Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3be914-9d1b-4e0b-bfd2-8bfcf906f76a/1/IyMaSKMpIukAAsKOU40t7dV4Dm4.roa
File: IyMaSKMpIukAAsKOU40t7dV4Dm4.roa (raw, json)
Hash identifier: L1KWPX83dVrOqbzTFiBexKwsY5dApSs+N1TIQF3GsDk=
Subject key identifier: 23:23:1A:48:A3:29:22:E9:00:02:C2:8E:53:8D:2D:ED:D5:78:0E:6E
Certificate issuer: /CN=c37a221b29dd463068c3a8d5cac146b057b5a9ed
Certificate serial: 01856F02091844388464AB18C6F89CAD5C17
Authority key identifier: C3:7A:22:1B:29:DD:46:30:68:C3:A8:D5:CA:C1:46:B0:57:B5:A9:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3oiGyndRjBow6jVysFGsFe1qe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3be914-9d1b-4e0b-bfd2-8bfcf906f76a/1/IyMaSKMpIukAAsKOU40t7dV4Dm4.roa
Signing time: Sun 01 Jan 2023 20:24:42 +0000
ROA not before: Sun 01 Jan 2023 20:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28919
IP address blocks: 193.163.14.0/24 maxlen: 24
2a10:d100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:09:18:44:38:84:64:ab:18:c6:f8:9c:ad:5c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c37a221b29dd463068c3a8d5cac146b057b5a9ed
Validity
Not Before: Jan 1 20:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23231a48a32922e90002c28e538d2dedd5780e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d0:2a:22:62:41:73:78:c8:0e:9d:38:8f:c9:
55:02:9a:7b:28:17:0e:89:ea:cc:f3:b9:03:68:ee:
19:d0:45:39:c2:13:15:e7:8a:07:3d:3d:fa:39:00:
6d:c4:6c:3a:80:70:42:69:66:35:46:29:e3:d8:45:
13:0a:68:d9:87:53:e7:d8:6c:66:b9:68:48:e2:49:
a6:aa:38:8d:46:02:06:8f:5e:cd:a0:82:29:42:a2:
57:5d:01:09:a4:56:10:bf:23:26:b3:ac:da:5a:89:
4e:bf:93:9d:94:6d:c7:76:5f:fc:60:c7:38:47:c8:
88:02:3e:33:78:76:6f:c8:61:3f:f5:1c:05:da:d5:
7c:75:6d:70:d1:62:df:b8:08:e2:a1:df:36:30:6c:
9b:e3:42:ad:6a:9c:0e:40:5e:f0:cb:d7:e9:15:d5:
ff:f5:bd:a2:71:9a:98:f4:aa:4b:ae:52:1e:d3:76:
22:54:0e:83:42:8f:5e:27:fe:49:ba:f6:9d:64:3c:
98:8f:c0:89:65:64:0b:e9:e0:11:b8:f8:fa:71:52:
d0:17:70:20:e3:f4:3f:7e:db:c4:14:d8:8c:d8:c8:
99:66:16:04:73:2c:e8:19:99:41:8f:48:3d:78:88:
13:de:87:29:d0:05:8a:66:bc:2f:f0:89:49:a7:0b:
94:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:23:1A:48:A3:29:22:E9:00:02:C2:8E:53:8D:2D:ED:D5:78:0E:6E
X509v3 Authority Key Identifier:
keyid:C3:7A:22:1B:29:DD:46:30:68:C3:A8:D5:CA:C1:46:B0:57:B5:A9:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3oiGyndRjBow6jVysFGsFe1qe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3be914-9d1b-4e0b-bfd2-8bfcf906f76a/1/IyMaSKMpIukAAsKOU40t7dV4Dm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3be914-9d1b-4e0b-bfd2-8bfcf906f76a/1/w3oiGyndRjBow6jVysFGsFe1qe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.14.0/24
