Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/5eda7c-7c92-4386-8d82-66915139d89a/1/1D1m3q8Ck21A304cLYyVnqtP7ds.roa
File: 1D1m3q8Ck21A304cLYyVnqtP7ds.roa (raw, json)
Hash identifier: LQKYa/TNL9UUHtZHN2+BJv1VvDFXCfXmgeZ8JkMz9sY=
Subject key identifier: D4:3D:66:DE:AF:02:93:6D:40:DF:4E:1C:2D:8C:95:9E:AB:4F:ED:DB
Certificate issuer: /CN=07033a910fcf2c1b15977a18ace7d857ba58b9aa
Certificate serial: 01856F3933B03AE742582A78BB05DDDF98FC
Authority key identifier: 07:03:3A:91:0F:CF:2C:1B:15:97:7A:18:AC:E7:D8:57:BA:58:B9:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BwM6kQ_PLBsVl3oYrOfYV7pYuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/5eda7c-7c92-4386-8d82-66915139d89a/1/1D1m3q8Ck21A304cLYyVnqtP7ds.roa
Signing time: Sun 01 Jan 2023 21:24:57 +0000
ROA not before: Sun 01 Jan 2023 21:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42982
IP address blocks: 193.200.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:33:b0:3a:e7:42:58:2a:78:bb:05:dd:df:98:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07033a910fcf2c1b15977a18ace7d857ba58b9aa
Validity
Not Before: Jan 1 21:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d43d66deaf02936d40df4e1c2d8c959eab4feddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:27:8a:ad:64:5e:05:54:42:65:95:f2:8f:dd:
87:72:38:ca:db:d3:12:c7:22:38:72:c7:54:2e:4d:
ed:40:11:21:36:8c:3a:2a:40:04:9b:5e:b5:a8:81:
02:92:93:76:b0:14:f1:48:92:d4:84:9c:e5:68:85:
28:46:f9:51:f0:2d:cd:3d:43:d7:21:25:72:ce:a8:
0d:95:4a:5f:d8:85:0d:4b:6c:cf:3c:67:34:4e:b8:
9d:83:ed:6b:a2:28:4e:e9:d3:80:53:a5:fb:44:10:
b4:ec:26:14:df:8e:ab:ab:f9:0f:d1:db:de:36:4c:
cd:42:71:f8:79:f7:39:91:70:2c:6d:aa:0c:c9:47:
c6:21:f9:4c:85:0a:25:90:ff:59:03:e0:50:0a:5d:
bf:d8:a2:64:e7:52:5a:f2:5b:d5:14:a7:82:0f:c6:
cf:96:81:2c:e3:57:60:39:7b:67:a7:ca:6e:5d:d2:
3f:5c:44:be:f2:36:77:63:a8:06:61:ec:67:5d:9f:
e1:92:33:7b:78:a9:c7:03:04:58:3f:b7:07:47:a7:
47:5d:b1:28:f7:80:05:3c:af:d3:b2:5e:f8:3e:d1:
a0:d3:b5:a6:a3:94:50:69:54:5f:f0:93:f0:15:d8:
8b:1e:4b:55:7c:e6:94:43:27:3c:3c:8f:af:96:d3:
51:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3D:66:DE:AF:02:93:6D:40:DF:4E:1C:2D:8C:95:9E:AB:4F:ED:DB
X509v3 Authority Key Identifier:
keyid:07:03:3A:91:0F:CF:2C:1B:15:97:7A:18:AC:E7:D8:57:BA:58:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwM6kQ_PLBsVl3oYrOfYV7pYuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/5eda7c-7c92-4386-8d82-66915139d89a/1/1D1m3q8Ck21A304cLYyVnqtP7ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/5eda7c-7c92-4386-8d82-66915139d89a/1/BwM6kQ_PLBsVl3oYrOfYV7pYuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.179.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:74:f1:69:15:8c:3b:f4:d1:d0:5f:8c:e7:0a:0d:7d:b5:df:
