Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/d_cYEKj2cSSvfq77z0k43BSinCE.roa
File: d_cYEKj2cSSvfq77z0k43BSinCE.roa (raw, json)
Hash identifier: P0aR56YPnJ+5uh6HSvBbWCWXClCGeNhhRsFUCJ6zGeI=
Subject key identifier: 77:F7:18:10:A8:F6:71:24:AF:7E:AE:FB:CF:49:38:DC:14:A2:9C:21
Certificate issuer: /CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Certificate serial: 018570CBD139435860C1941E092AEC816898
Authority key identifier: 16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/d_cYEKj2cSSvfq77z0k43BSinCE.roa
Signing time: Mon 02 Jan 2023 04:44:43 +0000
ROA not before: Mon 02 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25482
IP address blocks: 193.151.240.0/22 maxlen: 22
193.151.240.0/24 maxlen: 24
193.151.240.0/23 maxlen: 23
193.151.241.0/24 maxlen: 24
193.151.242.0/23 maxlen: 23
193.151.242.0/24 maxlen: 24
193.151.243.0/24 maxlen: 24
2001:678:2d0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d1:39:43:58:60:c1:94:1e:09:2a:ec:81:68:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Validity
Not Before: Jan 2 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77f71810a8f67124af7eaefbcf4938dc14a29c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:68:32:f5:f6:6b:1b:2c:2c:c4:05:46:ff:
18:62:4b:45:32:fd:96:2e:cd:ec:c1:44:d8:b2:f2:
e6:de:1c:e4:31:9c:15:e4:a1:17:e9:15:eb:07:fb:
21:aa:a4:fd:0c:d7:c8:c4:53:46:07:68:c1:f6:fa:
dd:4d:d9:2f:9e:04:b8:a0:08:bd:ea:7a:7e:a6:2f:
9b:fe:37:9b:7d:fe:b9:7e:04:04:9e:79:fc:f4:83:
c4:2a:74:df:db:77:ed:b7:62:97:ce:e9:c1:e3:af:
ae:bd:60:56:1d:fc:c7:8e:be:9f:5d:1f:61:a7:bb:
c8:d3:c8:fc:77:c2:cf:dd:71:80:ce:66:12:58:1d:
dc:f4:aa:b4:66:8c:53:84:3d:2a:29:17:01:0f:64:
a3:21:47:cc:96:b8:90:75:3a:76:62:91:53:66:59:
03:55:92:c2:41:28:68:a8:18:d5:f2:5f:ef:3e:09:
4d:83:6a:ed:00:6f:37:82:82:e1:27:f3:f8:12:3a:
99:f4:49:bf:8c:dc:77:b1:f6:b9:65:ae:75:8f:07:
bb:aa:ee:df:2b:eb:08:71:fd:03:e3:2e:a9:b9:b7:
4b:b8:15:bc:ca:56:ba:89:e6:70:3f:52:9b:3c:68:
1d:c0:a5:6e:a6:b5:40:3b:8d:73:2c:c2:f9:2c:39:
5d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F7:18:10:A8:F6:71:24:AF:7E:AE:FB:CF:49:38:DC:14:A2:9C:21
X509v3 Authority Key Identifier:
keyid:16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/d_cYEKj2cSSvfq77z0k43BSinCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.240.0/22
IPv6:
2001:678:2d0::/48
Signature Algorithm: sha256WithRSAEncryption
34:59:d5:b8:05:15:92:4c:1b:eb:bb:e8:33:d9:b5:e6:89:23:
04:62:3f:ea:93:2c:29:2b:b0:37:3a:a2:0a:dd:c8:2d:bc:37:
ca:05:b9:e1:96:6f:20:96:28:a5:99:5b:84:a4:1d:d0:ca:af:
90:52:df:2b:63:20:6a:f7:88:3b:31:e0:d1:38:5a:8e:69:fc:
1c:8b:b3:97:9b:5a:04:5f:4d:27:1a:c5:a3:75:19:c8:f6:94:
3c:90:0e:37:3d:df:46:ba:c6:fa:bb:f6:3c:fd:b1:e3:26:ba:
5a:55:54:7f:67:d1:aa:76:71:f2:4f:83:e0:b3:9a:90:36:ad:
ab:f0:85:ad:69:e8:32:3d:17:f7:8c:a1:e1:ea:85:39:89:a4:
75:db:5d:53:a4:5e:8c:b3:d2:d1:64:74:f6:76:ff:38:2a:52:
82:b2:d0:da:50:f9:b5:af:81:08:bb:01:dc:96:7c:d9:b1:f9:
36:9c:4a:22:7b:c7:39:0c:96:be:dc:26:bb:75:81:94:a3:48:
b3:fd:b0:66:08:1b:7b:ba:9f:95:a0:c4:5c:bd:60:d0:eb:dc:
c2:14:23:3d:72:87:01:92:de:22:c6:a8:c3:cd:a7:20:ff:47:
8e:05:4c:81:75:93:df:ab:bf:dd:cd:9a:3f:00:0b:ec:0e:0d:
85:b2:9d:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwy9E5Q1hgwZQeCSrsgWiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OWY0ZWQ2NjIwYzg5NjA1MjFmYmI4MWZmNzJlODM3ZGMw
MDM4YWYwHhcNMjMwMTAyMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Y3MTgxMGE4ZjY3MTI0YWY3ZWFlZmJjZjQ5MzhkYzE0YTI5YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRZoMvX2axssLMQFRv8YYktFMv2W
Ls3swUTYsvLm3hzkMZwV5KEX6RXrB/shqqT9DNfIxFNGB2jB9vrdTdkvngS4oAi9
6np+pi+b/jebff65fgQEnnn89IPEKnTf23ftt2KXzunB46+uvWBWHfzHjr6fXR9h
p7vI08j8d8LP3XGAzmYSWB3c9Kq0ZoxThD0qKRcBD2SjIUfMlriQdTp2YpFTZlkD
VZLCQShoqBjV8l/vPglNg2rtAG83goLhJ/P4EjqZ9Em/jNx3sfa5Za51jwe7qu7f
K+sIcf0D4y6pubdLuBW8yla6ieZwP1KbPGgdwKVuprVAO41zLML5LDldMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHf3GBCo9nEkr36u+89JONwUopwhMB8GA1UdIwQY
MBaAFBafTtZiDIlgUh+7gf9y6DfcADivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWIt
Y2Y1ZmIwNDI1NjZhLzEvZF9jWUVLajJjU1N2ZnE3N3owazQzQlNpbkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWItY2Y1ZmIwNDI1NjZh
LzEvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwZfwMA8E
AgACMAkDBwAgAQZ4AtAwDQYJKoZIhvcNAQELBQADggEBADRZ1bgFFZJMG+u76DPZ
teaJIwRiP+qTLCkrsDc6ogrdyC28N8oFueGWbyCWKKWZW4SkHdDKr5BS3ytjIGr3
iDsx4NE4Wo5p/ByLs5ebWgRfTScaxaN1Gcj2lDyQDjc930a6xvq79jz9seMmulpV
VH9n0ap2cfJPg+CzmpA2ravwha1p6DI9F/eMoeHqhTmJpHXbXVOkXoyz0tFkdPZ2
/zgqUoKy0NpQ+bWvgQi7AdyWfNmx+TacSiJ7xzkMlr7cJrt1gZSjSLP9sGYIG3u6
n5WgxFy9YNDr3MIUIz1yhwGS3iLGqMPNpyD/R44FTIF1k9+rv93Nmj8AC+wODYWy
nfc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:48 2025 by rpki-client