Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a7c33b-682e-4e00-8211-bb94530841e5/1/75XTKqUxeSv2TDTjWVSvSHTz05g.roa
File: 75XTKqUxeSv2TDTjWVSvSHTz05g.roa (raw, json)
Hash identifier: RUZlCgWzpz4UPVsbG2jck6fhhdRzdrOEjS4uNcFW3Mg=
Subject key identifier: EF:95:D3:2A:A5:31:79:2B:F6:4C:34:E3:59:54:AF:48:74:F3:D3:98
Certificate issuer: /CN=01ce8a50dd43272b474d55443d2fac46566477c2
Certificate serial: 01856CEF3832F951E91EA2C0AC89B48F45EE
Authority key identifier: 01:CE:8A:50:DD:43:27:2B:47:4D:55:44:3D:2F:AC:46:56:64:77:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ac6KUN1DJytHTVVEPS-sRlZkd8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/a7c33b-682e-4e00-8211-bb94530841e5/1/75XTKqUxeSv2TDTjWVSvSHTz05g.roa
Signing time: Sun 01 Jan 2023 10:44:54 +0000
ROA not before: Sun 01 Jan 2023 10:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206907
IP address blocks: 193.200.84.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:38:32:f9:51:e9:1e:a2:c0:ac:89:b4:8f:45:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01ce8a50dd43272b474d55443d2fac46566477c2
Validity
Not Before: Jan 1 10:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef95d32aa531792bf64c34e35954af4874f3d398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f5:8e:7d:71:11:38:e2:03:e3:e5:18:68:ea:
04:66:5a:8e:cf:45:0d:7e:f4:09:72:40:32:d0:4c:
c8:bd:29:3a:6a:d1:65:ce:81:9c:19:e3:a0:0f:e9:
68:9d:5d:46:93:ce:ac:a9:46:ed:17:7c:c3:ea:ef:
20:14:70:70:a8:12:f0:b9:96:dc:59:70:37:56:3a:
80:03:96:9e:f7:cf:e9:97:40:96:0a:b4:e7:f8:78:
0c:d8:61:6d:5f:7e:30:6a:e5:d9:cf:e7:a4:69:aa:
1b:d8:68:f7:9b:6e:88:91:c7:70:5c:7f:40:12:f8:
fa:9c:6d:33:c4:a2:ac:37:0f:19:bc:48:3d:2d:b4:
d0:cb:04:87:14:a1:c8:8f:a9:7e:a1:25:9d:bd:08:
3a:56:36:36:d8:46:e2:48:f6:6b:ad:6c:e8:67:b4:
bb:c6:b0:f3:23:92:47:1a:ca:c5:6f:d7:00:f6:36:
24:55:c5:fc:c7:b2:04:a5:ec:c2:3c:59:ce:50:62:
65:7d:4c:11:d2:4f:2c:98:5a:64:3b:e9:dd:db:a1:
7b:64:c9:7b:43:54:cc:eb:a7:03:ca:d4:ee:f1:03:
3c:f2:21:7b:29:a6:c8:5c:1d:57:05:95:da:70:00:
57:74:11:17:b7:06:d5:3b:ea:63:ab:67:35:61:a6:
74:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:95:D3:2A:A5:31:79:2B:F6:4C:34:E3:59:54:AF:48:74:F3:D3:98
X509v3 Authority Key Identifier:
keyid:01:CE:8A:50:DD:43:27:2B:47:4D:55:44:3D:2F:AC:46:56:64:77:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ac6KUN1DJytHTVVEPS-sRlZkd8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a7c33b-682e-4e00-8211-bb94530841e5/1/75XTKqUxeSv2TDTjWVSvSHTz05g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a7c33b-682e-4e00-8211-bb94530841e5/1/Ac6KUN1DJytHTVVEPS-sRlZkd8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.84.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:80:5a:b2:a7:78:c7:49:f0:da:1c:3b:ea:61:a6:b6:e8:a6:
