Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/a3bcad-1d98-48b4-afaf-d2c3b4c09ea1/1/f3lhmr2CQaQv7SJmIsWsM42Gtfo.roa
File: f3lhmr2CQaQv7SJmIsWsM42Gtfo.roa (raw, json)
Hash identifier: S3Nqh6KYGPelRHZhajTGcyFr6frKx2W5aDEIp8aoiDM=
Subject key identifier: 7F:79:61:9A:BD:82:41:A4:2F:ED:22:66:22:C5:AC:33:8D:86:B5:FA
Certificate issuer: /CN=33533d9eef5a8128dc435d02f2233280348dc2b6
Certificate serial: 0185737A775C7F25E71CE8BF77E0736A3B63
Authority key identifier: 33:53:3D:9E:EF:5A:81:28:DC:43:5D:02:F2:23:32:80:34:8D:C2:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1M9nu9agSjcQ10C8iMygDSNwrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/a3bcad-1d98-48b4-afaf-d2c3b4c09ea1/1/f3lhmr2CQaQv7SJmIsWsM42Gtfo.roa
Signing time: Mon 02 Jan 2023 17:14:43 +0000
ROA not before: Mon 02 Jan 2023 17:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16313
IP address blocks: 193.31.160.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:77:5c:7f:25:e7:1c:e8:bf:77:e0:73:6a:3b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33533d9eef5a8128dc435d02f2233280348dc2b6
Validity
Not Before: Jan 2 17:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f79619abd8241a42fed226622c5ac338d86b5fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:23:39:ca:eb:6f:17:92:8e:89:9c:41:77:fc:
9a:78:e4:85:0f:31:52:c2:4b:3b:f0:1b:04:2f:1c:
13:f2:fa:6a:5e:79:75:94:48:5b:ba:c6:d3:fd:31:
55:75:06:55:6c:02:94:0c:d9:bd:25:62:48:4d:4f:
c4:c5:7f:4f:ee:21:79:31:06:bf:ed:63:37:b7:38:
e1:6b:de:f6:c3:56:9d:4e:3a:3d:49:38:9a:98:bd:
a0:b4:08:7a:d6:4e:12:f1:88:49:fe:f4:4a:01:48:
75:e3:f3:33:77:9a:57:0d:05:08:a0:f1:1b:20:0a:
8c:66:f7:32:27:88:54:3c:01:e7:2b:9f:06:e6:6e:
bd:bc:48:f5:6a:43:10:bc:eb:13:0e:d8:9b:95:f7:
f1:68:a3:ee:f2:40:bd:09:77:28:27:b0:0e:36:2c:
a4:4f:4e:65:cd:c0:cd:40:df:60:88:13:27:6d:d0:
40:00:07:7f:0b:47:80:0a:0c:d2:cc:b6:2a:39:ad:
72:68:90:f7:45:9c:1f:ee:aa:71:3f:a9:2c:32:13:
c9:ed:89:0b:ea:09:31:59:87:77:c0:e8:bf:a6:dc:
57:a5:91:07:52:78:22:5a:78:ab:70:9e:88:03:00:
7b:24:2d:d4:32:2d:bd:85:1d:e7:f7:27:7a:c2:95:
d3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:79:61:9A:BD:82:41:A4:2F:ED:22:66:22:C5:AC:33:8D:86:B5:FA
X509v3 Authority Key Identifier:
keyid:33:53:3D:9E:EF:5A:81:28:DC:43:5D:02:F2:23:32:80:34:8D:C2:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1M9nu9agSjcQ10C8iMygDSNwrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/a3bcad-1d98-48b4-afaf-d2c3b4c09ea1/1/f3lhmr2CQaQv7SJmIsWsM42Gtfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/a3bcad-1d98-48b4-afaf-d2c3b4c09ea1/1/M1M9nu9agSjcQ10C8iMygDSNwrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.160.0/19
