Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/uZJ4VXhL4wUoVNakXZd5t4u7WBs.roa
File: uZJ4VXhL4wUoVNakXZd5t4u7WBs.roa (raw, json)
Hash identifier: EZlB1NvQY5hZ2iIdd8KKAU8mxwUGbc8v8h6Vl3WVymA=
Subject key identifier: B9:92:78:55:78:4B:E3:05:28:54:D6:A4:5D:97:79:B7:8B:BB:58:1B
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 01895004146EF35C0353BB454186430EE343
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/uZJ4VXhL4wUoVNakXZd5t4u7WBs.roa
Signing time: Thu 13 Jul 2023 16:09:51 +0000
ROA not before: Thu 13 Jul 2023 16:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.19.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:50:04:14:6e:f3:5c:03:53:bb:45:41:86:43:0e:e3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Jul 13 16:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9927855784be3052854d6a45d9779b78bbb581b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:94:24:0a:89:cb:77:c4:84:eb:67:92:da:96:
fe:f5:3b:7a:83:18:18:71:35:e1:56:b9:e3:63:05:
21:d8:e5:34:8c:31:61:8f:8a:53:2d:29:a9:78:9f:
6a:75:91:1b:64:50:91:78:16:d3:e9:18:d8:64:20:
be:41:b9:ad:00:76:d6:53:63:13:f5:e9:32:48:52:
38:a0:25:d4:b9:35:63:38:96:b5:5e:7d:93:0d:35:
ed:70:55:af:21:6e:5c:d8:01:04:fd:97:42:f6:cb:
13:4c:f1:85:48:c6:62:fd:d5:70:1d:9f:ac:92:89:
a2:69:2c:58:76:f3:a7:27:81:5f:44:92:b1:1e:ac:
ea:62:dd:18:35:81:5f:d1:91:ca:bd:61:14:61:19:
29:9b:f9:80:49:76:0c:0a:64:fe:2d:83:29:d5:90:
9c:d6:65:37:d0:08:8b:6b:0b:49:18:e5:cc:d9:6a:
81:48:0a:85:cf:fe:6b:f3:2e:01:fc:e8:bf:c6:1a:
a2:16:80:d1:e3:50:c6:ce:18:24:b1:cc:f9:e3:fd:
28:21:83:8e:b0:bc:99:1a:e4:55:de:5d:c1:a7:f9:
af:3d:60:f6:d4:20:43:3e:29:b5:b3:72:eb:28:95:
c9:60:06:02:c6:3b:b8:8a:b1:bd:6d:c2:ec:47:b8:
e4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:92:78:55:78:4B:E3:05:28:54:D6:A4:5D:97:79:B7:8B:BB:58:1B
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/uZJ4VXhL4wUoVNakXZd5t4u7WBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.224.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:62:be:99:c5:1f:f0:6e:73:92:05:2e:10:7d:61:92:8a:5a:
f6:15:0d:80:e5:64:be:14:54:04:be:84:10:e6:c4:63:9a:ef:
1d:84:a4:3e:c7:49:5a:7d:e8:82:34:02:de:84:df:3d:bb:6c:
bd:df:90:98:03:d7:a8:73:f7:69:19:cf:83:3f:a9:68:bb:7e:
86:b0:78:31:20:3f:75:14:4a:e3:e2:e1:28:aa:98:af:7d:c5:
7f:c6:40:e0:65:c5:09:d2:6a:5c:35:ac:61:7f:03:26:a7:5f:
fb:ee:d4:74:88:70:21:10:d6:34:c4:0c:6c:ab:e9:24:00:90:
20:86:85:aa:b8:0a:5f:83:f5:4d:7e:e9:ab:0a:8c:fc:0a:77:
9d:97:c6:1e:02:1c:82:97:19:b9:15:24:c4:1b:42:16:db:29:
c9:06:3e:99:1c:4e:8d:c0:6f:6a:f3:a9:f9:70:c1:f2:f2:c8:
79:21:da:62:52:fc:c1:c5:c7:d4:67:14:56:20:85:16:4b:a9:
74:e8:82:e3:f2:66:c0:d0:59:3a:ea:4e:72:e1:33:c2:e4:00:
f9:92:0b:1f:44:b6:5d:f1:c9:db:6e:2d:16:5c:91:c8:72:49:
69:a5:a7:fe:d6:fe:b0:3f:db:eb:18:b2:fd:91:ea:32:fc:4a:
21:7d:23:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlQBBRu81wDU7tFQYZDDuNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjMwNzEzMTYwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTkyNzg1NTc4NGJlMzA1Mjg1NGQ2YTQ1ZDk3NzliNzhiYmI1ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpQkConLd8SE62eS2pb+9Tt6gxgY
cTXhVrnjYwUh2OU0jDFhj4pTLSmpeJ9qdZEbZFCReBbT6RjYZCC+QbmtAHbWU2MT
9ekySFI4oCXUuTVjOJa1Xn2TDTXtcFWvIW5c2AEE/ZdC9ssTTPGFSMZi/dVwHZ+s
komiaSxYdvOnJ4FfRJKxHqzqYt0YNYFf0ZHKvWEUYRkpm/mASXYMCmT+LYMp1ZCc
1mU30AiLawtJGOXM2WqBSAqFz/5r8y4B/Oi/xhqiFoDR41DGzhgkscz54/0oIYOO
sLyZGuRV3l3Bp/mvPWD21CBDPim1s3LrKJXJYAYCxju4irG9bcLsR7jkAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmSeFV4S+MFKFTWpF2XebeLu1gbMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvdVpKNFZYaEw0d1VvVk5ha1haZDV0NHU3V0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwRPgMA0G
CSqGSIb3DQEBCwUAA4IBAQBuYr6ZxR/wbnOSBS4QfWGSilr2FQ2A5WS+FFQEvoQQ
5sRjmu8dhKQ+x0lafeiCNALehN89u2y935CYA9eoc/dpGc+DP6lou36GsHgxID91
FErj4uEoqpivfcV/xkDgZcUJ0mpcNaxhfwMmp1/77tR0iHAhENY0xAxsq+kkAJAg
hoWquApfg/VNfumrCoz8Cnedl8YeAhyClxm5FSTEG0IW2ynJBj6ZHE6NwG9q86n5
cMHy8sh5IdpiUvzBxcfUZxRWIIUWS6l06ILj8mbA0Fk66k5y4TPC5AD5kgsfRLZd
8cnbbi0WXJHIcklppaf+1v6wP9vrGLL9keoy/EohfSNk
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:26 2025 by rpki-client