Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/61aPwrOiHqquR6wXoouQwXy_QjU.roa
File: 61aPwrOiHqquR6wXoouQwXy_QjU.roa (raw, json)
Hash identifier: 5Ysy2UKh9nws+/6oq5hgtY70SVh3GcqCurK2RJLa+TY=
Subject key identifier: EB:56:8F:C2:B3:A2:1E:AA:AE:47:AC:17:A2:8B:90:C1:7C:BF:42:35
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018C169A78175D7B4674E1012B99D3A660D6
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/61aPwrOiHqquR6wXoouQwXy_QjU.roa
Signing time: Tue 28 Nov 2023 15:44:31 +0000
ROA not before: Tue 28 Nov 2023 15:44:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25717
IP address blocks: 193.221.69.0/24 maxlen: 24
193.221.70.0/23 maxlen: 23
193.221.72.0/24 maxlen: 24
193.221.74.0/24 maxlen: 24
193.221.78.0/24 maxlen: 24
193.221.57.0/24 maxlen: 24
193.221.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:9a:78:17:5d:7b:46:74:e1:01:2b:99:d3:a6:60:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Nov 28 15:44:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb568fc2b3a21eaaae47ac17a28b90c17cbf4235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7c:e6:ca:47:65:b7:de:20:6e:a7:87:29:81:
29:7e:72:da:04:5a:38:65:0d:0a:0f:96:f2:d5:e9:
3c:31:69:a4:3f:1f:36:01:38:74:53:be:57:e8:50:
f4:db:2c:6d:c4:c1:f8:fb:0e:e7:00:e5:b4:12:07:
34:67:f4:51:87:e3:8f:b8:67:9e:49:78:19:4b:6a:
a5:ca:40:ae:90:08:76:22:03:f6:71:39:45:bf:7f:
8b:cd:35:80:6a:7b:52:7e:57:64:31:6c:81:c5:19:
3c:8e:f6:e9:4c:82:69:40:65:21:f0:b6:00:6c:31:
b2:f8:31:26:23:10:7e:27:00:bc:7f:46:40:f6:d2:
d2:45:3b:92:80:83:7b:c0:c7:2e:e1:7e:2e:c2:5f:
4a:08:01:92:ae:52:a6:c1:0c:e4:07:f3:f0:b4:3a:
17:97:73:15:7e:85:f8:ef:e9:5a:24:d4:29:0c:95:
20:df:77:ca:4a:4c:07:aa:a1:af:ef:35:69:6e:2e:
2f:91:c5:56:29:7f:0c:36:cb:69:50:ef:22:89:a9:
24:34:b9:0d:4b:cc:9c:75:0c:25:67:2e:a1:ee:e5:
98:a8:73:4d:2f:ff:9b:a2:86:30:02:67:ae:f6:16:
d4:2e:a9:4a:5c:5f:16:38:2c:63:3d:5f:95:e9:2d:
53:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:56:8F:C2:B3:A2:1E:AA:AE:47:AC:17:A2:8B:90:C1:7C:BF:42:35
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/61aPwrOiHqquR6wXoouQwXy_QjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.56.0/23
193.221.69.0-193.221.72.255
193.221.74.0/24
193.221.78.0/24
Signature Algorithm: sha256WithRSAEncryption
43:cd:71:a6:7f:c7:2c:5c:9e:fc:0c:2c:4b:a9:12:1f:2b:c3:
7d:d4:66:ff:48:7e:70:3f:56:a3:05:b0:df:0f:e9:02:68:ef:
38:d8:75:81:5f:bc:29:44:b2:6b:f6:bb:15:1e:6f:7f:97:fd:
2a:a6:9a:e9:c4:3e:5f:a2:02:ff:96:47:72:9b:b7:93:cd:95:
79:b5:f6:45:8a:08:6a:df:bb:1b:d1:86:a5:65:3e:21:68:2b:
f1:49:e7:69:e8:5b:b5:f1:5c:14:72:d6:e8:a6:8a:2d:37:a8:
a8:05:de:90:20:5c:e2:a3:d4:b3:e0:80:3a:b3:55:bf:52:fd:
72:e0:18:26:e4:04:92:15:b7:8f:1d:bd:22:ca:64:89:aa:2e:
df:b8:3d:ba:6d:f2:a3:8f:0c:fa:57:9d:bd:28:31:fd:44:74:
7b:09:c3:8a:0b:0a:26:dc:45:98:c3:c3:05:d9:cf:77:25:06:
04:39:dc:47:42:ec:d8:0c:bf:e2:e0:29:37:a4:97:71:94:e5:
19:f3:24:08:ec:81:5e:8a:15:7c:80:cc:68:1f:b7:f0:9f:44:
f7:4c:78:59:61:00:01:a9:eb:d6:89:34:1d:0d:97:cc:cf:3b:
74:54:c3:c2:58:c1:f8:36:77:62:1a:03:64:9a:96:f7:ef:21:
bf:c9:b0:8b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYwWmngXXXtGdOEBK5nTpmDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjMxMTI4MTU0NDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU2OGZjMmIzYTIxZWFhYWU0N2FjMTdhMjhiOTBjMTdjYmY0MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3zmykdlt94gbqeHKYEpfnLaBFo4
ZQ0KD5by1ek8MWmkPx82ATh0U75X6FD02yxtxMH4+w7nAOW0Egc0Z/RRh+OPuGee
SXgZS2qlykCukAh2IgP2cTlFv3+LzTWAantSfldkMWyBxRk8jvbpTIJpQGUh8LYA
bDGy+DEmIxB+JwC8f0ZA9tLSRTuSgIN7wMcu4X4uwl9KCAGSrlKmwQzkB/PwtDoX
l3MVfoX47+laJNQpDJUg33fKSkwHqqGv7zVpbi4vkcVWKX8MNstpUO8iiakkNLkN
S8ycdQwlZy6h7uWYqHNNL/+booYwAmeu9hbULqlKXF8WOCxjPV+V6S1TaQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOtWj8Kzoh6qrkesF6KLkMF8v0I1MB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvNjFhUHdyT2lIcXF1UjZ3WG9vdVF3WHlfUWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBwd04MAwD
BADB3UUDBADB3UgDBADB3UoDBADB3U4wDQYJKoZIhvcNAQELBQADggEBAEPNcaZ/
xyxcnvwMLEupEh8rw33UZv9IfnA/VqMFsN8P6QJo7zjYdYFfvClEsmv2uxUeb3+X
/SqmmunEPl+iAv+WR3Kbt5PNlXm19kWKCGrfuxvRhqVlPiFoK/FJ52noW7XxXBRy
1uimii03qKgF3pAgXOKj1LPggDqzVb9S/XLgGCbkBJIVt48dvSLKZImqLt+4Pbpt
8qOPDPpXnb0oMf1EdHsJw4oLCibcRZjDwwXZz3clBgQ53EdC7NgMv+LgKTekl3GU
5RnzJAjsgV6KFXyAzGgft/CfRPdMeFlhAAGp69aJNB0Nl8zPO3RUw8JYwfg2d2Ia
A2SalvfvIb/JsIs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:59 2025 by rpki-client