Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa
File: 4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa (raw, json)
Hash identifier: Igw/LAW3ewgUpXMC1Mjp4JOMptVEuNDc65CcY8CSDOU=
Subject key identifier: E1:63:B8:3D:6D:58:E1:5C:D1:F2:17:D9:37:3A:2E:08:51:7A:29:54
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188D8A7A1E2A18CD363C517A2213E2DB4B3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa
Signing time: Tue 20 Jun 2023 11:54:04 +0000
ROA not before: Tue 20 Jun 2023 11:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:a7:a1:e2:a1:8c:d3:63:c5:17:a2:21:3e:2d:b4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 20 11:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e163b83d6d58e15cd1f217d9373a2e08517a2954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cc:e4:ba:5e:5a:dc:23:19:d4:70:aa:ad:b8:
46:9e:69:41:56:c8:c5:4c:ea:cc:df:8e:4f:1d:d7:
e6:0f:78:0d:0e:a7:ac:c7:a4:35:e9:dc:fd:b6:a7:
1c:80:b5:0d:6e:f1:0f:e2:ec:43:9f:9c:6e:8f:3b:
75:93:84:b8:04:a4:54:37:0d:89:e9:c6:3b:b7:c8:
c6:39:99:d3:cd:8b:80:28:e2:20:b2:9b:c8:c4:d2:
25:2c:0e:8d:b9:94:c4:2c:67:a4:1f:35:f3:75:9a:
1b:7f:97:22:31:03:55:82:5c:a3:eb:5e:d5:53:89:
51:35:42:c7:ab:31:80:7f:6c:49:fb:ab:b6:fe:4d:
97:4f:dc:d7:c1:c8:9e:a8:0d:30:fe:c7:8f:a7:e7:
52:12:3b:c2:ce:6b:fd:9f:88:79:ac:09:25:74:ef:
2f:33:56:e2:7f:d5:e1:a5:4f:ad:0b:2b:0c:58:38:
3f:80:76:01:88:4e:bf:25:1c:c8:ba:54:4a:6c:48:
c1:61:90:60:98:7e:ac:36:98:fa:9d:44:b0:3a:83:
6a:ad:88:ce:3b:a8:61:67:00:dd:04:60:8f:72:06:
8f:82:74:53:86:48:3c:72:2f:f2:61:d1:84:19:7e:
a1:61:62:79:d9:2e:49:a0:f4:e8:dc:0b:e7:6c:3f:
9e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:63:B8:3D:6D:58:E1:5C:D1:F2:17:D9:37:3A:2E:08:51:7A:29:54
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
22:2e:44:28:f2:89:f6:f3:1c:f4:27:1a:47:b3:27:57:aa:9d:
21:a8:6e:09:6d:21:86:1e:b1:a8:f9:20:f5:f0:04:ae:c7:14:
22:84:e8:af:43:69:c5:f1:76:bd:94:00:28:48:9c:6b:41:20:
5a:14:58:ef:e3:1e:3c:76:c5:a0:7f:a8:97:42:be:a5:dd:bb:
c8:7c:4f:74:f0:b5:fc:d7:17:9b:65:04:e3:8a:8b:de:25:15:
a7:33:49:2e:4a:2a:9a:09:a1:05:78:15:2b:c6:bc:2c:90:33:
47:c5:0f:c5:32:64:0f:43:6a:99:65:58:7f:fe:6b:8e:37:4f:
af:84:0f:f5:3f:ad:e6:50:4a:74:5c:90:a3:5a:ea:a1:ff:40:
bb:98:46:1f:1b:67:ad:f1:cd:23:73:8c:66:5e:80:0a:8a:2d:
5b:f2:d4:89:ad:76:b9:e0:ce:cc:fb:0a:6f:bd:c4:1a:03:d2:
ee:c3:c1:8e:98:2f:a1:71:ed:43:b9:3d:7e:6e:56:0a:c8:47:
3a:2f:b0:5c:e2:f8:77:b6:97:95:44:8a:9c:cc:c3:18:81:44:
9d:e1:39:6a:98:26:16:ec:09:07:6a:95:c6:32:05:ec:10:d7:
af:9b:7d:21:c4:6b:f9:d4:7e:8d:75:7f:75:0b:6a:26:59:8a:
48:12:cb:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjYp6HioYzTY8UXoiE+LbSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjIwMTE1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTYzYjgzZDZkNThlMTVjZDFmMjE3ZDkzNzNhMmUwODUxN2EyOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApczkul5a3CMZ1HCqrbhGnmlBVsjF
TOrM345PHdfmD3gNDqesx6Q16dz9tqccgLUNbvEP4uxDn5xujzt1k4S4BKRUNw2J
6cY7t8jGOZnTzYuAKOIgspvIxNIlLA6NuZTELGekHzXzdZobf5ciMQNVglyj617V
U4lRNULHqzGAf2xJ+6u2/k2XT9zXwcieqA0w/sePp+dSEjvCzmv9n4h5rAkldO8v
M1bif9XhpU+tCysMWDg/gHYBiE6/JRzIulRKbEjBYZBgmH6sNpj6nUSwOoNqrYjO
O6hhZwDdBGCPcgaPgnRThkg8ci/yYdGEGX6hYWJ52S5JoPTo3AvnbD+eGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFjuD1tWOFc0fIX2Tc6LghReilUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNFdPNFBXMVk0VnpSOGhmWk56b3VDRkY2S1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZgqMA0G
CSqGSIb3DQEBCwUAA4IBAQAiLkQo8on28xz0JxpHsydXqp0hqG4JbSGGHrGo+SD1
8ASuxxQihOivQ2nF8Xa9lAAoSJxrQSBaFFjv4x48dsWgf6iXQr6l3bvIfE908LX8
1xebZQTjioveJRWnM0kuSiqaCaEFeBUrxrwskDNHxQ/FMmQPQ2qZZVh//muON0+v
hA/1P63mUEp0XJCjWuqh/0C7mEYfG2et8c0jc4xmXoAKii1b8tSJrXa54M7M+wpv
vcQaA9Luw8GOmC+hce1DuT1+blYKyEc6L7Bc4vh3tpeVRIqczMMYgUSd4TlqmCYW
7AkHapXGMgXsENevm30hxGv51H6NdX91C2omWYpIEst7
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:28 2025 by rpki-client