Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/sLZgBlrqMJLfMmEHt31dK3yxubc.roa
File: sLZgBlrqMJLfMmEHt31dK3yxubc.roa (raw, json)
Hash identifier: HD3uS/gMaE2nAFQy9W4qGgWt2N3j/cgsKsZmpBXJ6I0=
Subject key identifier: B0:B6:60:06:5A:EA:30:92:DF:32:61:07:B7:7D:5D:2B:7C:B1:B9:B7
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 018571955DE5F4CE85468453108E76A35C76
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/sLZgBlrqMJLfMmEHt31dK3yxubc.roa
Signing time: Mon 02 Jan 2023 08:24:52 +0000
ROA not before: Mon 02 Jan 2023 08:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202062
IP address blocks: 193.31.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:5d:e5:f4:ce:85:46:84:53:10:8e:76:a3:5c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Jan 2 08:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0b660065aea3092df326107b77d5d2b7cb1b9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1d:db:d9:e9:62:a1:ef:44:2a:fb:c9:e3:aa:
de:45:ad:0f:18:22:ad:48:94:f7:2d:e4:5e:09:83:
80:c4:b4:93:65:65:7f:13:a3:b8:d1:9f:6e:90:a8:
cb:24:e3:5a:f0:10:96:bd:1d:92:24:c5:df:d6:22:
3c:18:2e:53:e1:45:e4:9e:fb:41:c2:8c:f7:2f:50:
06:61:9c:14:6f:0b:a2:40:5d:5c:2a:cb:e2:e2:34:
57:ed:6f:d9:f9:04:63:ea:e1:14:ce:66:78:4e:09:
fb:95:4e:54:d5:76:97:fa:18:d8:9d:23:c6:7d:d4:
44:03:d7:3b:25:dc:74:32:7c:d7:c4:fb:a1:74:dc:
01:2d:b0:0a:66:dd:da:7b:0b:b0:3b:a6:18:fd:19:
44:d2:7b:86:d4:02:40:1c:ff:bb:c3:06:10:09:55:
b2:52:ba:34:7f:96:da:5a:34:ac:bb:7f:d8:9e:37:
67:53:65:85:4b:5b:08:64:c2:07:28:f6:8c:38:4e:
0d:ef:22:a5:15:4c:67:a1:2e:3e:5a:24:ca:b5:48:
9e:9f:df:79:75:bf:81:79:21:4f:9b:b9:c8:14:58:
5d:0a:66:15:cf:c1:a9:de:5c:a7:1e:3d:b2:0a:9b:
7f:f1:50:46:b4:6c:c3:7d:80:e6:c5:1f:b6:7f:fd:
42:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B6:60:06:5A:EA:30:92:DF:32:61:07:B7:7D:5D:2B:7C:B1:B9:B7
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/sLZgBlrqMJLfMmEHt31dK3yxubc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.254.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:f3:f6:31:c2:0e:c1:8c:99:2b:bb:ff:dc:ae:27:74:32:d3:
6c:60:9e:d9:a8:2b:01:8a:0b:25:7a:72:18:29:1d:fa:12:86:
0f:a1:d6:1e:cf:f2:5b:1c:90:21:46:fc:6b:db:94:9a:17:58:
2e:bb:6f:ad:cc:ca:db:fc:83:ce:c9:62:24:c7:ae:f1:81:19:
e6:da:0f:4d:fd:23:84:43:22:92:2a:e2:cb:1e:b7:30:ce:8d:
a2:11:22:4f:4c:3e:54:60:96:99:be:8d:82:e2:fd:dc:f5:24:
c3:75:66:b7:32:0a:7a:c8:d2:d8:10:21:43:1f:43:ec:3d:08:
f8:1d:da:9b:15:7b:fe:11:ee:6d:5e:9d:55:a1:7d:6e:1d:d4:
96:b7:8f:0d:c5:42:b2:65:18:b1:3c:54:45:da:8e:6b:dd:46:
10:0f:2f:ee:41:97:d1:7c:03:17:cc:ed:76:29:1a:ca:e0:bd:
9b:a0:a6:16:73:f6:2e:51:2f:4c:f8:a4:2d:30:1f:03:40:18:
0b:53:79:21:c0:07:bb:38:0f:3c:f4:4a:7a:d5:ce:83:29:ec:
1f:a7:aa:fc:22:91:d5:bc:f8:a2:eb:5a:24:a8:74:66:88:d5:
73:93:7c:ad:f1:0b:87:ba:0c:98:0f:74:c1:f7:1a:5c:d1:97:
2f:ad:0a:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlV3l9M6FRoRTEI52o1x2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjMwMTAyMDgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI2NjAwNjVhZWEzMDkyZGYzMjYxMDdiNzdkNWQyYjdjYjFiOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx3b2elioe9EKvvJ46reRa0PGCKt
SJT3LeReCYOAxLSTZWV/E6O40Z9ukKjLJONa8BCWvR2SJMXf1iI8GC5T4UXknvtB
woz3L1AGYZwUbwuiQF1cKsvi4jRX7W/Z+QRj6uEUzmZ4Tgn7lU5U1XaX+hjYnSPG
fdREA9c7Jdx0MnzXxPuhdNwBLbAKZt3aewuwO6YY/RlE0nuG1AJAHP+7wwYQCVWy
Uro0f5baWjSsu3/YnjdnU2WFS1sIZMIHKPaMOE4N7yKlFUxnoS4+WiTKtUien995
db+BeSFPm7nIFFhdCmYVz8Gp3lynHj2yCpt/8VBGtGzDfYDmxR+2f/1CxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLC2YAZa6jCS3zJhB7d9XSt8sbm3MB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvc0xaZ0JscnFNSkxmTW1FSHQzMWRLM3l4dWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwR/+MA0G
CSqGSIb3DQEBCwUAA4IBAQA68/Yxwg7BjJkru//crid0MtNsYJ7ZqCsBigslenIY
KR36EoYPodYez/JbHJAhRvxr25SaF1guu2+tzMrb/IPOyWIkx67xgRnm2g9N/SOE
QyKSKuLLHrcwzo2iESJPTD5UYJaZvo2C4v3c9STDdWa3Mgp6yNLYECFDH0PsPQj4
HdqbFXv+Ee5tXp1VoX1uHdSWt48NxUKyZRixPFRF2o5r3UYQDy/uQZfRfAMXzO12
KRrK4L2boKYWc/YuUS9M+KQtMB8DQBgLU3khwAe7OA889Ep61c6DKewfp6r8IpHV
vPii61okqHRmiNVzk3yt8QuHugyYD3TB9xpc0ZcvrQrG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:40 2025 by rpki-client