Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/DT2vO6UxxiYWeoy8TxSYvDDtz2s.roa
File: DT2vO6UxxiYWeoy8TxSYvDDtz2s.roa (raw, json)
Hash identifier: kK2lOKZFaJ/T/O9ChWTiT0p5TzNc9QtkIIZ/OVifESY=
Subject key identifier: 0D:3D:AF:3B:A5:31:C6:26:16:7A:8C:BC:4F:14:98:BC:30:ED:CF:6B
Certificate issuer: /CN=b77813f6c5670a58686adc3d4955744295dd1419
Certificate serial: 01856F66D20D0E63A42AEED2804827EEF8BB
Authority key identifier: B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/DT2vO6UxxiYWeoy8TxSYvDDtz2s.roa
Signing time: Sun 01 Jan 2023 22:14:47 +0000
ROA not before: Sun 01 Jan 2023 22:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199806
IP address blocks: 193.84.252.0/24 maxlen: 24
2001:67c:1828::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:d2:0d:0e:63:a4:2a:ee:d2:80:48:27:ee:f8:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b77813f6c5670a58686adc3d4955744295dd1419
Validity
Not Before: Jan 1 22:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d3daf3ba531c626167a8cbc4f1498bc30edcf6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b8:c7:a9:13:67:0b:f4:7d:c7:ff:c6:d9:2e:
94:d5:4e:39:96:2e:0d:e8:40:b4:05:f9:81:78:ac:
33:16:24:cc:10:b9:eb:e8:0c:25:40:c7:2a:4b:7a:
c4:da:a5:1c:14:7b:ad:c9:9a:09:0f:dd:db:e5:22:
4a:2a:60:72:38:cc:f9:21:43:3f:29:48:a8:82:07:
22:04:7d:06:b6:37:93:72:f4:74:b1:2f:63:d2:0a:
d0:3c:30:fa:35:7f:15:bd:00:d6:53:9c:a5:2e:42:
83:d4:3d:b5:6c:9a:40:13:c0:5f:4f:c1:c0:82:47:
5b:44:f9:e9:d7:4f:f9:21:46:5f:4a:94:2d:2b:61:
1c:24:1c:12:14:e7:2a:4b:d0:b5:1d:d5:cd:39:32:
7c:ee:60:4c:25:2c:29:ce:93:6a:e3:96:9d:8b:4e:
b6:f2:f5:77:1d:e7:ef:01:8f:64:a1:04:05:ff:20:
87:99:44:94:49:bf:90:95:81:c9:43:c5:8e:e8:3d:
5a:1d:8e:2e:07:5e:6c:c9:6c:0b:de:fb:ed:50:1e:
c2:b6:e6:88:bb:0c:35:f5:f5:69:2b:3e:7f:a9:da:
5c:67:ef:76:3c:45:f9:06:6d:75:e4:9a:38:cb:34:
b5:ed:49:49:e9:cc:d3:44:ca:26:3a:55:20:ea:2d:
56:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:3D:AF:3B:A5:31:C6:26:16:7A:8C:BC:4F:14:98:BC:30:ED:CF:6B
X509v3 Authority Key Identifier:
keyid:B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/DT2vO6UxxiYWeoy8TxSYvDDtz2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.252.0/24
IPv6:
2001:67c:1828::/48
Signature Algorithm: sha256WithRSAEncryption
31:2a:6d:c1:c8:e3:e2:41:83:23:97:f4:1b:f9:c7:3c:a7:ff:
c0:8c:bc:ab:7a:71:6e:0b:b4:97:4a:9e:d1:57:86:47:72:28:
ce:b1:49:69:a0:e7:48:ec:f1:11:00:48:0f:23:22:6c:47:7c:
89:c1:ef:c6:05:f9:ab:7c:12:59:a9:ee:b1:53:23:a6:ca:ad:
6a:90:b7:95:08:54:a4:b1:08:85:ef:75:af:b5:5c:cb:7a:ba:
ba:6a:bc:a4:e0:24:5a:f9:36:6b:04:f4:bf:0f:1e:2d:3a:06:
bf:34:49:a6:38:15:b6:46:44:a6:86:d0:fe:6d:6a:78:a3:78:
56:f7:b4:4f:5f:b7:35:fa:01:df:69:57:90:37:90:5d:9e:5d:
81:a0:5a:39:79:fe:19:a1:de:f4:ff:4e:9a:b0:67:cd:66:73:
36:aa:8b:0c:41:d1:d2:d4:af:4c:f0:42:37:65:11:b2:28:b3:
d7:5f:db:b6:2b:61:68:13:24:30:ea:57:ef:01:6f:0b:e5:f7:
86:fe:bb:e3:ee:d3:17:25:f0:ae:20:8b:8f:d9:60:22:e7:58:
de:a6:20:4a:e3:ad:09:aa:ca:25:30:a1:61:79:2c:64:f0:74:
d1:a5:99:92:94:9a:11:fe:80:fa:64:5b:bd:ca:05:0f:dd:dd:
23:bf:3f:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvZtINDmOkKu7SgEgn7vi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzgxM2Y2YzU2NzBhNTg2ODZhZGMzZDQ5NTU3NDQyOTVk
ZDE0MTkwHhcNMjMwMTAxMjIxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDNkYWYzYmE1MzFjNjI2MTY3YThjYmM0ZjE0OThiYzMwZWRjZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLjHqRNnC/R9x//G2S6U1U45li4N
6EC0BfmBeKwzFiTMELnr6AwlQMcqS3rE2qUcFHutyZoJD93b5SJKKmByOMz5IUM/
KUioggciBH0GtjeTcvR0sS9j0grQPDD6NX8VvQDWU5ylLkKD1D21bJpAE8BfT8HA
gkdbRPnp10/5IUZfSpQtK2EcJBwSFOcqS9C1HdXNOTJ87mBMJSwpzpNq45adi062
8vV3HefvAY9koQQF/yCHmUSUSb+QlYHJQ8WO6D1aHY4uB15syWwL3vvtUB7CtuaI
uww19fVpKz5/qdpcZ+92PEX5Bm115Jo4yzS17UlJ6czTRMomOlUg6i1WfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA09rzulMcYmFnqMvE8UmLww7c9rMB8GA1UdIwQY
MBaAFLd4E/bFZwpYaGrcPUlVdEKV3RQZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAt
MTc3MzVlMmMyNTVmLzEvRFQydk82VXh4aVlXZW95OFR4U1l2RER0ejJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAtMTc3MzVlMmMyNTVm
LzEvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwVT8MA8E
AgACMAkDBwAgAQZ8GCgwDQYJKoZIhvcNAQELBQADggEBADEqbcHI4+JBgyOX9Bv5
xzyn/8CMvKt6cW4LtJdKntFXhkdyKM6xSWmg50js8REASA8jImxHfInB78YF+at8
Elmp7rFTI6bKrWqQt5UIVKSxCIXvda+1XMt6urpqvKTgJFr5NmsE9L8PHi06Br80
SaY4FbZGRKaG0P5tanijeFb3tE9ftzX6Ad9pV5A3kF2eXYGgWjl5/hmh3vT/Tpqw
Z81mczaqiwxB0dLUr0zwQjdlEbIos9df27YrYWgTJDDqV+8Bbwvl94b+u+Pu0xcl
8K4gi4/ZYCLnWN6mIErjrQmqyiUwoWF5LGTwdNGlmZKUmhH+gPpkW73KBQ/d3SO/
P5c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:14 2025 by rpki-client