Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/kAuPBgqH10YZrW1ZdWuedIy2xtk.roa
File: kAuPBgqH10YZrW1ZdWuedIy2xtk.roa (raw, json)
Hash identifier: 2I1IKIhqmE/n5vi6ED8iWXi9Yiag1IhtSJCg2mWSdvs=
Subject key identifier: 90:0B:8F:06:0A:87:D7:46:19:AD:6D:59:75:6B:9E:74:8C:B6:C6:D9
Certificate issuer: /CN=670ec53068393d90db601ec295e42908525e10c2
Certificate serial: 01856BC0F7E25483A0B48129F5F90B518AF4
Authority key identifier: 67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/kAuPBgqH10YZrW1ZdWuedIy2xtk.roa
Signing time: Sun 01 Jan 2023 05:14:46 +0000
ROA not before: Sun 01 Jan 2023 05:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30781
IP address blocks: 193.0.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c0:f7:e2:54:83:a0:b4:81:29:f5:f9:0b:51:8a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=670ec53068393d90db601ec295e42908525e10c2
Validity
Not Before: Jan 1 05:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=900b8f060a87d74619ad6d59756b9e748cb6c6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:10:81:b8:1b:2f:3d:e2:99:b4:48:18:13:f4:
b0:ca:e3:4d:30:f3:89:9f:b6:c1:5b:c8:3c:88:80:
40:c3:57:3a:44:e7:61:8c:fc:0b:c4:f9:78:5c:9a:
2f:c3:3f:84:2e:9c:a6:7c:4a:ed:f0:d9:ba:7c:1b:
16:f6:b0:14:7d:76:c6:aa:60:7c:ee:df:9e:14:f7:
a7:ca:d7:15:c7:52:64:e0:fe:d5:c3:d6:bb:ba:7d:
6d:5e:8b:5e:85:a4:f4:51:d6:b4:82:41:2d:16:63:
48:b8:66:d0:77:c7:20:79:cf:69:41:b8:68:dc:4e:
b2:5c:a5:e0:22:41:4a:9f:ca:34:a2:0c:7a:a3:ba:
fa:f2:e9:a5:6e:f8:4a:75:2f:0f:90:14:50:55:66:
ae:b9:75:44:35:6f:0a:8d:e2:4d:1d:f6:90:8c:e9:
76:28:b1:60:28:8d:a5:02:0e:e4:f8:5c:22:62:36:
c6:7f:89:32:11:89:55:c2:7c:91:24:01:8a:3b:4c:
af:96:3f:e7:df:33:f4:22:f6:c2:95:62:b7:e7:ed:
76:0d:53:49:48:0c:fa:70:0c:12:62:d9:94:71:73:
0e:77:db:8b:a2:09:84:62:fb:64:4a:dc:04:d0:57:
9a:ee:a6:c8:e2:95:8a:58:a9:9a:74:00:55:de:54:
64:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0B:8F:06:0A:87:D7:46:19:AD:6D:59:75:6B:9E:74:8C:B6:C6:D9
X509v3 Authority Key Identifier:
keyid:67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/kAuPBgqH10YZrW1ZdWuedIy2xtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.159.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:a7:56:9b:2e:22:db:83:37:01:03:5e:57:2d:e1:2e:c9:b3:
d6:45:c3:08:95:41:b2:b3:8b:96:01:10:64:bf:43:e0:06:dc:
b8:8c:e7:63:5a:8a:02:89:1d:fa:78:2e:bc:cf:fc:8a:a8:ce:
df:a0:33:31:f4:a6:64:a6:28:f6:6a:3b:9b:c7:fc:d6:e9:85:
27:58:12:91:1f:f3:ca:7e:3f:74:84:bb:32:4f:00:34:04:3b:
03:2d:e6:73:ca:a9:71:74:5b:fa:59:9a:c1:e4:c4:87:28:52:
f2:1b:91:11:6b:6e:7f:9b:7c:31:23:2c:30:be:63:79:16:6a:
1a:77:d9:3c:60:8b:88:ad:0d:a4:5c:0b:83:8e:d9:e0:39:24:
1e:c2:9e:79:44:36:b2:f0:73:1a:9d:5a:3a:f2:81:4d:49:52:
2a:7f:be:44:72:3d:07:bd:2c:cc:49:35:db:04:09:46:64:10:
3c:b7:8f:7a:4b:a2:71:7a:35:e3:b7:69:9e:02:f7:9f:9d:69:
8f:de:20:91:21:f9:e9:3b:78:b3:22:88:54:a9:16:70:99:72:
84:92:35:f0:12:85:e5:13:d0:85:25:19:25:6f:33:48:c2:9a:
30:2f:8f:eb:47:9a:8a:ed:42:de:a9:96:bf:e8:9a:f3:fc:44:
39:e9:3e:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwPfiVIOgtIEp9fkLUYr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MGVjNTMwNjgzOTNkOTBkYjYwMWVjMjk1ZTQyOTA4NTI1
ZTEwYzIwHhcNMjMwMTAxMDUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBiOGYwNjBhODdkNzQ2MTlhZDZkNTk3NTZiOWU3NDhjYjZjNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihCBuBsvPeKZtEgYE/SwyuNNMPOJ
n7bBW8g8iIBAw1c6ROdhjPwLxPl4XJovwz+ELpymfErt8Nm6fBsW9rAUfXbGqmB8
7t+eFPenytcVx1Jk4P7Vw9a7un1tXotehaT0Uda0gkEtFmNIuGbQd8cgec9pQbho
3E6yXKXgIkFKn8o0ogx6o7r68umlbvhKdS8PkBRQVWauuXVENW8KjeJNHfaQjOl2
KLFgKI2lAg7k+FwiYjbGf4kyEYlVwnyRJAGKO0yvlj/n3zP0IvbClWK35+12DVNJ
SAz6cAwSYtmUcXMOd9uLogmEYvtkStwE0Fea7qbI4pWKWKmadABV3lRkowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJALjwYKh9dGGa1tWXVrnnSMtsbZMB8GA1UdIwQY
MBaAFGcOxTBoOT2Q22AewpXkKQhSXhDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEt
NzNkMjE4YTQ5MDNlLzEva0F1UEJncUgxMFlaclcxWmRXdWVkSXkyeHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEtNzNkMjE4YTQ5MDNl
LzEvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQCfMA0G
CSqGSIb3DQEBCwUAA4IBAQA9p1abLiLbgzcBA15XLeEuybPWRcMIlUGys4uWARBk
v0PgBty4jOdjWooCiR36eC68z/yKqM7foDMx9KZkpij2ajubx/zW6YUnWBKRH/PK
fj90hLsyTwA0BDsDLeZzyqlxdFv6WZrB5MSHKFLyG5ERa25/m3wxIywwvmN5Fmoa
d9k8YIuIrQ2kXAuDjtngOSQewp55RDay8HManVo68oFNSVIqf75Ecj0HvSzMSTXb
BAlGZBA8t496S6JxejXjt2meAvefnWmP3iCRIfnpO3izIohUqRZwmXKEkjXwEoXl
E9CFJRklbzNIwpowL4/rR5qK7ULeqZa/6Jrz/EQ56T4Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:42 2025 by rpki-client