Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/psvmDMM33l4dYFuJG6nKpIDNVX0.roa
File: psvmDMM33l4dYFuJG6nKpIDNVX0.roa (raw, json)
Hash identifier: fcQwroRlfnUemb6dV7isR8fVCPRRUixgBdsWP5TZatw=
Subject key identifier: A6:CB:E6:0C:C3:37:DE:5E:1D:60:5B:89:1B:A9:CA:A4:80:CD:55:7D
Certificate issuer: /CN=6b76c9314faccda8490110b34e79946dd8ebad3a
Certificate serial: 01856E268CD547AEDB868EC45679773F89E1
Authority key identifier: 6B:76:C9:31:4F:AC:CD:A8:49:01:10:B3:4E:79:94:6D:D8:EB:AD:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a3bJMU-szahJARCzTnmUbdjrrTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/psvmDMM33l4dYFuJG6nKpIDNVX0.roa
Signing time: Sun 01 Jan 2023 16:24:58 +0000
ROA not before: Sun 01 Jan 2023 16:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50110
IP address blocks: 193.104.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:8c:d5:47:ae:db:86:8e:c4:56:79:77:3f:89:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b76c9314faccda8490110b34e79946dd8ebad3a
Validity
Not Before: Jan 1 16:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6cbe60cc337de5e1d605b891ba9caa480cd557d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a5:f0:40:1d:80:31:86:b8:ad:2f:4e:c4:df:
b7:63:a7:a1:91:fb:9f:7b:ba:f3:35:a9:45:ef:94:
df:e6:40:25:41:4c:c6:e0:37:1b:36:c1:4e:ce:cd:
b5:2a:ca:7c:01:90:0d:59:20:8a:d9:fb:91:65:b9:
68:1b:66:e9:43:3f:b0:65:b6:37:54:d1:ce:a4:fa:
10:5d:c9:19:a0:59:11:5e:a2:b3:2f:9c:0c:16:e2:
89:e6:8f:b1:30:1b:b6:b6:2b:f9:a4:88:a0:12:d9:
01:b2:22:85:d8:2e:71:66:90:66:62:c3:5a:ba:ae:
51:92:d1:ec:b1:9d:bb:7d:b7:a4:f0:47:cb:0f:6f:
a5:8c:ed:bd:d6:cf:cc:6e:9a:fc:4f:b6:73:2d:6a:
a3:38:15:52:45:e7:0d:43:03:cb:b8:19:d5:6c:e3:
a6:57:2e:2c:d1:d4:21:0a:1a:7f:ab:75:7a:e4:00:
64:b5:c4:51:c0:bf:bc:ec:61:c3:91:49:02:89:b9:
6b:37:04:fb:2d:43:e8:1f:ff:a3:78:12:7e:83:2c:
fb:71:6f:98:e1:20:14:78:0d:22:37:b6:72:e1:8b:
3b:dd:fa:be:45:19:5c:72:80:7f:53:b5:7c:02:c0:
44:05:86:f8:00:fc:7c:cc:d3:75:1e:d5:a2:36:66:
8d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:CB:E6:0C:C3:37:DE:5E:1D:60:5B:89:1B:A9:CA:A4:80:CD:55:7D
X509v3 Authority Key Identifier:
keyid:6B:76:C9:31:4F:AC:CD:A8:49:01:10:B3:4E:79:94:6D:D8:EB:AD:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3bJMU-szahJARCzTnmUbdjrrTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/psvmDMM33l4dYFuJG6nKpIDNVX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/a3bJMU-szahJARCzTnmUbdjrrTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.132.0/24
Signature Algorithm: sha256WithRSAEncryption
