Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e6f13e-ebeb-4e26-9f91-8183751813d9/1/nUvAR3QyGzFQ06OuEsmQCwwDAXU.roa
File: nUvAR3QyGzFQ06OuEsmQCwwDAXU.roa (raw, json)
Hash identifier: 8WtvLZ+pntS6m4a3Or+aE97Jl3n6TzPLLWoEsd7O/ek=
Subject key identifier: 9D:4B:C0:47:74:32:1B:31:50:D3:A3:AE:12:C9:90:0B:0C:03:01:75
Certificate issuer: /CN=b53b0a45f060e10eccf126b6f667589b80328c95
Certificate serial: 01856DC1BFF6FD8F341CD0894FA5C66DDB62
Authority key identifier: B5:3B:0A:45:F0:60:E1:0E:CC:F1:26:B6:F6:67:58:9B:80:32:8C:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTsKRfBg4Q7M8Sa29mdYm4AyjJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e6f13e-ebeb-4e26-9f91-8183751813d9/1/nUvAR3QyGzFQ06OuEsmQCwwDAXU.roa
Signing time: Sun 01 Jan 2023 14:34:52 +0000
ROA not before: Sun 01 Jan 2023 14:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25066
IP address blocks: 193.201.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:bf:f6:fd:8f:34:1c:d0:89:4f:a5:c6:6d:db:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53b0a45f060e10eccf126b6f667589b80328c95
Validity
Not Before: Jan 1 14:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d4bc04774321b3150d3a3ae12c9900b0c030175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a2:1a:13:a6:47:81:d5:00:47:44:90:9f:aa:
94:9d:54:99:62:9d:e4:33:12:ab:36:f1:0c:8c:44:
07:80:8d:e8:bf:e7:26:4a:b9:f2:df:d5:a9:13:e6:
94:54:96:cb:cb:38:70:b0:9f:c8:1f:bd:e8:44:4f:
92:99:54:28:02:26:a9:cf:a8:dc:37:9f:55:90:e9:
af:de:ce:6e:96:b9:0f:02:71:c8:e0:15:d0:59:93:
b3:83:3b:8f:43:78:de:1e:7b:ee:45:b3:dd:8c:47:
7e:d3:dc:7a:40:a2:f5:08:4c:bc:98:df:f2:a7:98:
dc:12:17:f0:93:84:fc:0c:08:b5:46:1c:19:89:38:
87:c3:fa:6f:8c:21:cf:4e:fc:6e:f5:a7:7d:c1:a5:
db:16:98:74:db:52:6c:60:76:33:17:3b:18:c6:6c:
bd:9a:5c:ba:c8:9b:a9:2d:56:a3:08:c9:dc:22:d1:
25:02:38:95:fc:44:08:cc:9a:25:0f:a7:7e:95:9a:
93:c0:dc:f3:03:9b:a1:ed:02:b3:be:51:d8:65:be:
2b:3c:85:76:82:f9:50:42:86:e5:61:14:76:0b:df:
fd:11:88:5e:7c:71:84:61:ea:e4:dc:37:2a:41:c5:
d5:00:cb:8f:54:8e:47:be:7d:96:bd:9d:6a:62:06:
ce:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4B:C0:47:74:32:1B:31:50:D3:A3:AE:12:C9:90:0B:0C:03:01:75
X509v3 Authority Key Identifier:
keyid:B5:3B:0A:45:F0:60:E1:0E:CC:F1:26:B6:F6:67:58:9B:80:32:8C:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTsKRfBg4Q7M8Sa29mdYm4AyjJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e6f13e-ebeb-4e26-9f91-8183751813d9/1/nUvAR3QyGzFQ06OuEsmQCwwDAXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e6f13e-ebeb-4e26-9f91-8183751813d9/1/tTsKRfBg4Q7M8Sa29mdYm4AyjJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.109.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:fa:40:2c:58:d4:96:f9:8a:11:5d:a5:76:e6:b5:b5:8f:2f:
