Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/23Fu7OfbRqM9ITryLZWVPueyQxk.roa
File: 23Fu7OfbRqM9ITryLZWVPueyQxk.roa (raw, json)
Hash identifier: bPUJ6On8gT0dcLTY3PsmA13cP/lkDe+bi9UUuQOTK28=
Subject key identifier: DB:71:6E:EC:E7:DB:46:A3:3D:21:3A:F2:2D:95:95:3E:E7:B2:43:19
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 01835B45E4330B809D9E18220ECF694F7902
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/23Fu7OfbRqM9ITryLZWVPueyQxk.roa
Signing time: Tue 20 Sep 2022 14:20:50 +0000
ROA not before: Tue 20 Sep 2022 14:20:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41039
IP address blocks: 92.242.96.0/19 maxlen: 24
195.184.192.0/19 maxlen: 24
2.57.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5b:45:e4:33:0b:80:9d:9e:18:22:0e:cf:69:4f:79:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Sep 20 14:20:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db716eece7db46a33d213af22d95953ee7b24319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4e:93:4f:a5:a7:44:6f:38:a7:03:af:41:c5:
15:9f:a8:90:ea:8e:e3:4d:b6:35:e1:b1:fc:bb:21:
f6:a9:6c:e9:4d:59:0d:4a:73:0b:f4:71:78:a3:db:
9f:0f:2d:df:09:59:a8:bb:6b:83:3a:a8:50:13:76:
a6:b1:dd:1b:87:bc:0f:23:16:15:72:d0:89:1d:2d:
24:e6:d6:43:62:bc:50:38:37:9b:38:d9:62:a2:11:
4e:32:33:ed:6c:13:3a:cb:46:1c:8a:b3:48:7a:96:
a7:59:f0:60:41:05:10:8d:c9:a0:7d:11:d8:84:50:
16:fe:bc:ea:d6:d5:ae:d8:bd:e7:03:60:33:1f:09:
fe:63:9b:1b:f4:35:d2:d6:a7:c9:04:93:e4:8a:16:
a1:ed:1e:80:25:8a:3f:c5:11:71:a9:0c:64:88:78:
b7:fd:8c:48:62:f8:45:2b:48:f4:73:ea:bb:41:0d:
cd:a2:23:21:a7:13:20:49:53:c8:25:0a:a6:2c:9b:
03:03:7d:fe:ef:5a:c0:f5:c4:e9:d1:f6:91:b2:72:
53:91:a9:e0:32:52:73:47:17:78:8d:d6:c4:34:89:
4d:5a:13:29:ef:fe:62:b5:b5:c9:ed:83:91:e5:7f:
bf:4d:2a:0d:5f:32:c2:40:3f:6c:78:56:73:27:cc:
58:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:71:6E:EC:E7:DB:46:A3:3D:21:3A:F2:2D:95:95:3E:E7:B2:43:19
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/23Fu7OfbRqM9ITryLZWVPueyQxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.112.0/22
92.242.96.0/19
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:29:e6:1c:d1:06:4f:52:2d:9a:38:65:0b:f7:be:85:d3:65:
8b:0b:57:a5:79:a7:11:9a:87:ac:a3:d9:13:01:43:59:f4:54:
fc:7f:3d:9f:0b:98:7c:e5:bc:ef:43:ce:66:a4:4a:68:88:70:
1b:4d:d7:13:63:7b:9f:26:bd:63:ee:fd:24:78:00:3f:5f:94:
a6:27:fd:15:87:c3:2d:d6:12:14:c9:0f:9a:08:70:d1:55:a6:
e6:14:0c:4b:1d:85:c5:5c:c4:26:8d:25:13:d9:40:fa:bc:7d:
d0:35:11:b9:bb:7c:68:00:1c:2d:59:99:6e:ed:55:fd:0f:5e:
68:96:23:d8:67:a2:45:b8:c0:22:df:cc:b0:49:fa:15:22:a1:
b7:95:ad:72:8e:56:b4:2f:56:5f:3e:6f:0c:28:39:35:16:5c:
7a:34:10:b6:c3:76:58:09:28:0e:59:2d:ee:5b:bc:22:9a:10:
64:b3:eb:b2:9e:b7:88:0b:89:b7:60:b9:65:ee:24:2a:12:0a:
96:40:1d:dd:9f:2d:66:7a:66:5e:32:22:88:5c:c5:28:6d:0e:
72:1c:2c:76:68:48:cd:2f:89:94:b1:aa:29:b3:f1:ca:87:77:
4d:4f:ab:d4:e6:5f:a2:bd:9c:e4:9c:69:4e:66:6a:f9:ff:44:
54:a1:69:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNbReQzC4CdnhgiDs9pT3kCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjIwOTIwMTQyMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjcxNmVlY2U3ZGI0NmEzM2QyMTNhZjIyZDk1OTUzZWU3YjI0MzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj06TT6WnRG84pwOvQcUVn6iQ6o7j
TbY14bH8uyH2qWzpTVkNSnML9HF4o9ufDy3fCVmou2uDOqhQE3amsd0bh7wPIxYV
ctCJHS0k5tZDYrxQODebONliohFOMjPtbBM6y0YcirNIepanWfBgQQUQjcmgfRHY
hFAW/rzq1tWu2L3nA2AzHwn+Y5sb9DXS1qfJBJPkihah7R6AJYo/xRFxqQxkiHi3
/YxIYvhFK0j0c+q7QQ3NoiMhpxMgSVPIJQqmLJsDA33+71rA9cTp0faRsnJTkang
MlJzRxd4jdbENIlNWhMp7/5itbXJ7YOR5X+/TSoNXzLCQD9seFZzJ8xYUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNtxbuzn20ajPSE68i2VlT7nskMZMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvMjNGdTdPZmJScU05SVRyeUxaV1ZQdWV5UXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjlwAwQF
XPJgAwQFw7jAMA0GCSqGSIb3DQEBCwUAA4IBAQB8KeYc0QZPUi2aOGUL976F02WL
C1eleacRmoeso9kTAUNZ9FT8fz2fC5h85bzvQ85mpEpoiHAbTdcTY3ufJr1j7v0k
eAA/X5SmJ/0Vh8Mt1hIUyQ+aCHDRVabmFAxLHYXFXMQmjSUT2UD6vH3QNRG5u3xo
ABwtWZlu7VX9D15oliPYZ6JFuMAi38ywSfoVIqG3la1yjla0L1ZfPm8MKDk1Flx6
NBC2w3ZYCSgOWS3uW7wimhBks+uynreIC4m3YLll7iQqEgqWQB3dny1memZeMiKI
XMUobQ5yHCx2aEjNL4mUsaops/HKh3dNT6vU5l+ivZzknGlOZmr5/0RUoWkn
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:38:07 2025 by rpki-client