4f:8d:00:40:e4:85:dc:cd:9e:e9:44:c7:da:b2:36:9b:0c:dc:
8b:fe:12:28:ac:2b:b7:2c:5b:a8:eb:1d:b0:a1:b6:fa:4d:9d:
67:4e:7a:a0:73:96:46:12:08:2b:2f:d5:ee:4c:1e:47:f5:8a:
ae:0b:b3:37:7c:18:c7:ff:7f:cb:d7:49:42:9b:a3:0e:b7:40:
c9:b8:d2:be:c2:1d:a4:18:45:94:e5:51:db:69:58:d5:6f:a6:
28:fa:f7:e3:76:33:43:e4:60:00:ae:e5:98:f9:05:5d:2b:b1:
2a:cb:09:c1:b8:29:14:6e:d1:83:d9:15:e9:ee:f2:5a:c2:87:
23:0e:af:c5:6d:c1:7f:de:35:08:30:0d:94:3c:2b:85:36:40:
eb:95:b0:a2:a3:d8:42:87:f9:d9:f0:88:85:fc:58:ca:4b:2f:
5d:ca:1f:f9:35:a3:69:72:96:d6:c4:8b:a3:cc:53:45:22:aa:
d6:ca:bf:ae:d5:e3:26:87:05:19:73:c2:cf:58:d0:2a:28:37:
94:fc:2a:48:d2:05:cb:5a:8f:64:bf:e9:c3:a2:1d:e7:7d:ac:
1c:cd:54:02:05:3e:10:c4:82:43:2a:3f:84:67:1b:54:1d:1d:
65:81:2f:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7zgy+VHpHqLArIm0j0XuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxY2U4YTUwZGQ0MzI3MmI0NzRkNTU0NDNkMmZhYzQ2NTY2
NDc3YzIwHhcNMjMwMTAxMTA0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjk1ZDMyYWE1MzE3OTJiZjY0YzM0ZTM1OTU0YWY0ODc0ZjNkMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvWOfXEROOID4+UYaOoEZlqOz0UN
fvQJckAy0EzIvSk6atFlzoGcGeOgD+lonV1Gk86sqUbtF3zD6u8gFHBwqBLwuZbc
WXA3VjqAA5ae98/pl0CWCrTn+HgM2GFtX34wauXZz+ekaaob2Gj3m26IkcdwXH9A
Evj6nG0zxKKsNw8ZvEg9LbTQywSHFKHIj6l+oSWdvQg6VjY22EbiSPZrrWzoZ7S7
xrDzI5JHGsrFb9cA9jYkVcX8x7IEpezCPFnOUGJlfUwR0k8smFpkO+nd26F7ZMl7
Q1TM66cDytTu8QM88iF7KabIXB1XBZXacABXdBEXtwbVO+pjq2c1YaZ0zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO+V0yqlMXkr9kw041lUr0h089OYMB8GA1UdIwQY
MBaAFAHOilDdQycrR01VRD0vrEZWZHfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWM2S1VOMURKeXRIVFZWRVBTLXNSbFprZDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hN2MzM2ItNjgyZS00ZTAwLTgyMTEt
YmI5NDUzMDg0MWU1LzEvNzVYVEtxVXhlU3YyVERUaldWU3ZTSFR6MDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9hN2MzM2ItNjgyZS00ZTAwLTgyMTEtYmI5NDUzMDg0MWU1
LzEvQWM2S1VOMURKeXRIVFZWRVBTLXNSbFprZDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwchUMA0G
CSqGSIb3DQEBCwUAA4IBAQBtgFqyp3jHSfDaHDvqYaa26KZPjQBA5IXczZ7pRMfa
sjabDNyL/hIorCu3LFuo6x2wobb6TZ1nTnqgc5ZGEggrL9XuTB5H9YquC7M3fBjH
/3/L10lCm6MOt0DJuNK+wh2kGEWU5VHbaVjVb6Yo+vfjdjND5GAAruWY+QVdK7Eq
ywnBuCkUbtGD2RXp7vJawocjDq/FbcF/3jUIMA2UPCuFNkDrlbCio9hCh/nZ8IiF
/FjKSy9dyh/5NaNpcpbWxIujzFNFIqrWyr+u1eMmhwUZc8LPWNAqKDeU/CpI0gXL
Wo9kv+nDoh3nfawczVQCBT4QxIJDKj+EZxtUHR1lgS+i
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:12:43 2025 by rpki-client