Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/0li_vV6s7-iaghCjLDuJh4g8TZs.roa
File: 0li_vV6s7-iaghCjLDuJh4g8TZs.roa (raw, json)
Hash identifier: q7KMXL0wXCL6qbzElPf34ULm/Ti46IjVNEWFxnsYFeI=
Subject key identifier: D2:58:BF:BD:5E:AC:EF:E8:9A:82:10:A3:2C:3B:89:87:88:3C:4D:9B
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 01856DDD47E4BEC3F0CB14656965D6A5521B
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/0li_vV6s7-iaghCjLDuJh4g8TZs.roa
Signing time: Sun 01 Jan 2023 15:04:56 +0000
ROA not before: Sun 01 Jan 2023 15:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207629
IP address blocks: 193.111.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:47:e4:be:c3:f0:cb:14:65:69:65:d6:a5:52:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Jan 1 15:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d258bfbd5eacefe89a8210a32c3b8987883c4d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bf:56:88:c0:30:ea:e8:e6:46:08:d8:cb:cf:
8c:84:90:0f:78:2b:d5:80:be:f0:88:c7:df:f5:c4:
48:f4:1e:af:24:36:fa:37:c4:ca:c4:50:9a:35:ab:
3d:9e:8f:e0:06:d6:be:d7:eb:a0:27:88:51:aa:ff:
9a:d0:f3:55:c1:f7:b0:c8:43:ad:e6:9e:c5:8d:75:
01:2d:04:1a:0d:42:d6:d4:04:b7:3e:79:75:7b:e4:
6b:35:cc:1e:70:47:8f:d6:c9:0a:de:90:83:65:49:
ec:e2:76:2c:e8:f1:0a:4e:5f:4f:35:84:d3:66:bd:
d1:fd:70:de:ed:e6:48:ba:3c:da:ba:46:c2:7c:1f:
b7:a5:2a:b1:cd:69:53:b9:cc:f5:6c:d5:dc:5c:e4:
84:d7:e0:03:4c:12:2c:a8:59:b0:95:3c:6f:dd:4f:
70:cc:11:dc:27:c6:d4:00:67:f9:c5:1a:cc:51:87:
fa:a3:bd:0c:fa:8e:5b:49:1f:b1:20:63:3f:51:9c:
f6:10:4b:83:e4:05:7b:04:51:f5:c1:0e:44:d9:bc:
4e:7c:2c:d3:54:f5:13:dc:8e:30:ef:27:5f:60:ea:
85:04:94:7e:ea:89:f0:a0:4a:7f:3b:7a:6d:93:d9:
20:eb:f5:7a:55:5c:05:bf:e3:73:da:2b:7a:6e:af:
24:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:58:BF:BD:5E:AC:EF:E8:9A:82:10:A3:2C:3B:89:87:88:3C:4D:9B
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/0li_vV6s7-iaghCjLDuJh4g8TZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.73.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:7b:27:a7:21:7b:d0:3a:55:d2:cd:e5:b4:55:fe:c0:fc:c4:
2f:6a:cf:85:2b:76:f8:9c:8d:37:f2:e3:d0:83:43:e5:0e:85:
00:e5:30:f7:3f:96:52:2e:6e:d7:f0:5f:a3:bf:9e:94:b5:db:
2d:13:84:94:b0:1c:51:16:a1:37:94:b1:39:2a:77:7f:66:56:
38:59:f4:47:3c:05:cd:b8:bd:46:d4:b0:da:3e:34:4c:59:91:
71:94:a2:2c:3e:75:a0:d9:51:c9:39:3e:d6:cd:28:e3:82:89:
eb:37:df:2b:7c:0d:2a:7f:fa:b7:03:bd:12:9c:e4:28:3e:db:
50:07:fa:a5:2a:6a:42:63:6a:10:a3:94:ae:3c:ac:50:58:0a:
e5:41:62:29:f8:ba:2a:35:0e:b0:19:f0:24:68:dd:c5:b1:34:
5f:84:5e:4b:b0:7c:0a:b6:6f:ff:5d:e9:97:01:72:e7:f6:3d:
ba:5a:c3:4e:45:fb:d8:75:db:75:7e:73:c3:e0:43:5b:48:af:
eb:b4:9e:13:ec:5a:01:02:52:c6:b2:b2:a0:c7:e0:cc:5f:66:
0b:0f:1c:ea:0e:31:6f:1e:be:ed:c8:06:22:6a:ce:e0:a2:e3:
90:29:58:58:c5:04:ae:f7:36:1a:df:92:a2:48:97:91:06:af:
43:bc:d4:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3UfkvsPwyxRlaWXWpVIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjMwMTAxMTUwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU4YmZiZDVlYWNlZmU4OWE4MjEwYTMyYzNiODk4Nzg4M2M0ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj79WiMAw6ujmRgjYy8+MhJAPeCvV
gL7wiMff9cRI9B6vJDb6N8TKxFCaNas9no/gBta+1+ugJ4hRqv+a0PNVwfewyEOt
5p7FjXUBLQQaDULW1AS3Pnl1e+RrNcwecEeP1skK3pCDZUns4nYs6PEKTl9PNYTT
Zr3R/XDe7eZIujzaukbCfB+3pSqxzWlTucz1bNXcXOSE1+ADTBIsqFmwlTxv3U9w
zBHcJ8bUAGf5xRrMUYf6o70M+o5bSR+xIGM/UZz2EEuD5AV7BFH1wQ5E2bxOfCzT
VPUT3I4w7ydfYOqFBJR+6onwoEp/O3ptk9kg6/V6VVwFv+Nz2it6bq8kFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJYv71erO/omoIQoyw7iYeIPE2bMB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEvMGxpX3ZWNnM3LWlhZ2hDakxEdUpoNGc4VFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW9JMA0G
CSqGSIb3DQEBCwUAA4IBAQAseyenIXvQOlXSzeW0Vf7A/MQvas+FK3b4nI038uPQ
g0PlDoUA5TD3P5ZSLm7X8F+jv56UtdstE4SUsBxRFqE3lLE5Knd/ZlY4WfRHPAXN
uL1G1LDaPjRMWZFxlKIsPnWg2VHJOT7WzSjjgonrN98rfA0qf/q3A70SnOQoPttQ
B/qlKmpCY2oQo5SuPKxQWArlQWIp+LoqNQ6wGfAkaN3FsTRfhF5LsHwKtm//XemX
AXLn9j26WsNORfvYddt1fnPD4ENbSK/rtJ4T7FoBAlLGsrKgx+DMX2YLDxzqDjFv
Hr7tyAYias7gouOQKVhYxQSu9zYa35KiSJeRBq9DvNRP
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:43:26 2025 by rpki-client