Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/ISPNAElhigF0ucYdQVWHQ5WXsK0.roa
File: ISPNAElhigF0ucYdQVWHQ5WXsK0.roa (raw, json)
Hash identifier: MPJo3LhC9WrAUCPJyrbvnYpvWl6bKTresNHKlta4i/U=
Subject key identifier: 21:23:CD:00:49:61:8A:01:74:B9:C6:1D:41:55:87:43:95:97:B0:AD
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018C153C96D89B0382F970E664B0668C788E
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/ISPNAElhigF0ucYdQVWHQ5WXsK0.roa
Signing time: Tue 28 Nov 2023 09:22:21 +0000
ROA not before: Tue 28 Nov 2023 09:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25717
IP address blocks: 193.221.69.0/24 maxlen: 24
193.221.70.0/23 maxlen: 23
193.221.72.0/24 maxlen: 24
193.221.78.0/24 maxlen: 24
193.221.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:3c:96:d8:9b:03:82:f9:70:e6:64:b0:66:8c:78:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Nov 28 09:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2123cd0049618a0174b9c61d415587439597b0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:ce:df:23:90:20:fe:19:1d:a4:1c:c1:5e:
c9:07:a5:0a:eb:b0:eb:8e:5a:c0:0b:91:c6:da:09:
fe:a6:f6:b0:72:1d:6b:f9:5f:08:76:49:4d:fa:30:
68:60:15:54:46:9b:a3:9b:da:ef:8f:eb:dc:f8:16:
30:89:27:6f:18:8e:73:c5:39:d0:f4:42:f1:8b:21:
4e:29:1d:85:a1:14:33:e7:f7:94:e7:ff:34:97:9d:
2e:b0:52:73:64:c8:c6:df:7b:24:1e:95:ee:2b:03:
4b:55:69:2c:cc:6a:ba:70:1b:98:7a:80:0c:9d:48:
73:cf:31:e4:f1:cc:2c:44:81:5a:91:46:7a:aa:f9:
3c:54:5a:05:54:cd:a1:42:49:b4:3f:a2:e5:5b:77:
cd:a3:00:94:64:aa:2a:8c:9f:cd:de:97:9c:b1:2d:
60:2d:a4:74:d8:e1:4d:ac:b0:08:6c:f0:93:e7:15:
79:0d:32:6a:a7:f9:70:95:91:b8:24:31:8a:1e:39:
c6:bb:fb:66:7e:c2:12:86:b5:a6:ed:97:43:00:32:
cf:f0:b9:68:3d:f3:aa:b4:49:64:66:ac:85:40:ce:
81:39:b6:04:34:3b:ff:d0:cf:3d:f4:4c:b0:40:a1:
db:9d:8b:27:1e:14:58:ec:dc:6b:83:e3:dc:8f:06:
58:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:23:CD:00:49:61:8A:01:74:B9:C6:1D:41:55:87:43:95:97:B0:AD
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/ISPNAElhigF0ucYdQVWHQ5WXsK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.57.0/24
193.221.69.0-193.221.72.255
193.221.78.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:f4:8f:31:45:d3:fe:7d:1c:73:13:ae:9a:b6:34:95:83:24:
5c:e6:47:e0:3a:dc:d2:78:a6:a1:74:f3:a1:07:dd:cf:19:d7:
29:a3:6e:72:ad:87:f1:b5:fb:b2:f4:a8:44:1e:79:da:c9:8c:
02:a4:66:e2:10:00:4e:21:22:b4:a3:20:47:80:6c:5a:ea:c6:
3f:6a:ce:2c:6a:4d:69:18:3d:a8:80:97:62:f8:27:a8:c6:0a:
60:2d:f5:8e:0b:84:ee:c7:81:fb:0b:0a:e4:38:ac:71:84:ce:
10:6b:0a:3e:29:a2:eb:d2:1f:d4:0b:9e:d2:39:12:bd:6e:5d:
73:c7:0e:fc:76:da:21:e4:3a:b0:dc:20:d0:2d:33:03:18:f3:
6c:24:25:c8:8a:67:ce:ad:04:a3:55:27:14:a7:27:75:ff:46:
de:e2:3f:09:be:b7:84:39:01:77:45:7c:b1:e4:a8:d3:f7:15:
4f:a6:43:ff:f0:79:92:8d:52:46:09:50:fe:9d:d4:8c:ee:68:
b1:a8:4b:51:7f:0c:4a:7a:9a:45:8e:81:0a:7a:b6:51:b8:1a:
07:d0:06:32:d9:b9:d3:4f:8e:b4:89:e6:92:be:2c:f2:97:d1:
c2:f5:04:9d:d4:e5:ce:94:0c:ee:a0:da:f9:c8:ae:e6:fa:d0:
85:43:b4:fa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwVPJbYmwOC+XDmZLBmjHiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjMxMTI4MDkyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTIzY2QwMDQ5NjE4YTAxNzRiOWM2MWQ0MTU1ODc0Mzk1OTdiMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWbO3yOQIP4ZHaQcwV7JB6UK67Dr
jlrAC5HG2gn+pvawch1r+V8IdklN+jBoYBVURpujm9rvj+vc+BYwiSdvGI5zxTnQ
9ELxiyFOKR2FoRQz5/eU5/80l50usFJzZMjG33skHpXuKwNLVWkszGq6cBuYeoAM
nUhzzzHk8cwsRIFakUZ6qvk8VFoFVM2hQkm0P6LlW3fNowCUZKoqjJ/N3pecsS1g
LaR02OFNrLAIbPCT5xV5DTJqp/lwlZG4JDGKHjnGu/tmfsIShrWm7ZdDADLP8Llo
PfOqtElkZqyFQM6BObYENDv/0M899EywQKHbnYsnHhRY7Nxrg+PcjwZYAQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCEjzQBJYYoBdLnGHUFVh0OVl7CtMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvSVNQTkFFbGhpZ0YwdWNZZFFWV0hRNVdYc0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwd05MAwD
BADB3UUDBADB3UgDBADB3U4wDQYJKoZIhvcNAQELBQADggEBACv0jzFF0/59HHMT
rpq2NJWDJFzmR+A63NJ4pqF086EH3c8Z1ymjbnKth/G1+7L0qEQeedrJjAKkZuIQ
AE4hIrSjIEeAbFrqxj9qzixqTWkYPaiAl2L4J6jGCmAt9Y4LhO7HgfsLCuQ4rHGE
zhBrCj4pouvSH9QLntI5Er1uXXPHDvx22iHkOrDcINAtMwMY82wkJciKZ86tBKNV
JxSnJ3X/Rt7iPwm+t4Q5AXdFfLHkqNP3FU+mQ//weZKNUkYJUP6d1IzuaLGoS1F/
DEp6mkWOgQp6tlG4GgfQBjLZudNPjrSJ5pK+LPKX0cL1BJ3U5c6UDO6g2vnIrub6
0IVDtPo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:37 2025 by rpki-client