Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/AcPjOhiKqj6U3mdPdSkFZhqpOzw.roa
File: AcPjOhiKqj6U3mdPdSkFZhqpOzw.roa (raw, json)
Hash identifier: EEqUA9OGsnkbcuQZxVJGDOixg0qU6FpWvZJEr9/qk34=
Subject key identifier: 01:C3:E3:3A:18:8A:AA:3E:94:DE:67:4F:75:29:05:66:1A:A9:3B:3C
Certificate issuer: /CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Certificate serial: 0185708CBDC75227D45B7CC41B03486218F8
Authority key identifier: D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/AcPjOhiKqj6U3mdPdSkFZhqpOzw.roa
Signing time: Mon 02 Jan 2023 03:35:49 +0000
ROA not before: Mon 02 Jan 2023 03:35:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 193.24.68.0/24 maxlen: 25
193.24.66.0/24 maxlen: 25
139.123.225.0/24 maxlen: 24
139.123.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:bd:c7:52:27:d4:5b:7c:c4:1b:03:48:62:18:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Validity
Not Before: Jan 2 03:35:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01c3e33a188aaa3e94de674f752905661aa93b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a3:a7:8d:2f:46:46:8c:82:46:69:04:93:a3:
aa:61:c0:c9:22:00:28:62:1a:21:cb:f2:13:01:96:
3e:78:e9:cc:e2:0a:87:c1:82:97:a4:7d:d0:29:0a:
98:1f:7e:5b:2d:5d:d5:87:37:56:15:a9:8c:e4:61:
57:35:73:3a:a6:97:13:e1:30:73:06:f4:d2:a0:10:
d8:35:74:02:cd:b3:33:5d:8a:c6:80:70:39:88:28:
7e:7f:81:8b:9a:8a:ca:88:d1:d8:36:c7:25:74:99:
3d:cb:79:94:6c:5c:e6:c4:33:3e:e2:4f:02:0f:b0:
77:88:75:d4:93:ea:6f:dd:e7:74:7d:32:f1:c0:2d:
55:ad:28:97:43:a9:76:ae:62:85:50:e4:b6:72:f3:
08:b3:32:e9:ad:fd:eb:e9:9f:9b:b7:71:10:f7:59:
8b:91:46:b7:b2:f6:29:ec:28:27:9a:2e:8c:74:cb:
30:7f:08:64:ec:a8:07:17:40:c7:e0:ed:43:be:bb:
d3:31:dc:2c:bb:17:a9:b6:5a:b6:8e:73:a1:35:0d:
4f:6c:88:c2:36:5f:4c:78:8b:24:90:d8:74:c3:62:
f4:16:1a:58:ae:ca:83:19:6e:88:a3:4a:09:b4:a8:
51:3f:9f:49:a3:0b:9d:e1:01:6a:29:8f:a0:a3:63:
ef:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C3:E3:3A:18:8A:AA:3E:94:DE:67:4F:75:29:05:66:1A:A9:3B:3C
X509v3 Authority Key Identifier:
keyid:D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/AcPjOhiKqj6U3mdPdSkFZhqpOzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.123.225.0/24
139.123.228.0/24
193.24.66.0/24
193.24.68.0/24
Signature Algorithm: sha256WithRSAEncryption
66:80:71:71:d2:4c:ec:c7:e0:9f:49:f0:a3:3f:87:e5:9e:f3:
05:88:04:ec:e7:05:e3:05:49:51:0a:5f:90:56:43:4e:f4:f9:
4e:20:9f:98:22:58:91:82:ea:b5:e6:6f:0a:87:74:19:ad:88:
f8:15:4e:75:36:8a:96:f6:e1:9b:75:3d:7e:19:9f:b0:a9:a0:
73:b4:f8:a8:b7:b4:24:c3:27:f4:00:dd:c5:9e:80:0d:bc:95:
c2:ef:22:ec:a3:96:3c:8a:55:5b:20:f9:a5:e3:6f:db:38:79:
b6:3f:6d:75:bc:ad:b6:a3:68:dc:ea:20:17:75:30:3b:c8:d8:
6f:96:9a:2d:4d:24:d5:c9:c1:99:4f:3a:9c:1f:b6:a2:38:02:
ad:55:16:ab:23:fb:e7:18:f0:2d:c3:42:00:0c:b2:82:c3:55:
18:f8:1e:a3:34:40:be:5a:f7:66:32:4c:79:d9:89:20:37:81:
28:52:a7:24:84:f6:c9:e7:be:90:f4:58:1f:d8:c2:a4:de:2b:
bd:55:21:f1:03:a6:81:35:f2:22:a6:5b:3e:d6:b2:35:c4:29:
4e:42:9b:50:5b:2d:86:39:ea:a4:1c:dc:66:ee:f8:3a:10:62:
80:fb:c3:7b:94:cd:86:14:34:f9:0c:3c:00:9f:e4:5f:f2:05:
a0:b1:c1:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwjL3HUifUW3zEGwNIYhj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzcyYWFjMWI2MmI4N2Q2YjAxZDU3YTFhMDBhNmE3MmI4
YTdkYTYwHhcNMjMwMTAyMDMzNTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWMzZTMzYTE4OGFhYTNlOTRkZTY3NGY3NTI5MDU2NjFhYTkzYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaOnjS9GRoyCRmkEk6OqYcDJIgAo
Yhohy/ITAZY+eOnM4gqHwYKXpH3QKQqYH35bLV3VhzdWFamM5GFXNXM6ppcT4TBz
BvTSoBDYNXQCzbMzXYrGgHA5iCh+f4GLmorKiNHYNscldJk9y3mUbFzmxDM+4k8C
D7B3iHXUk+pv3ed0fTLxwC1VrSiXQ6l2rmKFUOS2cvMIszLprf3r6Z+bt3EQ91mL
kUa3svYp7Cgnmi6MdMswfwhk7KgHF0DH4O1DvrvTMdwsuxeptlq2jnOhNQ1PbIjC
Nl9MeIskkNh0w2L0FhpYrsqDGW6Io0oJtKhRP59Jowud4QFqKY+go2Pv1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAHD4zoYiqo+lN5nT3UpBWYaqTs8MB8GA1UdIwQY
MBaAFNh3KqwbYrh9awHVehoApqcrin2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUt
MzMzYmVlY2ZmNmY0LzEvQWNQak9oaUtxajZVM21kUGRTa0ZaaHFwT3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUtMzMzYmVlY2ZmNmY0
LzEvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAi3vhAwQA
i3vkAwQAwRhCAwQAwRhEMA0GCSqGSIb3DQEBCwUAA4IBAQBmgHFx0kzsx+CfSfCj
P4flnvMFiATs5wXjBUlRCl+QVkNO9PlOIJ+YIliRguq15m8Kh3QZrYj4FU51NoqW
9uGbdT1+GZ+wqaBztPiot7Qkwyf0AN3FnoANvJXC7yLso5Y8ilVbIPml42/bOHm2
P211vK22o2jc6iAXdTA7yNhvlpotTSTVycGZTzqcH7aiOAKtVRarI/vnGPAtw0IA
DLKCw1UY+B6jNEC+WvdmMkx52YkgN4EoUqckhPbJ576Q9Fgf2MKk3iu9VSHxA6aB
NfIipls+1rI1xClOQptQWy2GOeqkHNxm7vg6EGKA+8N7lM2GFDT5DDwAn+Rf8gWg
scHf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:41 2025 by rpki-client