Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/fPR3rU62h--yAM86oxMRuXGvhOM.roa
File: fPR3rU62h--yAM86oxMRuXGvhOM.roa (raw, json)
Hash identifier: 1Gm0mE6kE9DQvXgcCOo0mLh3WPrM2rwv3Q0RlCmDoCY=
Subject key identifier: 7C:F4:77:AD:4E:B6:87:EF:B2:00:CF:3A:A3:13:11:B9:71:AF:84:E3
Certificate issuer: /CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Certificate serial: 01879DCC3FF35EE6422DEDC3BCC5956322BA
Authority key identifier: 9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/fPR3rU62h--yAM86oxMRuXGvhOM.roa
Signing time: Thu 20 Apr 2023 08:33:41 +0000
ROA not before: Thu 20 Apr 2023 08:33:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 193.29.152.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:cc:3f:f3:5e:e6:42:2d:ed:c3:bc:c5:95:63:22:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Validity
Not Before: Apr 20 08:33:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cf477ad4eb687efb200cf3aa31311b971af84e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c1:12:8d:23:65:76:88:1a:82:78:f6:d9:e7:
74:c9:2c:9d:48:44:a9:ee:32:12:f9:27:15:5a:3a:
06:5e:58:71:e8:f5:f0:bb:a7:82:3c:34:88:3a:0d:
19:96:4e:79:d1:aa:e2:49:56:e1:0a:c1:a0:b4:49:
95:6f:ae:3a:8a:27:30:fa:8b:80:46:65:c2:e5:14:
34:80:ae:9f:70:31:1b:1a:98:77:35:62:c3:12:d3:
55:ff:e0:1e:94:4f:f7:ba:3a:97:02:31:eb:35:cf:
9b:4c:d8:fe:77:56:91:0f:e3:9b:22:f7:a1:46:57:
c3:6e:70:67:1b:d2:b6:b8:48:b0:b6:a0:90:5e:f0:
e7:f0:04:8d:da:77:da:2a:1f:2f:f9:73:50:7c:75:
60:08:42:2b:d2:3d:7b:0e:a2:a4:e6:30:ab:5c:3d:
8e:f1:5a:54:3a:3c:a8:1b:12:43:02:de:d5:57:a7:
14:60:9a:c6:1b:dd:36:d2:c1:ab:60:a6:0a:a4:49:
df:b4:52:20:58:f3:6a:e2:41:cd:c4:fc:dd:85:f6:
c6:6f:e0:6a:ec:92:4f:98:d3:96:24:63:ad:3e:ba:
7c:a8:03:07:3d:e3:d1:4c:00:23:40:ad:60:aa:bb:
3c:46:8e:41:0a:bb:54:34:dc:5f:01:1f:af:56:dc:
58:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F4:77:AD:4E:B6:87:EF:B2:00:CF:3A:A3:13:11:B9:71:AF:84:E3
X509v3 Authority Key Identifier:
keyid:9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/fPR3rU62h--yAM86oxMRuXGvhOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/nLls5ZxZVXUw8OqkTGZFA9nEAe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.152.0/21
Signature Algorithm: sha256WithRSAEncryption
34:3c:28:57:fb:7a:4f:34:4c:fb:82:d3:5d:f1:de:ee:20:17:
a6:ba:8d:a9:3a:ce:b6:fe:03:7c:28:88:dc:2c:fe:29:ed:43:
c9:9b:02:62:23:6e:d9:6a:5a:b3:24:c0:40:dc:4f:ca:e8:cf:
c8:94:bf:72:bd:60:88:7a:ea:31:1b:3b:f4:33:f8:6d:72:ae:
f1:e2:66:33:e8:a1:e3:9b:0b:ef:9d:f7:d4:54:c7:41:5e:ba:
56:5d:45:61:80:a6:7c:c2:71:23:f4:9f:7d:59:ac:7c:95:0b:
ce:aa:a0:7f:13:13:13:51:0c:e4:df:14:78:2d:90:8d:f6:80:
28:e2:32:18:74:e1:48:74:e0:c5:82:c4:70:9d:1a:5a:05:11:
7c:52:08:c4:73:27:5c:6f:12:33:57:c4:20:5f:56:8c:d1:f0:
96:7e:2b:2e:41:4c:ae:04:d6:6f:35:a9:c4:2f:5f:09:b4:29:
e7:4b:7f:48:fe:fd:4b:1e:8a:99:ae:6e:bf:7a:28:02:f4:dc:
c9:3a:d4:d8:98:1b:e3:c8:43:18:d1:51:29:8a:fc:5c:42:6c:
47:72:55:0e:cf:2b:5b:2c:e5:30:7b:5f:93:a4:02:83:c0:5d:
ec:94:ff:da:0c:53:12:e4:7f:92:54:5c:c2:59:bf:82:2f:48:
f5:ba:09:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYedzD/zXuZCLe3DvMWVYyK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjk2Y2U1OWM1OTU1NzUzMGYwZWFhNDRjNjY0NTAzZDlj
NDAxZWQwHhcNMjMwNDIwMDgzMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y0NzdhZDRlYjY4N2VmYjIwMGNmM2FhMzEzMTFiOTcxYWY4NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicESjSNldogagnj22ed0ySydSESp
7jIS+ScVWjoGXlhx6PXwu6eCPDSIOg0Zlk550ariSVbhCsGgtEmVb646iicw+ouA
RmXC5RQ0gK6fcDEbGph3NWLDEtNV/+AelE/3ujqXAjHrNc+bTNj+d1aRD+ObIveh
RlfDbnBnG9K2uEiwtqCQXvDn8ASN2nfaKh8v+XNQfHVgCEIr0j17DqKk5jCrXD2O
8VpUOjyoGxJDAt7VV6cUYJrGG9020sGrYKYKpEnftFIgWPNq4kHNxPzdhfbGb+Bq
7JJPmNOWJGOtPrp8qAMHPePRTAAjQK1gqrs8Ro5BCrtUNNxfAR+vVtxYpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHz0d61OtofvsgDPOqMTEblxr4TjMB8GA1UdIwQY
MBaAFJy5bOWcWVV1MPDqpExmRQPZxAHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQt
ZGRiMGIxNDhlNDZiLzEvZlBSM3JVNjJoLS15QU04Nm94TVJ1WEd2aE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQtZGRiMGIxNDhlNDZi
LzEvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwR2YMA0G
CSqGSIb3DQEBCwUAA4IBAQA0PChX+3pPNEz7gtNd8d7uIBemuo2pOs62/gN8KIjc
LP4p7UPJmwJiI27ZalqzJMBA3E/K6M/IlL9yvWCIeuoxGzv0M/htcq7x4mYz6KHj
mwvvnffUVMdBXrpWXUVhgKZ8wnEj9J99Wax8lQvOqqB/ExMTUQzk3xR4LZCN9oAo
4jIYdOFIdODFgsRwnRpaBRF8UgjEcydcbxIzV8QgX1aM0fCWfisuQUyuBNZvNanE
L18JtCnnS39I/v1LHoqZrm6/eigC9NzJOtTYmBvjyEMY0VEpivxcQmxHclUOzytb
LOUwe1+TpAKDwF3slP/aDFMS5H+SVFzCWb+CL0j1ugmw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:25 2025 by rpki-client