Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/Tx3-Xu5B21Ud9zdWQGUrwaJ1rBA.roa
File: Tx3-Xu5B21Ud9zdWQGUrwaJ1rBA.roa (raw, json)
Hash identifier: PFXdN/9Is0ymKCx76CT9f8VhQJmjN+khRaC+87MyKb0=
Subject key identifier: 4F:1D:FE:5E:EE:41:DB:55:1D:F7:37:56:40:65:2B:C1:A2:75:AC:10
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 01857270F4D084A7EA8C122600D42EDC36A4
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/Tx3-Xu5B21Ud9zdWQGUrwaJ1rBA.roa
Signing time: Mon 02 Jan 2023 12:24:43 +0000
ROA not before: Mon 02 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42397
IP address blocks: 193.32.160.0/24 maxlen: 24
185.232.65.0/24 maxlen: 24
193.29.13.0/24 maxlen: 24
193.29.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f4:d0:84:a7:ea:8c:12:26:00:d4:2e:dc:36:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 2 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f1dfe5eee41db551df7375640652bc1a275ac10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c5:32:72:47:4c:5a:e6:30:7d:27:ba:35:01:
6d:63:fa:c3:22:6d:12:28:3c:1e:73:4a:ea:18:45:
15:11:4b:8f:78:60:91:66:b5:d0:20:9e:91:16:dc:
af:6d:4b:6b:bf:70:87:cb:99:c0:e4:77:40:0c:87:
42:be:5f:be:0d:ea:c2:e3:54:32:2e:34:ac:78:0f:
f8:23:9d:6a:d1:53:61:50:19:99:7c:e7:41:59:dd:
53:b4:a1:c3:f4:fd:5b:e8:98:a6:91:59:e0:65:15:
1f:52:51:46:38:f3:be:ae:b3:1e:8e:98:36:8f:29:
48:3a:60:f1:d6:59:16:2b:ea:13:65:26:4b:d9:13:
95:d4:e5:1d:3f:f7:c2:2c:91:46:97:83:c2:cb:70:
4d:66:7c:2d:25:54:22:6c:29:41:e5:a4:5c:cd:6a:
4f:00:9c:04:e0:5f:46:66:a7:9f:72:3b:20:6d:76:
c1:22:a1:f1:c6:16:b4:a0:53:c3:0c:a0:bc:88:9f:
0e:95:fd:96:88:ca:47:74:29:e4:7a:59:72:1c:39:
34:3f:3b:83:c3:53:3b:96:19:34:8e:ff:55:ba:8a:
81:90:00:9a:d2:53:ee:99:f5:59:37:af:e8:7a:aa:
f8:77:c9:51:9b:01:9f:72:58:ab:23:5f:4d:4b:0a:
01:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:1D:FE:5E:EE:41:DB:55:1D:F7:37:56:40:65:2B:C1:A2:75:AC:10
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/Tx3-Xu5B21Ud9zdWQGUrwaJ1rBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.65.0/24
193.29.13.0/24
193.29.15.0/24
193.32.160.0/24
Signature Algorithm: sha256WithRSAEncryption
be:58:dd:53:d9:9a:a9:1c:be:a0:94:54:5f:d9:44:cf:a4:86:
12:88:19:6d:46:b0:7b:da:99:cb:b0:b0:f7:dd:98:8b:31:1d:
fa:24:d6:97:8e:c4:77:22:3f:df:e9:13:e5:87:e0:f6:02:4a:
0f:3c:3a:71:67:ee:50:5d:18:35:63:f8:51:38:dc:c6:dd:8a:
09:e3:86:33:d3:d7:9f:7d:f4:6f:62:29:09:a4:63:47:90:14:
2d:df:e6:18:47:3a:43:c5:96:ad:ed:b6:cd:cc:27:f2:ca:64:
3c:ea:0c:c2:65:6c:0d:9c:a2:1d:b7:fe:74:28:e7:c6:6f:20:
17:0d:3c:31:a2:06:c5:08:ae:32:70:20:93:71:45:8b:3c:14:
39:7b:b4:59:32:a0:04:3a:04:56:41:37:0a:64:05:09:ef:ed:
be:37:0b:82:2d:81:a7:de:a9:a8:44:75:a1:22:6b:c7:ed:38:
21:df:5c:f6:8b:18:12:8d:51:ea:33:6c:68:a8:13:71:11:e1:
60:3c:f1:d1:ad:29:a8:2e:e4:e0:ad:d3:dc:7e:9d:dd:b9:15:
49:c7:96:54:6c:bf:00:55:53:5f:90:64:7c:76:5f:35:aa:d6:
c8:5c:62:2d:0c:08:af:e5:df:84:3a:d9:16:de:29:7b:e8:db:
bc:ab:4f:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVycPTQhKfqjBImANQu3DakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjMwMTAyMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjFkZmU1ZWVlNDFkYjU1MWRmNzM3NTY0MDY1MmJjMWEyNzVhYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcUyckdMWuYwfSe6NQFtY/rDIm0S
KDwec0rqGEUVEUuPeGCRZrXQIJ6RFtyvbUtrv3CHy5nA5HdADIdCvl++DerC41Qy
LjSseA/4I51q0VNhUBmZfOdBWd1TtKHD9P1b6JimkVngZRUfUlFGOPO+rrMejpg2
jylIOmDx1lkWK+oTZSZL2ROV1OUdP/fCLJFGl4PCy3BNZnwtJVQibClB5aRczWpP
AJwE4F9GZqefcjsgbXbBIqHxxha0oFPDDKC8iJ8Olf2WiMpHdCnkellyHDk0PzuD
w1M7lhk0jv9VuoqBkACa0lPumfVZN6/oeqr4d8lRmwGfclirI19NSwoBwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE8d/l7uQdtVHfc3VkBlK8GidawQMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvVHgzLVh1NUIyMVVkOXpkV1FHVXJ3YUoxckJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuehBAwQA
wR0NAwQAwR0PAwQAwSCgMA0GCSqGSIb3DQEBCwUAA4IBAQC+WN1T2ZqpHL6glFRf
2UTPpIYSiBltRrB72pnLsLD33ZiLMR36JNaXjsR3Ij/f6RPlh+D2AkoPPDpxZ+5Q
XRg1Y/hRONzG3YoJ44Yz09efffRvYikJpGNHkBQt3+YYRzpDxZat7bbNzCfyymQ8
6gzCZWwNnKIdt/50KOfGbyAXDTwxogbFCK4ycCCTcUWLPBQ5e7RZMqAEOgRWQTcK
ZAUJ7+2+NwuCLYGn3qmoRHWhImvH7Tgh31z2ixgSjVHqM2xoqBNxEeFgPPHRrSmo
LuTgrdPcfp3duRVJx5ZUbL8AVVNfkGR8dl81qtbIXGItDAiv5d+EOtkW3il76Nu8
q0+D
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:47 2025 by rpki-client