Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f826a5-8e95-4513-b726-abd6f2b3410b/1/kh6aAOHIkLjZBKBjpTBG33BW_IE.roa
File: kh6aAOHIkLjZBKBjpTBG33BW_IE.roa (raw, json)
Hash identifier: kJY9DV+LoKib4vgB+1TAQeE54VJUmecxXf5rK8+H/SQ=
Subject key identifier: 92:1E:9A:00:E1:C8:90:B8:D9:04:A0:63:A5:30:46:DF:70:56:FC:81
Certificate issuer: /CN=bc1c16f5be37ff6c5d4205f2aba25fce35890335
Certificate serial: 018572B4288625D338D7B40F6FD2D38076A3
Authority key identifier: BC:1C:16:F5:BE:37:FF:6C:5D:42:05:F2:AB:A2:5F:CE:35:89:03:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBwW9b43_2xdQgXyq6JfzjWJAzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/f826a5-8e95-4513-b726-abd6f2b3410b/1/kh6aAOHIkLjZBKBjpTBG33BW_IE.roa
Signing time: Mon 02 Jan 2023 13:38:07 +0000
ROA not before: Mon 02 Jan 2023 13:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210512
IP address blocks: 193.32.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:28:86:25:d3:38:d7:b4:0f:6f:d2:d3:80:76:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc1c16f5be37ff6c5d4205f2aba25fce35890335
Validity
Not Before: Jan 2 13:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=921e9a00e1c890b8d904a063a53046df7056fc81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3b:b5:fd:9c:35:4b:3a:a5:d9:87:8a:06:36:
48:0b:5a:64:4b:af:14:73:e3:99:47:c3:f5:a4:42:
3e:9f:6e:d8:b0:27:de:6d:ba:de:04:ed:97:d2:f0:
02:4b:b8:f2:46:35:79:85:91:87:a3:c0:25:6c:5b:
09:5d:21:cc:fc:52:63:8b:47:55:06:a2:f7:63:3d:
3e:ba:e7:82:37:06:91:31:c7:95:f4:14:93:77:a5:
f3:cd:f6:19:3d:fc:e9:b7:fc:65:96:76:33:68:20:
53:06:e4:ce:f7:ca:d0:3c:b0:80:e6:e6:2a:3c:87:
93:a0:21:4d:63:2f:59:31:d2:bf:04:03:c5:62:7f:
e4:4b:da:0c:97:15:63:df:d1:b6:78:b9:f6:fb:ba:
42:38:f5:21:64:a8:3d:ab:17:c4:25:b3:c3:f3:55:
ff:4c:31:94:e0:ee:82:4d:d1:10:9e:27:d9:2c:de:
e0:a3:b7:82:cd:f4:d6:21:61:d9:87:da:79:a2:36:
28:e8:2e:c1:ff:4f:71:6f:30:f2:3a:c9:d5:8f:b9:
4d:aa:8a:a2:96:b7:4b:a8:ee:79:da:e8:17:f8:8d:
c2:f1:e0:e0:77:df:88:35:b2:06:5a:9f:81:50:e9:
ab:7c:1c:01:4c:ce:81:ff:20:77:78:4c:87:54:2d:
8b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1E:9A:00:E1:C8:90:B8:D9:04:A0:63:A5:30:46:DF:70:56:FC:81
X509v3 Authority Key Identifier:
keyid:BC:1C:16:F5:BE:37:FF:6C:5D:42:05:F2:AB:A2:5F:CE:35:89:03:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBwW9b43_2xdQgXyq6JfzjWJAzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f826a5-8e95-4513-b726-abd6f2b3410b/1/kh6aAOHIkLjZBKBjpTBG33BW_IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f826a5-8e95-4513-b726-abd6f2b3410b/1/vBwW9b43_2xdQgXyq6JfzjWJAzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.54.0/24
