Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/JtTgcnYy122E3hRY6UPAVAFRA30.roa
File: JtTgcnYy122E3hRY6UPAVAFRA30.roa (raw, json)
Hash identifier: 7b8AHmHmzLvDqAzgsdFdImNaTGaoxl1Hkdfot9ZZgUA=
Subject key identifier: 26:D4:E0:72:76:32:D7:6D:84:DE:14:58:E9:43:C0:54:01:51:03:7D
Certificate issuer: /CN=af48f67f53fce9891d41593ac84cae304abfcbcf
Certificate serial: 01856CF855426A968140578A44FD24EF11E1
Authority key identifier: AF:48:F6:7F:53:FC:E9:89:1D:41:59:3A:C8:4C:AE:30:4A:BF:CB:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0j2f1P86YkdQVk6yEyuMEq_y88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/JtTgcnYy122E3hRY6UPAVAFRA30.roa
Signing time: Sun 01 Jan 2023 10:54:52 +0000
ROA not before: Sun 01 Jan 2023 10:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202796
IP address blocks: 193.169.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:55:42:6a:96:81:40:57:8a:44:fd:24:ef:11:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af48f67f53fce9891d41593ac84cae304abfcbcf
Validity
Not Before: Jan 1 10:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26d4e0727632d76d84de1458e943c0540151037d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c3:67:82:49:55:b4:7f:74:aa:cd:07:b2:61:
76:a1:99:71:ed:18:41:5e:37:b6:37:de:c2:24:43:
01:05:56:42:8d:f7:74:0e:96:85:91:2d:9f:83:cd:
27:69:a0:7a:c4:0e:9e:ec:c3:09:1b:97:ef:3a:2c:
45:a7:fd:03:71:53:b0:f1:87:1a:7d:15:7b:49:d0:
e7:5c:22:0b:e7:9f:86:8f:26:27:ca:ca:7d:bf:dc:
c9:2c:cd:80:9b:1c:59:7c:e2:63:8c:6e:b9:a1:54:
9b:bb:3e:9c:b6:19:05:b4:18:5f:af:a0:d0:e1:11:
7e:7b:20:84:da:78:a4:14:40:2a:e9:36:68:2e:ba:
3a:35:76:58:81:c2:a1:a6:4c:d3:61:17:24:35:83:
82:ef:00:b7:2b:95:18:b1:2c:50:a2:df:ac:eb:26:
b0:f9:a8:26:67:81:52:ef:bb:61:a7:93:1b:cb:3e:
13:4b:62:d2:ae:8a:81:bf:c5:ab:5b:09:16:63:6a:
cf:52:39:b1:ba:0d:a7:4d:2c:be:56:ab:ba:49:7a:
20:7e:63:58:32:03:fd:b6:36:53:e6:5a:03:5d:b6:
36:ba:d2:fe:19:ce:a9:2c:5d:92:a9:8c:12:3d:89:
8f:97:47:df:d8:96:15:28:da:ae:82:b4:19:7e:58:
35:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D4:E0:72:76:32:D7:6D:84:DE:14:58:E9:43:C0:54:01:51:03:7D
X509v3 Authority Key Identifier:
keyid:AF:48:F6:7F:53:FC:E9:89:1D:41:59:3A:C8:4C:AE:30:4A:BF:CB:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0j2f1P86YkdQVk6yEyuMEq_y88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/JtTgcnYy122E3hRY6UPAVAFRA30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/r0j2f1P86YkdQVk6yEyuMEq_y88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.171.0/24
