Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/pAFbu8E3ixmw8RKiCjlPPsLb5s8.roa
File: pAFbu8E3ixmw8RKiCjlPPsLb5s8.roa (raw, json)
Hash identifier: oaFZWLY8DtX2frWi/vJeSyai76zW2hk+cgdbPFOjzDA=
Subject key identifier: A4:01:5B:BB:C1:37:8B:19:B0:F1:12:A2:0A:39:4F:3E:C2:DB:E6:CF
Certificate issuer: /CN=76ee9f7d8e5d18c50884f83378ae48ba2fcda6e2
Certificate serial: 0185728C706AC683623CF9B642A0B74F1A87
Authority key identifier: 76:EE:9F:7D:8E:5D:18:C5:08:84:F8:33:78:AE:48:BA:2F:CD:A6:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/du6ffY5dGMUIhPgzeK5Iui_NpuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/pAFbu8E3ixmw8RKiCjlPPsLb5s8.roa
Signing time: Mon 02 Jan 2023 12:54:44 +0000
ROA not before: Mon 02 Jan 2023 12:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211566
IP address blocks: 193.3.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:70:6a:c6:83:62:3c:f9:b6:42:a0:b7:4f:1a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ee9f7d8e5d18c50884f83378ae48ba2fcda6e2
Validity
Not Before: Jan 2 12:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4015bbbc1378b19b0f112a20a394f3ec2dbe6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2a:44:d9:40:9c:35:a4:59:00:41:fc:8d:9f:
3d:8a:15:1f:ff:d9:df:bd:e9:32:e8:05:63:48:3a:
f5:bc:54:1b:aa:e1:d1:f0:2a:fd:73:4c:3d:b0:83:
a3:d4:90:66:e7:cf:34:68:f7:63:ee:b7:4f:d3:9a:
e6:7f:9c:05:1b:6f:ef:24:87:9f:3f:dc:fc:93:25:
de:bd:5b:a8:49:e9:70:db:71:f9:b4:1f:1c:66:83:
a8:02:99:2a:b6:d7:88:de:27:ff:da:e4:9a:5a:3c:
16:97:3a:de:ab:a5:f6:6a:18:77:45:9d:9d:18:8d:
fd:c5:93:fb:02:3b:10:37:b1:79:ed:43:1a:0b:f9:
10:f3:3e:87:cd:5c:4a:76:5e:12:c5:33:1c:fe:5c:
1d:4d:d0:e6:55:15:d0:32:58:cc:19:83:70:04:8f:
b4:44:e5:fd:8e:16:5b:81:a6:ec:b4:24:b6:05:fb:
a9:ca:62:63:2c:c4:e8:ee:67:3e:a6:83:1e:a8:b5:
ec:f3:fd:8f:20:4f:63:72:b7:0e:22:bc:5e:8a:1e:
44:b4:e5:a2:fb:62:29:62:cd:2c:00:81:4f:30:a8:
49:1f:de:10:60:56:97:0d:c9:06:53:41:0a:cb:88:
e8:bb:92:14:83:f0:81:c0:8e:19:c4:7f:46:81:92:
6f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:01:5B:BB:C1:37:8B:19:B0:F1:12:A2:0A:39:4F:3E:C2:DB:E6:CF
X509v3 Authority Key Identifier:
keyid:76:EE:9F:7D:8E:5D:18:C5:08:84:F8:33:78:AE:48:BA:2F:CD:A6:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/du6ffY5dGMUIhPgzeK5Iui_NpuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/pAFbu8E3ixmw8RKiCjlPPsLb5s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.33.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a4:ad:ef:62:d3:db:b9:ea:20:a7:eb:82:e3:0e:b6:ae:29:
