Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/flrcQj4NvZ-z0UovYVKsQct7FUY.roa
File: flrcQj4NvZ-z0UovYVKsQct7FUY.roa (raw, json)
Hash identifier: AqYHyvV2lmYHNcqNV3iT3V3cQDIpYJZp0g6Lejytm9Y=
Subject key identifier: 7E:5A:DC:42:3E:0D:BD:9F:B3:D1:4A:2F:61:52:AC:41:CB:7B:15:46
Certificate issuer: /CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Certificate serial: 01860CD7C31E609D453D71C3EC5D2C8DB46A
Authority key identifier: 16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/flrcQj4NvZ-z0UovYVKsQct7FUY.roa
Signing time: Wed 01 Feb 2023 11:58:32 +0000
ROA not before: Wed 01 Feb 2023 11:58:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212824
IP address blocks: 193.151.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:d7:c3:1e:60:9d:45:3d:71:c3:ec:5d:2c:8d:b4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Validity
Not Before: Feb 1 11:58:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e5adc423e0dbd9fb3d14a2f6152ac41cb7b1546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b1:24:b9:15:94:17:d3:56:e0:53:b4:4c:37:
60:cf:c2:58:08:06:1b:7e:ba:73:67:ad:15:fd:38:
3c:c6:af:b5:26:07:1d:c3:e5:11:11:34:50:c2:54:
bf:76:38:34:5a:26:87:88:76:4a:64:18:c1:c0:9a:
60:54:d2:9e:7f:08:c8:1c:91:0e:98:ce:4d:43:79:
4a:f7:42:7a:a8:49:2a:07:8f:cd:7d:56:1d:a1:e3:
f6:22:6e:73:91:8e:eb:4c:61:8e:a0:23:d2:63:f5:
c3:a1:17:80:be:d1:ec:03:6d:54:47:76:02:97:56:
e2:9d:4f:1f:5b:29:2a:95:a6:f6:58:43:51:19:fb:
28:1b:b1:9f:16:ae:e7:65:56:5d:d9:aa:1d:7c:60:
91:58:88:4a:34:43:57:da:42:46:fe:5b:48:13:2d:
5a:12:9a:76:f9:da:33:63:22:47:62:30:01:f5:ce:
d3:2c:35:74:c4:03:87:5e:b6:8e:8a:5b:ee:68:85:
30:a4:49:3a:3a:dc:16:df:bc:a9:cd:f2:6d:7d:59:
51:fe:3f:94:95:06:f5:cf:2c:cc:8b:6c:09:f9:dc:
0b:34:85:43:45:ea:6c:a9:16:1b:95:c6:57:bc:a7:
f5:a4:4e:b5:b7:97:86:73:ac:63:1a:39:d9:40:32:
b5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5A:DC:42:3E:0D:BD:9F:B3:D1:4A:2F:61:52:AC:41:CB:7B:15:46
X509v3 Authority Key Identifier:
keyid:16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/flrcQj4NvZ-z0UovYVKsQct7FUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.243.0/24
Signature Algorithm: sha256WithRSAEncryption
25:4b:27:fc:77:56:c6:40:3e:5c:35:5e:af:7a:b2:d8:ed:7a:
9d:f1:82:dd:b6:cb:41:53:a6:a3:5e:6c:34:2f:0d:7c:d8:12:
96:d4:51:a1:1c:1a:8a:ee:56:8e:ce:f2:f3:88:f2:6c:7c:66:
88:95:2e:8e:c0:e5:d2:ee:c7:c9:38:6b:d6:2c:7c:01:e1:5b:
b5:9b:03:57:10:c5:c6:cd:27:fa:74:c4:2a:2a:b8:f7:58:c3:
2c:6a:b9:31:b0:72:01:0b:93:99:f6:fd:35:5d:e5:3b:94:a4:
3b:96:57:b3:14:bb:ea:33:41:20:2b:b0:c0:31:57:f9:dd:89:
25:af:7a:52:05:b4:71:a3:85:c8:82:0b:23:7e:d5:90:c8:24:
5c:fb:e1:55:99:e5:56:6e:12:32:36:f8:85:3c:3b:6b:35:0a:
5e:88:17:5d:b5:42:9a:d5:8c:eb:cd:3c:f7:7c:de:ff:b2:ec:
88:67:93:2e:34:ca:95:43:97:d1:c1:f4:7d:67:25:08:45:52:
db:6b:fd:b5:fb:f4:2a:ce:19:6e:3b:5a:80:8a:a4:35:79:30:
4c:8f:68:47:75:60:56:d9:eb:ea:3e:7a:c3:6c:af:35:d4:e0:
0b:78:9c:ba:aa:d9:70:79:bd:32:63:f9:63:00:bf:a9:b8:29:
f8:0b:ad:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYM18MeYJ1FPXHD7F0sjbRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OWY0ZWQ2NjIwYzg5NjA1MjFmYmI4MWZmNzJlODM3ZGMw
MDM4YWYwHhcNMjMwMjAxMTE1ODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTVhZGM0MjNlMGRiZDlmYjNkMTRhMmY2MTUyYWM0MWNiN2IxNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbEkuRWUF9NW4FO0TDdgz8JYCAYb
frpzZ60V/Tg8xq+1Jgcdw+URETRQwlS/djg0WiaHiHZKZBjBwJpgVNKefwjIHJEO
mM5NQ3lK90J6qEkqB4/NfVYdoeP2Im5zkY7rTGGOoCPSY/XDoReAvtHsA21UR3YC
l1binU8fWykqlab2WENRGfsoG7GfFq7nZVZd2aodfGCRWIhKNENX2kJG/ltIEy1a
Epp2+dozYyJHYjAB9c7TLDV0xAOHXraOilvuaIUwpEk6OtwW37ypzfJtfVlR/j+U
lQb1zyzMi2wJ+dwLNIVDRepsqRYblcZXvKf1pE61t5eGc6xjGjnZQDK1IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5a3EI+Db2fs9FKL2FSrEHLexVGMB8GA1UdIwQY
MBaAFBafTtZiDIlgUh+7gf9y6DfcADivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWIt
Y2Y1ZmIwNDI1NjZhLzEvZmxyY1FqNE52Wi16MFVvdllWS3NRY3Q3RlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWItY2Y1ZmIwNDI1NjZh
LzEvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZfzMA0G
CSqGSIb3DQEBCwUAA4IBAQAlSyf8d1bGQD5cNV6verLY7Xqd8YLdtstBU6ajXmw0
Lw182BKW1FGhHBqK7laOzvLziPJsfGaIlS6OwOXS7sfJOGvWLHwB4Vu1mwNXEMXG
zSf6dMQqKrj3WMMsarkxsHIBC5OZ9v01XeU7lKQ7llezFLvqM0EgK7DAMVf53Ykl
r3pSBbRxo4XIggsjftWQyCRc++FVmeVWbhIyNviFPDtrNQpeiBddtUKa1YzrzTz3
fN7/suyIZ5MuNMqVQ5fRwfR9ZyUIRVLba/21+/QqzhluO1qAiqQ1eTBMj2hHdWBW
2evqPnrDbK811OALeJy6qtlweb0yY/ljAL+puCn4C62a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:01 2025 by rpki-client