Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/c20ad5-fdfc-4458-85b1-bfacbb1a177d/1/aIGyJbt681uh_kwf9RHHo9qb0Rc.roa
File: aIGyJbt681uh_kwf9RHHo9qb0Rc.roa (raw, json)
Hash identifier: iwJe7Uzi0yaJ2EAqrMtQPRBSWOAQuRCv1nmfoCDbNu4=
Subject key identifier: 68:81:B2:25:BB:7A:F3:5B:A1:FE:4C:1F:F5:11:C7:A3:DA:9B:D1:17
Certificate issuer: /CN=f6f1c56daf705f12e95d42f477f8e0a3d86f3996
Certificate serial: 01856FF058B88115811BD0B7CEDC259AE835
Authority key identifier: F6:F1:C5:6D:AF:70:5F:12:E9:5D:42:F4:77:F8:E0:A3:D8:6F:39:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9vHFba9wXxLpXUL0d_jgo9hvOZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/c20ad5-fdfc-4458-85b1-bfacbb1a177d/1/aIGyJbt681uh_kwf9RHHo9qb0Rc.roa
Signing time: Mon 02 Jan 2023 00:45:00 +0000
ROA not before: Mon 02 Jan 2023 00:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198682
IP address blocks: 193.39.164.0/24 maxlen: 24
193.39.164.0/22 maxlen: 24
2a0b:11c0::/48 maxlen: 48
2a0b:11c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:58:b8:81:15:81:1b:d0:b7:ce:dc:25:9a:e8:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6f1c56daf705f12e95d42f477f8e0a3d86f3996
Validity
Not Before: Jan 2 00:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6881b225bb7af35ba1fe4c1ff511c7a3da9bd117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5b:49:7e:2a:54:ee:74:97:ad:71:d7:cc:24:
48:b4:d6:9f:5a:ea:44:82:40:ab:7d:de:38:de:ad:
76:ef:f5:d8:e4:cc:19:39:5c:da:00:98:20:1e:78:
71:14:99:d2:31:24:c3:7a:27:98:c0:ec:fd:85:50:
c9:09:6b:6c:fb:60:79:c0:40:79:90:ea:03:d9:8b:
77:5f:20:85:36:b2:37:b1:3b:4d:83:b6:11:ee:91:
6b:5a:4c:73:be:12:cb:86:47:82:be:5e:7f:e1:15:
58:41:94:86:fc:3c:09:a5:68:7a:76:36:41:2f:7e:
1d:35:17:c7:75:12:04:18:a2:d4:1d:bf:88:25:62:
b7:fb:5d:13:f0:5b:cf:7e:7d:f5:b9:7e:4d:b3:7a:
34:cc:ff:35:87:11:c5:9e:44:99:52:f0:60:3f:3c:
d5:00:bc:db:ed:76:52:ec:99:bb:bb:78:1f:e3:cd:
79:08:31:14:22:4f:48:62:ec:b4:55:05:34:ac:f0:
a5:32:9b:0c:4a:7e:3e:e9:45:0e:9e:0c:c6:ae:97:
fa:90:62:50:1c:7d:15:08:64:a1:cd:f7:04:bd:41:
ea:45:90:25:3f:8a:87:96:6a:cf:98:fc:9a:04:4b:
fb:85:65:4c:41:0b:6a:a7:11:02:0b:7f:34:c7:5a:
b9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:81:B2:25:BB:7A:F3:5B:A1:FE:4C:1F:F5:11:C7:A3:DA:9B:D1:17
X509v3 Authority Key Identifier:
keyid:F6:F1:C5:6D:AF:70:5F:12:E9:5D:42:F4:77:F8:E0:A3:D8:6F:39:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9vHFba9wXxLpXUL0d_jgo9hvOZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/c20ad5-fdfc-4458-85b1-bfacbb1a177d/1/aIGyJbt681uh_kwf9RHHo9qb0Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/c20ad5-fdfc-4458-85b1-bfacbb1a177d/1/9vHFba9wXxLpXUL0d_jgo9hvOZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.164.0/22
