Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/w43zOlCHfPfyJM-ArNyIWoaeO8E.roa
File: w43zOlCHfPfyJM-ArNyIWoaeO8E.roa (raw, json)
Hash identifier: Bfxg+mILCdvvqH9/nmSQ1rxitrUVe2XF9xpnhtK2VE4=
Subject key identifier: C3:8D:F3:3A:50:87:7C:F7:F2:24:CF:80:AC:DC:88:5A:86:9E:3B:C1
Certificate issuer: /CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
Certificate serial: 01879D2A01162F366E61A0D2888B8C970CDF
Authority key identifier: 3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/w43zOlCHfPfyJM-ArNyIWoaeO8E.roa
Signing time: Thu 20 Apr 2023 05:36:28 +0000
ROA not before: Thu 20 Apr 2023 05:36:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15497
IP address blocks: 193.41.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:2a:01:16:2f:36:6e:61:a0:d2:88:8b:8c:97:0c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
Validity
Not Before: Apr 20 05:36:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c38df33a50877cf7f224cf80acdc885a869e3bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3e:f2:c7:73:4e:08:10:05:a9:63:83:d6:93:
36:ff:8d:8d:b0:3d:86:e2:da:0b:37:18:d0:d8:15:
f0:7c:db:20:28:76:fe:67:36:74:4d:7d:19:a9:29:
87:e5:ca:c6:4e:37:9b:f6:8a:a2:fa:6f:8b:74:b9:
d9:aa:de:7c:e1:0d:97:3b:8f:a6:ac:da:13:31:b5:
78:9a:ea:0b:96:3b:78:e2:6c:b4:4f:dd:24:e6:6f:
84:70:6c:93:cb:6e:47:7d:54:46:9a:8c:a5:8c:72:
87:f0:be:7b:61:47:df:34:3e:cf:91:a2:17:79:4f:
d0:e2:42:80:4f:2b:89:5a:aa:e7:0b:ed:e8:96:4f:
ce:12:54:e2:47:19:bb:b1:44:df:18:0b:c9:80:53:
e7:36:20:81:e8:fd:91:f4:ff:4a:8e:48:73:f4:03:
f6:6f:33:48:a0:cd:33:f6:d7:5d:8b:8f:ae:2a:40:
1c:fb:c1:32:72:cb:db:57:bf:89:eb:95:da:ed:2c:
eb:5e:c4:12:35:73:c7:3f:3e:9f:39:17:94:2b:51:
66:99:ba:f8:ed:91:86:d1:9d:6d:4e:a0:90:fb:b0:
91:3d:51:1c:1b:12:44:3e:60:d0:70:41:26:6b:7b:
7a:59:5b:b2:e3:b6:57:ce:28:1f:e7:14:b4:23:a3:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8D:F3:3A:50:87:7C:F7:F2:24:CF:80:AC:DC:88:5A:86:9E:3B:C1
X509v3 Authority Key Identifier:
keyid:3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/w43zOlCHfPfyJM-ArNyIWoaeO8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.239.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:50:63:1c:f0:9e:6f:4d:76:7c:79:09:67:04:fe:d9:3d:17:
d2:7e:0d:7f:e3:35:4b:ae:67:67:fc:36:ba:86:b1:aa:32:01:
1c:87:a7:e8:bf:bc:84:2a:59:37:0c:40:82:3d:05:57:d4:a5:
3b:f6:99:58:3d:9a:05:60:b8:0b:c5:5c:1a:a9:39:bf:59:ca:
30:f2:39:ed:95:56:59:cb:e2:59:aa:42:25:9f:17:cb:af:60:
ad:b7:29:0c:ee:be:f7:54:08:40:2c:45:97:66:96:c6:32:b8:
1c:5a:05:e6:0c:58:60:29:27:fc:58:2d:2b:8a:ac:a4:a2:d0:
f1:7d:6e:0d:65:75:c7:64:78:9d:5d:31:e5:64:d0:57:8f:6f:
d1:b1:38:9a:60:1d:0d:4e:f6:b3:bb:18:05:d1:58:1e:a5:65:
59:9a:aa:25:eb:fb:98:da:86:d5:66:28:05:08:ba:54:b7:e8:
66:88:82:07:f4:59:12:89:17:ae:45:f6:b1:78:b7:d4:14:73:
51:b0:f3:62:14:f3:ad:33:b2:b6:ff:45:c5:12:64:ae:e3:ca:
76:77:88:94:1a:7f:b8:cb:e8:26:a2:a7:c3:59:3c:1f:c7:dc:
40:07:0f:1a:54:4e:3f:ad:9f:67:e2:4e:d3:20:2f:91:73:33:
9c:31:bd:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYedKgEWLzZuYaDSiIuMlwzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODk3YmQ4YzZkZjFjYjcxNDEwZmUxOTRiZWQ3MzlhMmY4
YTY3NzMwHhcNMjMwNDIwMDUzNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhkZjMzYTUwODc3Y2Y3ZjIyNGNmODBhY2RjODg1YTg2OWUzYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj7yx3NOCBAFqWOD1pM2/42NsD2G
4toLNxjQ2BXwfNsgKHb+ZzZ0TX0ZqSmH5crGTjeb9oqi+m+LdLnZqt584Q2XO4+m
rNoTMbV4muoLljt44my0T90k5m+EcGyTy25HfVRGmoyljHKH8L57YUffND7PkaIX
eU/Q4kKATyuJWqrnC+3olk/OElTiRxm7sUTfGAvJgFPnNiCB6P2R9P9Kjkhz9AP2
bzNIoM0z9tddi4+uKkAc+8EycsvbV7+J65Xa7SzrXsQSNXPHPz6fOReUK1Fmmbr4
7ZGG0Z1tTqCQ+7CRPVEcGxJEPmDQcEEma3t6WVuy47ZXzigf5xS0I6Mw9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMON8zpQh3z38iTPgKzciFqGnjvBMB8GA1UdIwQY
MBaAFD2Je9jG3xy3FBD+GUvtc5ovimdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzkt
ZjlmOTIxNTBjZDM5LzEvdzQzek9sQ0hmUGZ5Sk0tQXJOeUlXb2FlTzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzktZjlmOTIxNTBjZDM5
LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSnvMA0G
CSqGSIb3DQEBCwUAA4IBAQCsUGMc8J5vTXZ8eQlnBP7ZPRfSfg1/4zVLrmdn/Da6
hrGqMgEch6fov7yEKlk3DECCPQVX1KU79plYPZoFYLgLxVwaqTm/Wcow8jntlVZZ
y+JZqkIlnxfLr2CttykM7r73VAhALEWXZpbGMrgcWgXmDFhgKSf8WC0riqykotDx
fW4NZXXHZHidXTHlZNBXj2/RsTiaYB0NTvazuxgF0VgepWVZmqol6/uY2obVZigF
CLpUt+hmiIIH9FkSiReuRfaxeLfUFHNRsPNiFPOtM7K2/0XFEmSu48p2d4iUGn+4
y+gmoqfDWTwfx9xABw8aVE4/rZ9n4k7TIC+RczOcMb3E
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:44:55 2025 by rpki-client