y8HI5YogVgAS61BLdQk7I14zGAGKluO1qp8eNWO3rKl9yJTHbo/WpcbkPhWN+l
fNHkW1uYDe2qkduXhHijzbct18tYNoyPr1RPo5tOrZfOJ6pwXDCI41fAPxzcO17q
f3d5nxv7K/iFr0NSYp65mnInsA8n6jViZigh+uGL9RHz6fUkbZuLG09wUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsFwyKVJs3t88Auk+7MFFHQf7dDMB8GA1UdIwQY
MBaAFCSPXibxwI9EhsmRHItgnq6LbLdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkk5ZUp2SEFqMFNHeVpFY2kyQ2Vyb3RzdDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kYWU4YjAtOTdkMC00OGQ0LTliMjYt
MDEzN2IxZjc1ZDAyLzEveXdYRElwVW16ZTN6d0M2VDdzd1VVZEJfdDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kYWU4YjAtOTdkMC00OGQ0LTliMjYtMDEzN2IxZjc1ZDAy
LzEvSkk5ZUp2SEFqMFNHeVpFY2kyQ2Vyb3RzdDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbzAMA0G
CSqGSIb3DQEBCwUAA4IBAQAr5kDAk+4wRppT4c/jQTymk8zphdReXCp7o75zD3x9
7Ao0da0c4fZXIEZ/RWW10+YP5v3Ipc9ypHk6y1EFKo27nU0L66qU5BO4RgRsc7Y2
Ukp2GeleZpWy1T63Orp8Guy8NKJ37DJpOC3meSfjqIUqNKE3S3+77w2OcHufCZ6Y
OkTdMix/AwcREic/7v+fHXQCWUk4YUeFH59aSKWpi2yBILiXb4tdguxeNsAsklvI
XbT6GnB8N4KpTGI2TS7Mua6qSXyS5E4dCen7Wwpf3oEuFyFTZCwx5trTbvO09vq2
URTDHBzhIJWbgUTRqAKlClwe71lN7lXDYHh/wkpfpN7q
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:01 2025 by rpki-client