01:ea:89:3a:47:be:df:7d:96:80:42:49:7d:f5:98:60:e9:f4:
e7:43:60:72:f9:54:a8:c6:ba:8c:31:1e:c4:52:22:58:04:0c:
08:78:99:72:a6:0c:b9:c6:e4:15:1e:1a:f3:5d:a8:72:24:a5:
44:e5:9e:09:04:ec:83:ee:17:c4:af:16:b1:a1:6c:27:05:c4:
e4:c2:6c:02:13:a3:9b:46:8d:8e:88:ee:ca:23:8c:37:10:d1:
6a:79:62:28:74:89:b7:3d:71:68:ac:ca:80:86:3e:19:37:44:
7b:56:c6:3a:97:a9:29:a6:8f:28:fa:a8:95:48:0f:9b:2a:bd:
78:89:41:0e:d8:d1:4a:3a:a3:d7:9e:d9:ef:5d:76:ff:41:1c:
41:75:ff:47:94:25:47:22:4a:0a:82:ee:91:12:57:59:ba:4f:
05:88:35:17:d1:a1:a7:2c:b3:9b:38:00:10:ba:7f:f6:59:8f:
85:69:c3:0c:08:1b:e5:8c:c7:58:62:34:c1:95:32:3a:54:05:
a9:86:8b:c0:19:bc:d4:0f:9d:13:9b:47:6c:27:2f:ca:72:4c:
2d:9a:fe:7c:f2:09:88:f3:bd:ea:2b:1f:d8:e8:f3:6c:36:eb:
8f:c5:e4:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwb/2/Y80HNCJT6XGbdtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2IwYTQ1ZjA2MGUxMGVjY2YxMjZiNmY2Njc1ODliODAz
MjhjOTUwHhcNMjMwMTAxMTQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDRiYzA0Nzc0MzIxYjMxNTBkM2EzYWUxMmM5OTAwYjBjMDMwMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqIaE6ZHgdUAR0SQn6qUnVSZYp3k
MxKrNvEMjEQHgI3ov+cmSrny39WpE+aUVJbLyzhwsJ/IH73oRE+SmVQoAiapz6jc
N59VkOmv3s5ulrkPAnHI4BXQWZOzgzuPQ3jeHnvuRbPdjEd+09x6QKL1CEy8mN/y
p5jcEhfwk4T8DAi1RhwZiTiHw/pvjCHPTvxu9ad9waXbFph021JsYHYzFzsYxmy9
mly6yJupLVajCMncItElAjiV/EQIzJolD6d+lZqTwNzzA5uh7QKzvlHYZb4rPIV2
gvlQQoblYRR2C9/9EYhefHGEYerk3DcqQcXVAMuPVI5Hvn2WvZ1qYgbOxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1LwEd0MhsxUNOjrhLJkAsMAwF1MB8GA1UdIwQY
MBaAFLU7CkXwYOEOzPEmtvZnWJuAMoyVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRzS1JmQmc0UTdNOFNhMjltZFltNEF5akpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNmYxM2UtZWJlYi00ZTI2LTlmOTEt
ODE4Mzc1MTgxM2Q5LzEvblV2QVIzUXlHekZRMDZPdUVzbVFDd3dEQVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNmYxM2UtZWJlYi00ZTI2LTlmOTEtODE4Mzc1MTgxM2Q5
LzEvdFRzS1JmQmc0UTdNOFNhMjltZFltNEF5akpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcltMA0G
CSqGSIb3DQEBCwUAA4IBAQA6+kAsWNSW+YoRXaV25rW1jy8B6ok6R77ffZaAQkl9
9Zhg6fTnQ2By+VSoxrqMMR7EUiJYBAwIeJlypgy5xuQVHhrzXahyJKVE5Z4JBOyD
7hfErxaxoWwnBcTkwmwCE6ObRo2OiO7KI4w3ENFqeWIodIm3PXForMqAhj4ZN0R7
VsY6l6kppo8o+qiVSA+bKr14iUEO2NFKOqPXntnvXXb/QRxBdf9HlCVHIkoKgu6R
EldZuk8FiDUX0aGnLLObOAAQun/2WY+FacMMCBvljMdYYjTBlTI6VAWphovAGbzU
D50Tm0dsJy/Kckwtmv588gmI873qKx/Y6PNsNuuPxeQM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:52 2025 by rpki-client