68:aa:a5:6f:bb:b0:d8:ab:51:43:ec:f0:04:93:5f:a3:8b:a6:
13:25:2c:01:95:cd:55:cd:72:27:70:13:28:7a:a4:33:dd:e7:
fd:30:10:d8:4a:df:cc:98:92:d3:73:8b:c3:a2:90:81:15:22:
9c:60:03:bb:f2:98:95:51:21:8e:72:12:8f:f0:74:a5:48:07:
a4:46:cc:35:3f:bd:d4:5a:5f:df:74:83:36:ce:d7:69:de:a2:
29:12:14:22:25:57:e0:f4:b8:19:0b:91:4d:71:96:b9:b5:3a:
1e:b5:bd:f8:0b:65:7d:a6:1c:bd:e2:17:e8:ed:02:bc:54:a0:
8b:8a:9e:e0:1f:63:e9:8a:91:af:90:43:16:26:4a:1a:d4:64:
f8:3a:03:32:10:25:ed:b4:02:bc:1b:4b:72:48:6d:15:81:36:
85:a8:e7:03:3f:33:98:ea:2f:12:73:a6:73:6b:d6:e3:51:07:
31:31:34:39:08:6f:7f:84:0f:96:c9:8e:44:c2:c5:1d:c3:d8:
66:dc:f3:04:99:01:f8:d6:fd:17:d4:c2:ba:ac:48:92:89:57:
b1:10:d0:12:da:3c:64:10:a2:0c:db:cf:a1:77:16:f8:d5:1d:
57:d5:b4:de:41:81:dc:dc:b2:18:2c:ba:c3:42:00:da:f3:b6:
3e:01:a3:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJozVR67bho7EVnl3P4nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNzZjOTMxNGZhY2NkYTg0OTAxMTBiMzRlNzk5NDZkZDhl
YmFkM2EwHhcNMjMwMTAxMTYyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmNiZTYwY2MzMzdkZTVlMWQ2MDViODkxYmE5Y2FhNDgwY2Q1NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKXwQB2AMYa4rS9OxN+3Y6ehkfuf
e7rzNalF75Tf5kAlQUzG4DcbNsFOzs21Ksp8AZANWSCK2fuRZbloG2bpQz+wZbY3
VNHOpPoQXckZoFkRXqKzL5wMFuKJ5o+xMBu2tiv5pIigEtkBsiKF2C5xZpBmYsNa
uq5RktHssZ27fbek8EfLD2+ljO291s/Mbpr8T7ZzLWqjOBVSRecNQwPLuBnVbOOm
Vy4s0dQhChp/q3V65ABktcRRwL+87GHDkUkCiblrNwT7LUPoH/+jeBJ+gyz7cW+Y
4SAUeA0iN7Zy4Ys73fq+RRlccoB/U7V8AsBEBYb4APx8zNN1HtWiNmaNswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbL5gzDN95eHWBbiRupyqSAzVV9MB8GA1UdIwQY
MBaAFGt2yTFPrM2oSQEQs055lG3Y6606MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTNiSk1VLXN6YWhKQVJDelRubVViZGpyclRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zYWQ0NTMtNGRmZi00NDNhLWJmNjEt
ODgxYzEwYzRmNzA0LzEvcHN2bURNTTMzbDRkWUZ1Skc2bktwSUROVlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zYWQ0NTMtNGRmZi00NDNhLWJmNjEtODgxYzEwYzRmNzA0
LzEvYTNiSk1VLXN6YWhKQVJDelRubVViZGpyclRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWiEMA0G
CSqGSIb3DQEBCwUAA4IBAQBoqqVvu7DYq1FD7PAEk1+ji6YTJSwBlc1VzXIncBMo
eqQz3ef9MBDYSt/MmJLTc4vDopCBFSKcYAO78piVUSGOchKP8HSlSAekRsw1P73U
Wl/fdIM2ztdp3qIpEhQiJVfg9LgZC5FNcZa5tToetb34C2V9phy94hfo7QK8VKCL
ip7gH2PpipGvkEMWJkoa1GT4OgMyECXttAK8G0tySG0VgTaFqOcDPzOY6i8Sc6Zz
a9bjUQcxMTQ5CG9/hA+WyY5EwsUdw9hm3PMEmQH41v0X1MK6rEiSiVexENAS2jxk
EKIM28+hdxb41R1X1bTeQYHc3LIYLLrDQgDa87Y+AaOj
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:54:08 2025 by rpki-client