Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/uoFKsgQKOq2OSS7cH_ISI5VSHfI.roa
File: uoFKsgQKOq2OSS7cH_ISI5VSHfI.roa (raw, json)
Hash identifier: n3mpTsqqv8jUM0/p06mh8AoIHOLdMoZ3eRsT52sTt2Q=
Subject key identifier: BA:81:4A:B2:04:0A:3A:AD:8E:49:2E:DC:1F:F2:12:23:95:52:1D:F2
Certificate issuer: /CN=4ede4c65d735af79277ed14eb6c4cf5404c788d5
Certificate serial: 01889AA56B76CF6813C88F330BC42C0C3CCF
Authority key identifier: 4E:DE:4C:65:D7:35:AF:79:27:7E:D1:4E:B6:C4:CF:54:04:C7:88:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tt5MZdc1r3knftFOtsTPVATHiNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/uoFKsgQKOq2OSS7cH_ISI5VSHfI.roa
Signing time: Thu 08 Jun 2023 10:55:12 +0000
ROA not before: Thu 08 Jun 2023 10:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49576
IP address blocks: 193.148.112.0/22 maxlen: 24
193.148.97.0/24 maxlen: 24
193.148.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:a5:6b:76:cf:68:13:c8:8f:33:0b:c4:2c:0c:3c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ede4c65d735af79277ed14eb6c4cf5404c788d5
Validity
Not Before: Jun 8 10:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba814ab2040a3aad8e492edc1ff2122395521df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fe:49:ef:ab:d6:17:b7:97:8c:c6:e9:f1:80:
e8:c5:ef:f4:63:ad:c2:41:48:45:75:5b:48:27:8f:
02:e3:ad:0f:16:86:d3:34:ac:8e:3b:6d:b4:e0:5a:
65:d0:40:be:4c:cc:b4:5f:19:14:b4:5e:ef:cf:4a:
82:2c:7d:28:9d:e6:27:e1:b2:01:7d:3e:09:b0:c2:
3f:6b:8e:16:aa:da:80:a0:5c:ff:fe:36:f1:05:3b:
5e:d9:bc:cc:37:46:c2:43:81:25:91:3e:20:a0:13:
5f:08:19:f7:39:45:d5:f3:27:3b:c8:48:5d:ff:c0:
fa:77:98:d5:d8:75:52:95:4f:33:b9:4b:c7:cc:af:
d2:77:dc:e4:e5:41:9b:38:c2:5b:55:e0:5e:1b:41:
be:72:f8:e5:42:51:6b:b3:f1:c4:d4:31:9f:d6:66:
58:aa:30:fd:41:bd:1e:da:9d:b3:1c:9c:80:dd:6b:
4f:f5:7a:45:4a:d9:80:24:03:93:7e:72:76:f8:64:
eb:c7:08:4d:ac:c4:08:fd:76:d0:7a:5b:db:21:59:
6b:d2:ff:75:5b:91:ea:3d:5d:39:7c:43:5d:ff:6f:
da:b4:9f:d2:bf:65:13:1c:2e:12:b0:6a:01:40:e9:
3f:87:88:73:b4:4b:3f:8e:cc:54:a2:d7:78:1d:16:
01:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:81:4A:B2:04:0A:3A:AD:8E:49:2E:DC:1F:F2:12:23:95:52:1D:F2
X509v3 Authority Key Identifier:
keyid:4E:DE:4C:65:D7:35:AF:79:27:7E:D1:4E:B6:C4:CF:54:04:C7:88:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tt5MZdc1r3knftFOtsTPVATHiNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/uoFKsgQKOq2OSS7cH_ISI5VSHfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/35bee9-843f-4d38-9286-7aa49becf467/1/Tt5MZdc1r3knftFOtsTPVATHiNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.97.0/24