54:0a:7f:25:d9:f8:a4:4f:24:e9:fa:0d:e6:07:9c:16:1c:2d:
72:d7:6e:2e:ef:79:8b:bf:29:5a:73:23:58:97:c9:df:91:cf:
a9:2c:b3:86:12:3e:12:2f:ac:e4:40:ae:34:1d:4d:c0:8e:ee:
4e:47:16:c4:80:2c:48:3b:ee:5c:1f:38:98:48:0c:73:1a:1c:
7e:b4:5b:e1:62:9d:c5:57:a9:a7:9b:f8:65:51:ec:d5:88:9e:
93:a1:0a:e7:d3:94:70:f5:23:02:a7:9a:75:17:ba:ed:22:2c:
9d:b5:36:7b:12:90:02:6f:04:f3:2a:08:dd:38:9d:a8:e0:74:
3f:19:a1:58:c7:e3:3e:98:ee:5f:74:5e:88:cf:73:07:ea:9d:
d2:1a:99:9e:a0:56:dc:a8:3d:91:c9:21:ea:53:d0:37:43:88:
a2:bb:19:ab:fe:9f:16:11:e3:d2:0c:c1:73:d8:2c:cd:b9:25:
6e:e0:ca:07:3c:49:0d:af:03:42:d4:b8:07:fb:b0:87:7c:7f:
21:cf:14:22:8b:da:55:37:d3:b5:bc:a2:8b:85:93:38:87:63:
cc:23:4a:e9:bd:1b:9a:3d:71:5f:e7:24:cf:f3:1c:f9:fd:c1:
06:e1:9c:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOTOwOudCWCp4uwXd35j8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDMzYTkxMGZjZjJjMWIxNTk3N2ExOGFjZTdkODU3YmE1
OGI5YWEwHhcNMjMwMTAxMjEyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNkNjZkZWFmMDI5MzZkNDBkZjRlMWMyZDhjOTU5ZWFiNGZlZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCeKrWReBVRCZZXyj92HcjjK29MS
xyI4csdULk3tQBEhNow6KkAEm161qIECkpN2sBTxSJLUhJzlaIUoRvlR8C3NPUPX
ISVyzqgNlUpf2IUNS2zPPGc0Tridg+1roihO6dOAU6X7RBC07CYU346rq/kP0dve
NkzNQnH4efc5kXAsbaoMyUfGIflMhQolkP9ZA+BQCl2/2KJk51Ja8lvVFKeCD8bP
loEs41dgOXtnp8puXdI/XES+8jZ3Y6gGYexnXZ/hkjN7eKnHAwRYP7cHR6dHXbEo
94AFPK/Tsl74PtGg07Wmo5RQaVRf8JPwFdiLHktVfOaUQyc8PI+vltNR2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQ9Zt6vApNtQN9OHC2MlZ6rT+3bMB8GA1UdIwQY
MBaAFAcDOpEPzywbFZd6GKzn2Fe6WLmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndNNmtRX1BMQnNWbDNvWXJPZllWN3BZdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni81ZWRhN2MtN2M5Mi00Mzg2LThkODIt
NjY5MTUxMzlkODlhLzEvMUQxbTNxOENrMjFBMzA0Y0xZeVZucXRQN2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni81ZWRhN2MtN2M5Mi00Mzg2LThkODItNjY5MTUxMzlkODlh
LzEvQndNNmtRX1BMQnNWbDNvWXJPZllWN3BZdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcizMA0G
CSqGSIb3DQEBCwUAA4IBAQAcdPFpFYw79NHQX4znCg19td9UCn8l2fikTyTp+g3m
B5wWHC1y124u73mLvylacyNYl8nfkc+pLLOGEj4SL6zkQK40HU3Aju5ORxbEgCxI
O+5cHziYSAxzGhx+tFvhYp3FV6mnm/hlUezViJ6ToQrn05Rw9SMCp5p1F7rtIiyd
tTZ7EpACbwTzKgjdOJ2o4HQ/GaFYx+M+mO5fdF6Iz3MH6p3SGpmeoFbcqD2RySHq
U9A3Q4iiuxmr/p8WEePSDMFz2CzNuSVu4MoHPEkNrwNC1LgH+7CHfH8hzxQii9pV
N9O1vKKLhZM4h2PMI0rpvRuaPXFf5yTP8xz5/cEG4Zyt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:04 2025 by rpki-client