e1:f3:da:57:13:73:07:72:f9:0d:19:31:ee:e3:df:ea:37:7b:
50:e6:4d:42:0d:fb:07:eb:d3:ec:ea:9e:43:21:f5:29:d3:4e:
e5:4d:f9:e8:ae:1b:0e:46:e4:7b:91:7f:c7:79:cd:38:a4:a1:
88:d4:10:28:34:ba:b3:96:c4:1a:fb:f6:bc:cd:23:48:c8:3a:
ae:ea:07:47:d7:7c:2d:5a:e2:15:c4:8e:e0:8f:be:28:65:83:
25:fe:d4:62:e4:de:95:4a:35:2d:fd:64:05:1b:47:43:42:df:
90:0d:a3:53:a2:58:8b:a7:9d:2b:45:00:cc:5f:98:e6:72:92:
61:c8:42:dd:ff:88:8f:59:46:c1:36:a5:b3:9f:d0:24:81:54:
26:3f:cc:2c:7b:26:e9:f7:7b:89:7d:62:13:91:d7:82:29:de:
9d:8f:73:54:5d:63:b2:04:79:2d:27:90:b3:33:2b:9f:bb:f9:
83:51:47:06:f7:12:99:ef:e5:f5:77:05:db:14:ed:cd:99:0e:
a7:62:bf:f8:07:31:0e:e0:50:99:e0:a0:2b:15:6e:2b:91:f0:
9a:a9:d2:62:c0:fc:c8:7a:0b:85:70:c8:42:cf:d8:be:1d:d5:
eb:17:84:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjHBqxoNiPPm2QqC3TxqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZWU5ZjdkOGU1ZDE4YzUwODg0ZjgzMzc4YWU0OGJhMmZj
ZGE2ZTIwHhcNMjMwMTAyMTI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDAxNWJiYmMxMzc4YjE5YjBmMTEyYTIwYTM5NGYzZWMyZGJlNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwypE2UCcNaRZAEH8jZ89ihUf/9nf
veky6AVjSDr1vFQbquHR8Cr9c0w9sIOj1JBm5880aPdj7rdP05rmf5wFG2/vJIef
P9z8kyXevVuoSelw23H5tB8cZoOoApkqtteI3if/2uSaWjwWlzreq6X2ahh3RZ2d
GI39xZP7AjsQN7F57UMaC/kQ8z6HzVxKdl4SxTMc/lwdTdDmVRXQMljMGYNwBI+0
ROX9jhZbgabstCS2BfupymJjLMTo7mc+poMeqLXs8/2PIE9jcrcOIrxeih5EtOWi
+2IpYs0sAIFPMKhJH94QYFaXDckGU0EKy4jou5IUg/CBwI4ZxH9GgZJvxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQBW7vBN4sZsPESogo5Tz7C2+bPMB8GA1UdIwQY
MBaAFHbun32OXRjFCIT4M3iuSLovzabiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHU2ZmZZNWRHTVVJaFBnemVLNUl1aV9OcHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hYTNiNDItYjYwMS00MGI0LWIyOTkt
YmY4ZTk2MGZlMGFkLzEvcEFGYnU4RTNpeG13OFJLaUNqbFBQc0xiNXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hYTNiNDItYjYwMS00MGI0LWIyOTktYmY4ZTk2MGZlMGFk
LzEvZHU2ZmZZNWRHTVVJaFBnemVLNUl1aV9OcHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMhMA0G
CSqGSIb3DQEBCwUAA4IBAQCipK3vYtPbueogp+uC4w62rinh89pXE3MHcvkNGTHu
49/qN3tQ5k1CDfsH69Ps6p5DIfUp007lTfnorhsORuR7kX/Hec04pKGI1BAoNLqz
lsQa+/a8zSNIyDqu6gdH13wtWuIVxI7gj74oZYMl/tRi5N6VSjUt/WQFG0dDQt+Q
DaNToliLp50rRQDMX5jmcpJhyELd/4iPWUbBNqWzn9AkgVQmP8wseybp93uJfWIT
kdeCKd6dj3NUXWOyBHktJ5CzMyufu/mDUUcG9xKZ7+X1dwXbFO3NmQ6nYr/4BzEO
4FCZ4KArFW4rkfCaqdJiwPzIeguFcMhCz9i+HdXrF4SM
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:39 2025 by rpki-client