Signature Algorithm: sha256WithRSAEncryption
97:73:13:1e:a3:b0:88:d6:56:57:df:47:e9:bc:1e:bb:c2:af:
36:17:f4:a7:bb:9c:b3:ca:e9:ba:b8:47:1b:f7:70:0c:5d:40:
ad:99:3d:fa:a7:b0:92:03:88:12:04:b5:49:21:58:72:25:7f:
6e:1d:22:9e:7b:5d:b2:bc:74:4b:d7:91:e5:cd:a9:66:b6:ed:
47:92:79:be:00:13:cf:78:14:73:80:20:bf:e2:5f:be:38:53:
7c:fd:b1:3e:df:16:7f:24:75:7c:e1:42:a6:85:eb:7a:c7:82:
d1:58:28:c4:73:16:c4:8c:bf:47:56:35:a8:51:aa:89:8d:c0:
7d:b4:27:8b:62:ea:76:f1:74:77:3a:80:37:c9:bb:cd:b8:2d:
14:51:6b:80:b4:0f:03:ac:97:d4:86:a3:ce:d6:7e:e5:08:70:
77:83:2c:83:fc:02:1c:c3:9c:53:cb:57:4e:c5:b5:b2:46:ea:
28:3c:5f:d1:2b:4f:d7:d9:73:4b:a3:0e:5d:b9:a9:fb:ac:16:
04:00:fa:45:ff:1c:11:84:bd:08:e0:a5:fa:cc:ed:bc:13:38:
55:30:8b:cf:c4:86:f5:db:3c:58:2a:d5:6c:dd:63:a3:7f:18:
7c:a1:85:dd:05:f8:bc:3c:bc:f7:19:12:35:39:fd:d8:8d:a5:
ef:86:98:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+FVCapaBQFeKRP0k7xHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNDhmNjdmNTNmY2U5ODkxZDQxNTkzYWM4NGNhZTMwNGFi
ZmNiY2YwHhcNMjMwMTAxMTA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ0ZTA3Mjc2MzJkNzZkODRkZTE0NThlOTQzYzA1NDAxNTEwMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8NngklVtH90qs0HsmF2oZlx7RhB
Xje2N97CJEMBBVZCjfd0DpaFkS2fg80naaB6xA6e7MMJG5fvOixFp/0DcVOw8Yca
fRV7SdDnXCIL55+GjyYnysp9v9zJLM2AmxxZfOJjjG65oVSbuz6cthkFtBhfr6DQ
4RF+eyCE2nikFEAq6TZoLro6NXZYgcKhpkzTYRckNYOC7wC3K5UYsSxQot+s6yaw
+agmZ4FS77thp5Mbyz4TS2LSroqBv8WrWwkWY2rPUjmxug2nTSy+Vqu6SXogfmNY
MgP9tjZT5loDXbY2utL+Gc6pLF2SqYwSPYmPl0ff2JYVKNqugrQZflg17wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbU4HJ2MtdthN4UWOlDwFQBUQN9MB8GA1UdIwQY
MBaAFK9I9n9T/OmJHUFZOshMrjBKv8vPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjBqMmYxUDg2WWtkUVZrNnlFeXVNRXFfeTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMTU0NWItZmM1Mi00NGMwLThmNTct
Mjg4NGRkODI0OGQ2LzEvSnRUZ2NuWXkxMjJFM2hSWTZVUEFWQUZSQTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMTU0NWItZmM1Mi00NGMwLThmNTctMjg4NGRkODI0OGQ2
LzEvcjBqMmYxUDg2WWtkUVZrNnlFeXVNRXFfeTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwamrMA0G
CSqGSIb3DQEBCwUAA4IBAQCXcxMeo7CI1lZX30fpvB67wq82F/Snu5yzyum6uEcb
93AMXUCtmT36p7CSA4gSBLVJIVhyJX9uHSKee12yvHRL15Hlzalmtu1Hknm+ABPP
eBRzgCC/4l++OFN8/bE+3xZ/JHV84UKmhet6x4LRWCjEcxbEjL9HVjWoUaqJjcB9
tCeLYup28XR3OoA3ybvNuC0UUWuAtA8DrJfUhqPO1n7lCHB3gyyD/AIcw5xTy1dO
xbWyRuooPF/RK0/X2XNLow5duan7rBYEAPpF/xwRhL0I4KX6zO28EzhVMIvPxIb1
2zxYKtVs3WOjfxh8oYXdBfi8PLz3GRI1Of3YjaXvhphq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:32 2025 by rpki-client