IPv6:
2a10:d100::/32
Signature Algorithm: sha256WithRSAEncryption
1a:94:f7:b0:92:14:f1:9b:46:63:eb:6f:9f:bb:b7:79:1f:cf:
f5:ef:25:f8:d3:66:69:5f:6c:8f:63:54:69:e6:a3:86:97:e6:
c2:1e:5b:43:81:fd:33:af:60:44:b8:19:97:7d:15:88:9f:a6:
2c:08:79:ae:56:f7:52:a5:5d:c8:4a:c8:c2:f4:2f:04:07:42:
91:41:d0:d4:5b:4a:cf:b7:f8:20:54:c4:98:04:a6:71:95:58:
80:28:28:ce:26:2f:f8:48:dc:57:94:f3:ee:4c:2e:d1:55:85:
66:83:f6:81:dd:34:1a:39:12:3e:60:93:61:c4:4c:08:3f:63:
8d:ea:4f:75:7c:42:ea:b8:5a:84:89:1a:90:37:b9:31:40:51:
98:ab:e8:51:7d:c2:46:a6:32:12:61:7a:d7:a8:3a:c9:60:b8:
d9:2b:ba:1b:ab:9d:e6:2a:0f:2d:63:46:fd:e9:1c:04:29:e2:
1e:c6:1d:0c:1c:76:d7:24:d7:39:fa:90:a2:37:32:49:62:0f:
2f:3f:dd:c6:4c:29:bc:f0:6e:ec:23:13:8b:2d:6c:27:44:4d:
49:1c:6b:6c:5f:18:aa:4f:4d:20:1b:4d:e0:75:a1:cf:30:75:
31:dc:60:64:ec:ba:3d:ba:c4:ab:e6:52:c0:18:71:18:eb:71:
e4:2e:8e:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAgkYRDiEZKsYxvicrVwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzN2EyMjFiMjlkZDQ2MzA2OGMzYThkNWNhYzE0NmIwNTdi
NWE5ZWQwHhcNMjMwMTAxMjAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzIzMWE0OGEzMjkyMmU5MDAwMmMyOGU1MzhkMmRlZGQ1NzgwZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dAqImJBc3jIDp04j8lVApp7KBcO
ierM87kDaO4Z0EU5whMV54oHPT36OQBtxGw6gHBCaWY1Rinj2EUTCmjZh1Pn2Gxm
uWhI4kmmqjiNRgIGj17NoIIpQqJXXQEJpFYQvyMms6zaWolOv5OdlG3Hdl/8YMc4
R8iIAj4zeHZvyGE/9RwF2tV8dW1w0WLfuAjiod82MGyb40KtapwOQF7wy9fpFdX/
9b2icZqY9KpLrlIe03YiVA6DQo9eJ/5JuvadZDyYj8CJZWQL6eARuPj6cVLQF3Ag
4/Q/ftvEFNiM2MiZZhYEcyzoGZlBj0g9eIgT3ocp0AWKZrwv8IlJpwuUVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCMjGkijKSLpAALCjlONLe3VeA5uMB8GA1UdIwQY
MBaAFMN6Ihsp3UYwaMOo1crBRrBXtantMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNvaUd5bmRSakJvdzZqVnlzRkdzRmUxcWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zYmU5MTQtOWQxYi00ZTBiLWJmZDIt
OGJmY2Y5MDZmNzZhLzEvSXlNYVNLTXBJdWtBQXNLT1U0MHQ3ZFY0RG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zYmU5MTQtOWQxYi00ZTBiLWJmZDItOGJmY2Y5MDZmNzZh
LzEvdzNvaUd5bmRSakJvdzZqVnlzRkdzRmUxcWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaMOMA0E
AgACMAcDBQAqENEAMA0GCSqGSIb3DQEBCwUAA4IBAQAalPewkhTxm0Zj62+fu7d5
H8/17yX402ZpX2yPY1Rp5qOGl+bCHltDgf0zr2BEuBmXfRWIn6YsCHmuVvdSpV3I
SsjC9C8EB0KRQdDUW0rPt/ggVMSYBKZxlViAKCjOJi/4SNxXlPPuTC7RVYVmg/aB
3TQaORI+YJNhxEwIP2ON6k91fELquFqEiRqQN7kxQFGYq+hRfcJGpjISYXrXqDrJ
YLjZK7obq53mKg8tY0b96RwEKeIexh0MHHbXJNc5+pCiNzJJYg8vP93GTCm88G7s
IxOLLWwnRE1JHGtsXxiqT00gG03gdaHPMHUx3GBk7Lo9usSr5lLAGHEY63HkLo7K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:49 2025 by rpki-client