Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/S-1W311HL0nwQMKNTze3tnW-_k0.roa
File: S-1W311HL0nwQMKNTze3tnW-_k0.roa (raw, json)
Hash identifier: 3U1EH5LTL7oAllnTN1BnatxizoAo05zVQbvhxABVzxE=
Subject key identifier: 4B:ED:56:DF:5D:47:2F:49:F0:40:C2:8D:4F:37:B7:B6:75:BE:FE:4D
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 01856F02488CD2C949FB53D3E555D676C2AB
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/S-1W311HL0nwQMKNTze3tnW-_k0.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199155
IP address blocks: 193.236.16.0/20 maxlen: 20
2001:697::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:48:8c:d2:c9:49:fb:53:d3:e5:55:d6:76:c2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bed56df5d472f49f040c28d4f37b7b675befe4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1a:5f:79:d3:03:3b:17:5d:19:40:86:bb:24:
bc:14:3a:e0:14:05:21:b0:82:78:16:0e:32:88:69:
f4:ee:9f:84:e2:38:43:a1:b7:ba:9c:62:32:b8:46:
4a:53:c1:95:fc:6c:f9:ef:18:19:af:6f:d3:48:ce:
a5:24:48:38:5b:28:9c:35:5a:ef:f9:2f:6d:68:c3:
74:1b:89:1c:e8:c0:7b:3b:c2:81:c9:a8:0c:02:25:
43:68:da:a3:c8:31:6e:e7:91:66:e4:78:03:ba:30:
5c:e4:f6:1a:82:b7:df:af:e7:ff:0d:49:b5:2d:71:
38:0d:47:14:ec:4f:4b:20:b0:18:a5:fe:98:69:ca:
d1:3d:b3:9e:11:3d:f3:7f:b9:cb:f6:24:a4:02:3d:
7d:c2:0a:fc:8e:8a:d2:dc:bd:92:fb:26:d3:00:7e:
ea:68:73:0e:9f:44:3d:13:ab:52:6e:0b:56:6b:19:
e7:14:82:e8:79:e3:30:4f:28:54:1d:68:ab:5a:15:
8c:44:ed:1e:43:c1:64:fc:fb:b4:f0:76:e2:2f:64:
71:89:21:ab:8d:91:87:36:24:e1:3d:63:dc:87:b7:
ec:f6:ea:3d:a0:61:3a:a2:8c:50:bc:1c:cd:4b:59:
42:bb:5b:e8:b6:22:d9:d4:09:6e:27:83:16:16:d8:
af:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:ED:56:DF:5D:47:2F:49:F0:40:C2:8D:4F:37:B7:B6:75:BE:FE:4D
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/S-1W311HL0nwQMKNTze3tnW-_k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.236.16.0/20
IPv6:
2001:697::/32
Signature Algorithm: sha256WithRSAEncryption
76:46:be:b8:20:a3:76:f1:40:81:8a:03:24:62:65:60:a1:0c:
d9:ca:4b:d3:82:21:80:16:ca:7d:5f:3c:4b:01:6b:19:94:43:
98:13:44:04:47:4f:1e:bb:85:cb:09:5a:cd:f5:c7:d7:5e:9e:
9d:10:c4:f1:4c:9f:d6:94:b1:e1:6f:5a:ae:3e:4c:bf:f3:24:
ec:4d:c2:55:f0:92:28:3d:66:c1:5e:28:24:b7:f9:0c:f1:c8:
a1:c7:33:67:ab:47:14:3a:45:cc:33:4d:6f:ce:65:60:e5:85:
aa:8c:78:04:8f:26:56:de:6d:e2:8f:30:3f:dc:6c:17:42:55:
4d:02:e8:c0:58:28:d0:4c:20:6a:3f:30:a4:41:eb:ce:dc:f4:
9c:40:84:ed:84:53:7c:bb:43:aa:c4:fe:81:66:29:73:ea:00:
44:97:c3:4b:d1:26:e1:ae:0f:70:01:cf:de:8a:12:52:33:8f:
c2:60:56:30:4b:20:fd:bc:f1:73:92:dc:0e:45:e5:ae:0f:69:
d6:61:a5:6a:16:f5:56:aa:4a:d7:a8:da:78:2d:55:31:3c:a1:
26:e6:a0:65:d4:e8:38:cf:74:67:8d:9f:41:5b:1e:41:0f:ea:
6b:3b:d6:8e:57:1e:95:86:4b:ac:a4:5c:0a:b7:e0:b0:d8:7e:
3f:62:9d:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAkiM0slJ+1PT5VXWdsKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlMTkzYjMwMTY2NWI1NmY2NzgwZjIyNWZkNDRkMTQ0
MDkzYWYwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmVkNTZkZjVkNDcyZjQ5ZjA0MGMyOGQ0ZjM3YjdiNjc1YmVmZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRpfedMDOxddGUCGuyS8FDrgFAUh
sIJ4Fg4yiGn07p+E4jhDobe6nGIyuEZKU8GV/Gz57xgZr2/TSM6lJEg4WyicNVrv
+S9taMN0G4kc6MB7O8KByagMAiVDaNqjyDFu55Fm5HgDujBc5PYagrffr+f/DUm1
LXE4DUcU7E9LILAYpf6YacrRPbOeET3zf7nL9iSkAj19wgr8jorS3L2S+ybTAH7q
aHMOn0Q9E6tSbgtWaxnnFILoeeMwTyhUHWirWhWMRO0eQ8Fk/Pu08HbiL2RxiSGr
jZGHNiThPWPch7fs9uo9oGE6ooxQvBzNS1lCu1votiLZ1AluJ4MWFtivWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEvtVt9dRy9J8EDCjU83t7Z1vv5NMB8GA1UdIwQY
MBaAFA1O4ZOzAWZbVvZ4DyJf1E0UQJOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYt
OWY3ZTBmODYyZjFlLzEvUy0xVzMxMUhMMG53UU1LTlR6ZTN0blctX2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYtOWY3ZTBmODYyZjFl
LzEvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEwewQMA0E
AgACMAcDBQAgAQaXMA0GCSqGSIb3DQEBCwUAA4IBAQB2Rr64IKN28UCBigMkYmVg
oQzZykvTgiGAFsp9XzxLAWsZlEOYE0QER08eu4XLCVrN9cfXXp6dEMTxTJ/WlLHh
b1quPky/8yTsTcJV8JIoPWbBXigkt/kM8cihxzNnq0cUOkXMM01vzmVg5YWqjHgE
jyZW3m3ijzA/3GwXQlVNAujAWCjQTCBqPzCkQevO3PScQITthFN8u0OqxP6BZilz
6gBEl8NL0Sbhrg9wAc/eihJSM4/CYFYwSyD9vPFzktwOReWuD2nWYaVqFvVWqkrX
qNp4LVUxPKEm5qBl1Og4z3RnjZ9BWx5BD+prO9aOVx6VhkuspFwKt+Cw2H4/Yp0x
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:25:22 2025 by rpki-client