Signature Algorithm: sha256WithRSAEncryption
66:2d:0d:5a:78:99:55:50:2c:ff:93:7b:c8:e8:1f:fd:84:07:
4c:4a:4a:f1:f0:77:42:5d:18:e4:07:51:a6:8a:e3:1f:6a:2e:
79:0a:51:f7:b7:65:f7:75:69:98:05:3f:73:c3:f8:39:b9:8b:
01:fb:7b:f6:6a:61:eb:e0:c6:b6:15:28:b8:4f:05:46:ab:ff:
36:de:78:b7:66:7e:a7:a0:64:e6:b0:bb:94:a3:ec:d7:95:33:
c6:ef:a4:ee:ec:c7:52:0b:2f:ee:76:ee:66:0a:fc:78:3d:f0:
d2:ed:ac:0d:23:e2:0a:cb:f9:aa:06:1f:f9:f0:ac:b5:a5:8b:
10:11:6b:f3:ca:1c:02:ec:25:06:a4:fe:00:b1:76:b8:d1:56:
8e:65:04:20:8e:89:c6:3f:7c:d0:ba:e0:e2:c2:6b:ea:ca:ec:
89:16:d6:ba:15:5e:ab:89:e2:83:d9:0f:67:e1:c0:8d:77:61:
28:38:a0:c4:e2:08:5f:dc:f7:b0:22:b7:55:3e:61:66:1e:bb:
aa:c0:40:ed:9b:11:56:2c:ff:18:5c:93:d2:76:c7:fd:6e:c3:
4d:51:2a:54:6d:20:c6:d5:88:24:1f:58:3f:a5:20:c8:bf:20:
9c:20:fb:81:f9:a2:aa:fd:69:ec:a9:35:db:9e:53:51:26:24:
20:96:ed:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzendcfyXnHOi/d+BzajtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTMzZDllZWY1YTgxMjhkYzQzNWQwMmYyMjMzMjgwMzQ4
ZGMyYjYwHhcNMjMwMTAyMTcxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc5NjE5YWJkODI0MWE0MmZlZDIyNjYyMmM1YWMzMzhkODZiNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yM5yutvF5KOiZxBd/yaeOSFDzFS
wks78BsELxwT8vpqXnl1lEhbusbT/TFVdQZVbAKUDNm9JWJITU/ExX9P7iF5MQa/
7WM3tzjha972w1adTjo9STiamL2gtAh61k4S8YhJ/vRKAUh14/Mzd5pXDQUIoPEb
IAqMZvcyJ4hUPAHnK58G5m69vEj1akMQvOsTDtiblffxaKPu8kC9CXcoJ7AONiyk
T05lzcDNQN9giBMnbdBAAAd/C0eACgzSzLYqOa1yaJD3RZwf7qpxP6ksMhPJ7YkL
6gkxWYd3wOi/ptxXpZEHUngiWnircJ6IAwB7JC3UMi29hR3n9yd6wpXTowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH95YZq9gkGkL+0iZiLFrDONhrX6MB8GA1UdIwQY
MBaAFDNTPZ7vWoEo3ENdAvIjMoA0jcK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFNOW51OWFnU2pjUTEwQzhpTXlnRFNOd3JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hM2JjYWQtMWQ5OC00OGI0LWFmYWYt
ZDJjM2I0YzA5ZWExLzEvZjNsaG1yMkNRYVF2N1NKbUlzV3NNNDJHdGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hM2JjYWQtMWQ5OC00OGI0LWFmYWYtZDJjM2I0YzA5ZWEx
LzEvTTFNOW51OWFnU2pjUTEwQzhpTXlnRFNOd3JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwR+gMA0G
CSqGSIb3DQEBCwUAA4IBAQBmLQ1aeJlVUCz/k3vI6B/9hAdMSkrx8HdCXRjkB1Gm
iuMfai55ClH3t2X3dWmYBT9zw/g5uYsB+3v2amHr4Ma2FSi4TwVGq/823ni3Zn6n
oGTmsLuUo+zXlTPG76Tu7MdSCy/udu5mCvx4PfDS7awNI+IKy/mqBh/58Ky1pYsQ
EWvzyhwC7CUGpP4AsXa40VaOZQQgjonGP3zQuuDiwmvqyuyJFta6FV6rieKD2Q9n
4cCNd2EoOKDE4ghf3PewIrdVPmFmHruqwEDtmxFWLP8YXJPSdsf9bsNNUSpUbSDG
1YgkH1g/pSDIvyCcIPuB+aKq/WnsqTXbnlNRJiQglu3x
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:51 2025 by rpki-client