IPv6:
2a0b:11c0::/47
Signature Algorithm: sha256WithRSAEncryption
45:9f:8a:82:57:47:c8:7b:a0:b9:b6:55:fd:29:e4:8d:94:57:
3b:77:a8:64:17:30:b2:98:08:9a:6b:be:b0:25:01:b4:a5:a1:
dc:da:03:a0:37:81:3b:57:69:8d:35:ee:5b:e3:d0:cf:96:c6:
29:5a:f8:1e:de:ff:d4:4b:af:93:f4:9e:e3:90:b7:b7:2e:41:
3c:62:87:19:1f:7b:7c:70:14:02:8b:7f:78:f0:a8:7d:29:aa:
26:6d:ac:e0:11:f1:c1:20:a4:f7:63:73:43:c7:fa:dd:45:95:
01:d8:b1:fb:d6:c6:87:65:52:0c:de:6e:d2:b6:b9:6a:73:b2:
40:bc:02:41:6f:34:93:04:57:3b:5b:7d:04:c5:4b:4f:01:0d:
77:51:42:ee:f1:cd:e0:00:08:c2:16:0f:98:6d:34:67:77:11:
57:69:c6:11:aa:c4:cc:b5:e7:ee:dc:b0:ab:ae:64:60:fb:be:
75:55:a4:3c:52:86:27:77:43:69:ba:5c:a3:3f:d3:85:aa:a7:
88:31:ae:2d:a5:d9:1d:f1:a0:3f:6d:37:01:34:4a:5b:8a:dc:
eb:68:03:21:d5:e6:a3:82:90:b1:ff:b0:52:b1:85:cb:2b:68:
9b:e1:5d:12:9e:c5:d4:68:b5:71:db:b2:41:54:8b:e7:d8:ce:
b0:f4:08:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv8Fi4gRWBG9C3ztwlmug1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2ZjFjNTZkYWY3MDVmMTJlOTVkNDJmNDc3ZjhlMGEzZDg2
ZjM5OTYwHhcNMjMwMTAyMDA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODgxYjIyNWJiN2FmMzViYTFmZTRjMWZmNTExYzdhM2RhOWJkMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFtJfipU7nSXrXHXzCRItNafWupE
gkCrfd443q127/XY5MwZOVzaAJggHnhxFJnSMSTDeieYwOz9hVDJCWts+2B5wEB5
kOoD2Yt3XyCFNrI3sTtNg7YR7pFrWkxzvhLLhkeCvl5/4RVYQZSG/DwJpWh6djZB
L34dNRfHdRIEGKLUHb+IJWK3+10T8FvPfn31uX5Ns3o0zP81hxHFnkSZUvBgPzzV
ALzb7XZS7Jm7u3gf4815CDEUIk9IYuy0VQU0rPClMpsMSn4+6UUOngzGrpf6kGJQ
HH0VCGShzfcEvUHqRZAlP4qHlmrPmPyaBEv7hWVMQQtqpxECC380x1q5iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGiBsiW7evNbof5MH/URx6Pam9EXMB8GA1UdIwQY
MBaAFPbxxW2vcF8S6V1C9Hf44KPYbzmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXZIRmJhOXdYeExwWFVMMGRfamdvOWh2T1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9jMjBhZDUtZmRmYy00NDU4LTg1YjEt
YmZhY2JiMWExNzdkLzEvYUlHeUpidDY4MXVoX2t3ZjlSSEhvOXFiMFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9jMjBhZDUtZmRmYy00NDU4LTg1YjEtYmZhY2JiMWExNzdk
LzEvOXZIRmJhOXdYeExwWFVMMGRfamdvOWh2T1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwSekMA8E
AgACMAkDBwEqCxHAAAAwDQYJKoZIhvcNAQELBQADggEBAEWfioJXR8h7oLm2Vf0p
5I2UVzt3qGQXMLKYCJprvrAlAbSlodzaA6A3gTtXaY017lvj0M+Wxila+B7e/9RL
r5P0nuOQt7cuQTxihxkfe3xwFAKLf3jwqH0pqiZtrOAR8cEgpPdjc0PH+t1FlQHY
sfvWxodlUgzebtK2uWpzskC8AkFvNJMEVztbfQTFS08BDXdRQu7xzeAACMIWD5ht
NGd3EVdpxhGqxMy15+7csKuuZGD7vnVVpDxShid3Q2m6XKM/04Wqp4gxri2l2R3x
oD9tNwE0SluK3OtoAyHV5qOCkLH/sFKxhcsraJvhXRKexdRotXHbskFUi+fYzrD0
CLg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:01 2025 by rpki-client