Signature Algorithm: sha256WithRSAEncryption
ea:21:9f:9a:c5:c5:f7:77:f3:d0:ef:f5:c7:c5:fd:9f:fd:5e:
45:e4:9b:e0:61:72:ed:69:ad:82:2e:c6:37:60:06:84:82:8a:
95:7d:b5:b9:9f:a1:23:eb:a3:80:18:62:2e:38:01:d1:74:0f:
ed:18:6f:88:9c:86:55:f8:53:6e:ac:c0:50:a2:8c:ce:c5:5e:
36:84:9a:20:ea:08:2d:bd:63:af:a6:fe:56:a0:25:7b:63:db:
56:3c:34:ea:2f:1d:be:aa:ff:d2:2f:4f:35:35:22:06:53:00:
9d:72:5b:c5:f3:fa:b7:e2:90:98:d9:84:a9:f5:d8:74:63:2e:
73:22:7c:a4:41:5f:8c:ae:f8:7b:8b:c6:40:05:21:7e:1b:90:
2f:61:b6:31:0a:a6:b3:85:8b:6d:87:c9:92:4e:ca:e9:1d:3d:
d6:48:5c:19:e3:91:c0:d3:d4:89:08:3f:42:10:94:7c:cd:4b:
95:4c:39:4d:24:f1:67:ed:aa:d2:4c:52:9b:7d:e2:d6:84:2f:
03:b2:95:f7:ac:28:04:7a:f5:92:35:6f:13:70:65:09:79:42:
d8:6d:3c:53:4d:85:11:16:d8:d2:2d:fd:fd:99:11:4a:dc:78:
79:08:db:27:ba:1e:8d:c0:8a:4a:4b:44:cc:67:7c:15:5f:b6:
82:5c:96:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytCiGJdM417QPb9LTgHajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMWMxNmY1YmUzN2ZmNmM1ZDQyMDVmMmFiYTI1ZmNlMzU4
OTAzMzUwHhcNMjMwMTAyMTMzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFlOWEwMGUxYzg5MGI4ZDkwNGEwNjNhNTMwNDZkZjcwNTZmYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTu1/Zw1Szql2YeKBjZIC1pkS68U
c+OZR8P1pEI+n27YsCfebbreBO2X0vACS7jyRjV5hZGHo8AlbFsJXSHM/FJji0dV
BqL3Yz0+uueCNwaRMceV9BSTd6XzzfYZPfzpt/xllnYzaCBTBuTO98rQPLCA5uYq
PIeToCFNYy9ZMdK/BAPFYn/kS9oMlxVj39G2eLn2+7pCOPUhZKg9qxfEJbPD81X/
TDGU4O6CTdEQnifZLN7go7eCzfTWIWHZh9p5ojYo6C7B/09xbzDyOsnVj7lNqoqi
lrdLqO552ugX+I3C8eDgd9+INbIGWp+BUOmrfBwBTM6B/yB3eEyHVC2LEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIemgDhyJC42QSgY6UwRt9wVvyBMB8GA1UdIwQY
MBaAFLwcFvW+N/9sXUIF8quiX841iQM1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkJ3VzliNDNfMnhkUWdYeXE2SmZ6aldKQXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mODI2YTUtOGU5NS00NTEzLWI3MjYt
YWJkNmYyYjM0MTBiLzEva2g2YUFPSElrTGpaQktCanBUQkczM0JXX0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mODI2YTUtOGU5NS00NTEzLWI3MjYtYWJkNmYyYjM0MTBi
LzEvdkJ3VzliNDNfMnhkUWdYeXE2SmZ6aldKQXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSA2MA0G
CSqGSIb3DQEBCwUAA4IBAQDqIZ+axcX3d/PQ7/XHxf2f/V5F5JvgYXLtaa2CLsY3
YAaEgoqVfbW5n6Ej66OAGGIuOAHRdA/tGG+InIZV+FNurMBQoozOxV42hJog6ggt
vWOvpv5WoCV7Y9tWPDTqLx2+qv/SL081NSIGUwCdclvF8/q34pCY2YSp9dh0Yy5z
InykQV+Mrvh7i8ZABSF+G5AvYbYxCqazhYtth8mSTsrpHT3WSFwZ45HA09SJCD9C
EJR8zUuVTDlNJPFn7arSTFKbfeLWhC8DspX3rCgEevWSNW8TcGUJeULYbTxTTYUR
FtjSLf39mRFK3Hh5CNsnuh6NwIpKS0TMZ3wVX7aCXJaY
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:45:03 2025 by rpki-client