193.148.99.0/24
193.148.112.0/22
Signature Algorithm: sha256WithRSAEncryption
21:e0:ce:bf:6b:76:a1:b6:43:bc:60:ec:d8:6d:a9:39:40:33:
06:b4:87:e4:1a:08:cc:f7:c5:9f:ed:fb:ef:22:ac:76:0a:36:
0b:69:15:05:81:41:80:24:d0:57:75:4a:02:68:33:2c:ee:7c:
f0:fd:46:01:5d:87:dc:d9:05:32:72:54:ff:09:53:26:eb:64:
3a:22:68:9d:23:9e:0c:b6:4b:47:0a:1f:22:ae:10:f2:06:57:
08:2d:52:ad:f4:61:f6:04:ab:e5:58:3b:ff:3f:41:b4:5a:66:
b5:a5:1f:be:7d:89:7d:35:85:e3:13:89:64:39:0b:f8:c6:13:
81:00:b7:8e:29:14:a9:b3:19:bb:d4:94:04:fd:d3:3c:e6:66:
aa:26:30:2f:41:f4:10:09:b4:0a:ea:52:d2:db:77:3d:10:ad:
03:1e:6b:94:c2:06:41:f9:2b:59:90:7b:ac:dc:41:20:92:53:
e3:8f:a6:63:db:93:f7:0b:14:26:f2:06:79:0d:cc:59:7b:1a:
9a:27:81:40:84:e4:89:79:58:a6:19:9c:11:89:ba:11:13:6f:
75:da:7b:3f:3b:b8:45:59:e4:8b:cc:3d:ac:ca:46:1d:6a:78:
c0:83:ec:94:5d:b8:ee:1b:b1:46:ed:b6:e1:9e:9d:36:5e:7e:
30:d1:2b:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiapWt2z2gTyI8zC8QsDDzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZGU0YzY1ZDczNWFmNzkyNzdlZDE0ZWI2YzRjZjU0MDRj
Nzg4ZDUwHhcNMjMwNjA4MTA1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTgxNGFiMjA0MGEzYWFkOGU0OTJlZGMxZmYyMTIyMzk1NTIxZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP5J76vWF7eXjMbp8YDoxe/0Y63C
QUhFdVtIJ48C460PFobTNKyOO2204Fpl0EC+TMy0XxkUtF7vz0qCLH0oneYn4bIB
fT4JsMI/a44WqtqAoFz//jbxBTte2bzMN0bCQ4ElkT4goBNfCBn3OUXV8yc7yEhd
/8D6d5jV2HVSlU8zuUvHzK/Sd9zk5UGbOMJbVeBeG0G+cvjlQlFrs/HE1DGf1mZY
qjD9Qb0e2p2zHJyA3WtP9XpFStmAJAOTfnJ2+GTrxwhNrMQI/XbQelvbIVlr0v91
W5HqPV05fENd/2/atJ/Sv2UTHC4SsGoBQOk/h4hztEs/jsxUotd4HRYB0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLqBSrIECjqtjkku3B/yEiOVUh3yMB8GA1UdIwQY
MBaAFE7eTGXXNa95J37RTrbEz1QEx4jVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHQ1TVpkYzFyM2tuZnRGT3RzVFBWQVRIaU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zNWJlZTktODQzZi00ZDM4LTkyODYt
N2FhNDliZWNmNDY3LzEvdW9GS3NnUUtPcTJPU1M3Y0hfSVNJNVZTSGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zNWJlZTktODQzZi00ZDM4LTkyODYtN2FhNDliZWNmNDY3
LzEvVHQ1TVpkYzFyM2tuZnRGT3RzVFBWQVRIaU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwZRhAwQA
wZRjAwQCwZRwMA0GCSqGSIb3DQEBCwUAA4IBAQAh4M6/a3ahtkO8YOzYbak5QDMG
tIfkGgjM98Wf7fvvIqx2CjYLaRUFgUGAJNBXdUoCaDMs7nzw/UYBXYfc2QUyclT/
CVMm62Q6ImidI54MtktHCh8irhDyBlcILVKt9GH2BKvlWDv/P0G0Wma1pR++fYl9
NYXjE4lkOQv4xhOBALeOKRSpsxm71JQE/dM85maqJjAvQfQQCbQK6lLS23c9EK0D
HmuUwgZB+StZkHus3EEgklPjj6Zj25P3CxQm8gZ5DcxZexqaJ4FAhOSJeVimGZwR
iboRE2912ns/O7hFWeSLzD2sykYdanjAg+yUXbjuG7FG7bbhnp02Xn4w0Su3
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:36 2025 by rpki-client