Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/tTTj00-tSBbcg__g7zkuK2U-z0I.roa
File: tTTj00-tSBbcg__g7zkuK2U-z0I.roa (raw, json)
Hash identifier: drKz9HJN0gUrbmFlpr1woxTYvFQbVb3PoyZzaf/WwVQ=
Subject key identifier: B5:34:E3:D3:4F:AD:48:16:DC:83:FF:E0:EF:39:2E:2B:65:3E:CF:42
Certificate issuer: /CN=3d98a3b62d5abb1dcaf68ae23f531ee82240f203
Certificate serial: 01856C65DC0E2777A03F7F36427B7E793A92
Authority key identifier: 3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/tTTj00-tSBbcg__g7zkuK2U-z0I.roa
Signing time: Sun 01 Jan 2023 08:14:52 +0000
ROA not before: Sun 01 Jan 2023 08:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9022
IP address blocks: 193.21.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:dc:0e:27:77:a0:3f:7f:36:42:7b:7e:79:3a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d98a3b62d5abb1dcaf68ae23f531ee82240f203
Validity
Not Before: Jan 1 08:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b534e3d34fad4816dc83ffe0ef392e2b653ecf42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ad:3a:68:13:4d:d2:70:65:ed:2d:a3:73:52:
d4:0b:94:01:30:c0:63:1c:9d:f9:2b:5b:8e:74:ad:
74:77:ad:28:a2:27:e2:62:2a:b0:04:b3:13:30:75:
a7:9a:e4:28:74:fb:aa:fc:7c:49:bf:44:b9:cf:bd:
34:4e:f0:e7:a4:8f:6e:dd:21:e6:89:8a:57:36:35:
0d:9e:49:42:c1:24:cf:c4:55:8b:c3:ae:49:72:b1:
f5:5f:62:a1:d8:37:a6:e6:08:24:da:7d:f6:8b:44:
8d:af:cf:db:38:15:d3:be:88:4f:1f:e5:50:4e:b3:
98:17:e7:2b:6a:a3:3a:87:1b:6f:b7:c8:e8:e5:5a:
4a:96:06:53:f5:18:cc:58:d3:47:bb:c0:53:da:bb:
1e:f8:0d:40:99:c3:57:3b:ab:2e:80:48:84:e5:c7:
92:bf:30:1c:ce:62:e3:1c:3b:8d:ee:f0:b6:c6:5e:
3b:c5:64:25:37:ff:ea:c0:a8:65:e8:4f:fb:9f:1a:
f1:40:30:89:51:d2:b8:27:5b:f9:92:ef:6b:38:c3:
87:8e:9f:2c:a2:3c:1a:ff:28:47:ec:2d:3d:58:97:
c3:fe:fd:bb:44:f0:d8:65:d0:27:14:bd:31:bb:9d:
ea:65:e5:83:40:aa:7f:70:02:75:40:bd:80:a3:e1:
b8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:34:E3:D3:4F:AD:48:16:DC:83:FF:E0:EF:39:2E:2B:65:3E:CF:42
X509v3 Authority Key Identifier:
keyid:3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/tTTj00-tSBbcg__g7zkuK2U-z0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/PZijti1aux3K9oriP1Me6CJA8gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.21.251.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b3:f1:93:99:95:c6:22:fe:1c:32:1a:d0:df:f3:e9:a6:e2:
b1:66:58:b8:33:3a:61:42:52:b6:e3:d2:0c:cd:f9:95:25:a0:
01:db:17:f2:e9:79:8b:17:fa:16:77:8a:47:f4:0d:2d:2c:15:
b8:13:ed:c2:fa:f9:81:11:ba:2c:cb:46:1a:d9:49:50:c6:e9:
09:6e:05:8e:15:63:25:97:bb:51:ce:e6:6d:32:6d:0a:df:ac:
82:c6:d0:32:f3:df:73:43:01:02:a0:0f:1b:82:74:fe:48:6d:
5d:47:4a:dc:27:a8:50:c0:4b:ba:f2:b8:91:8c:fe:22:da:8b:
1f:60:60:eb:e4:07:38:d8:93:3f:ba:6e:62:0a:dd:ec:e4:79:
bc:50:4f:7e:67:09:c9:95:e1:ad:09:1f:a6:50:2a:48:1c:8a:
54:67:b6:fa:a4:19:15:fd:a4:2f:9d:89:b3:e4:35:62:f8:eb:
87:a7:07:a3:e5:22:a1:b5:dd:3e:a9:6e:00:34:3f:88:ec:f2:
6d:04:d6:2f:dd:c8:9d:54:45:3c:a0:f8:60:eb:06:51:16:6e:
36:31:a9:1b:db:0d:f9:56:01:6c:f4:ab:3a:33:ac:db:ee:50:
d5:2b:21:b6:4a:f4:f9:57:93:67:22:11:52:4d:f2:4b:51:0e:
cc:25:ce:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZdwOJ3egP382Qnt+eTqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOThhM2I2MmQ1YWJiMWRjYWY2OGFlMjNmNTMxZWU4MjI0
MGYyMDMwHhcNMjMwMTAxMDgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM0ZTNkMzRmYWQ0ODE2ZGM4M2ZmZTBlZjM5MmUyYjY1M2VjZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva06aBNN0nBl7S2jc1LUC5QBMMBj
HJ35K1uOdK10d60ooifiYiqwBLMTMHWnmuQodPuq/HxJv0S5z700TvDnpI9u3SHm
iYpXNjUNnklCwSTPxFWLw65JcrH1X2Kh2Dem5ggk2n32i0SNr8/bOBXTvohPH+VQ
TrOYF+craqM6hxtvt8jo5VpKlgZT9RjMWNNHu8BT2rse+A1AmcNXO6sugEiE5ceS
vzAczmLjHDuN7vC2xl47xWQlN//qwKhl6E/7nxrxQDCJUdK4J1v5ku9rOMOHjp8s
ojwa/yhH7C09WJfD/v27RPDYZdAnFL0xu53qZeWDQKp/cAJ1QL2Ao+G4LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLU049NPrUgW3IP/4O85LitlPs9CMB8GA1UdIwQY
MBaAFD2Yo7YtWrsdyvaK4j9THugiQPIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFppanRpMWF1eDNLOW9yaVAxTWU2Q0pBOGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hYzVmZGYtNWI2Ni00ODUwLTk2M2Et
ZjliNzNiM2UzZWVlLzEvdFRUajAwLXRTQmJjZ19fZzd6a3VLMlUtejBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hYzVmZGYtNWI2Ni00ODUwLTk2M2EtZjliNzNiM2UzZWVl
LzEvUFppanRpMWF1eDNLOW9yaVAxTWU2Q0pBOGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRX7MA0G
CSqGSIb3DQEBCwUAA4IBAQAWs/GTmZXGIv4cMhrQ3/PppuKxZli4MzphQlK249IM
zfmVJaAB2xfy6XmLF/oWd4pH9A0tLBW4E+3C+vmBEbosy0Ya2UlQxukJbgWOFWMl
l7tRzuZtMm0K36yCxtAy899zQwECoA8bgnT+SG1dR0rcJ6hQwEu68riRjP4i2osf
YGDr5Ac42JM/um5iCt3s5Hm8UE9+ZwnJleGtCR+mUCpIHIpUZ7b6pBkV/aQvnYmz
5DVi+OuHpwej5SKhtd0+qW4AND+I7PJtBNYv3cidVEU8oPhg6wZRFm42Makb2w35
VgFs9Ks6M6zb7lDVKyG2SvT5V5NnIhFSTfJLUQ7MJc7M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:12 2025 by rpki-client