Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3a90f5-65b5-40b5-8ed9-98c095c07e24/1/DU78HV_6pwU40qA7HizI-tL6AoM.roa
File: DU78HV_6pwU40qA7HizI-tL6AoM.roa (raw, json)
Hash identifier: Qh44eqBkg1KaBb/D4J2h3EN1xlvZKy1L3tRY6NDaIqY=
Subject key identifier: 0D:4E:FC:1D:5F:FA:A7:05:38:D2:A0:3B:1E:2C:C8:FA:D2:FA:02:83
Certificate issuer: /CN=515f61a6e08ded6f1ff50511c62089696ab564a8
Certificate serial: 01856D4180B349F59FC49C11F82F02A68763
Authority key identifier: 51:5F:61:A6:E0:8D:ED:6F:1F:F5:05:11:C6:20:89:69:6A:B5:64:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UV9hpuCN7W8f9QURxiCJaWq1ZKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3a90f5-65b5-40b5-8ed9-98c095c07e24/1/DU78HV_6pwU40qA7HizI-tL6AoM.roa
Signing time: Sun 01 Jan 2023 12:14:47 +0000
ROA not before: Sun 01 Jan 2023 12:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30849
IP address blocks: 193.23.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:80:b3:49:f5:9f:c4:9c:11:f8:2f:02:a6:87:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=515f61a6e08ded6f1ff50511c62089696ab564a8
Validity
Not Before: Jan 1 12:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d4efc1d5ffaa70538d2a03b1e2cc8fad2fa0283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:df:3c:c9:84:52:2d:ce:d1:76:38:72:69:58:
3d:36:15:72:e0:70:e3:ff:ce:1c:e6:e5:fa:0e:aa:
de:60:70:ed:4d:9e:43:67:15:b4:79:f4:13:67:09:
98:dd:f6:c4:dd:9d:da:84:b0:43:14:37:80:d5:07:
0f:03:3d:c4:ee:75:69:31:94:14:bc:19:e0:66:ff:
93:4f:5d:b2:44:4f:ba:15:0f:df:84:17:4b:01:19:
92:e6:39:a0:b0:c4:7a:08:b8:b7:1d:d4:13:c1:1e:
9d:97:4e:dc:0a:60:1f:70:b1:f1:cb:a1:ca:22:59:
b0:98:2b:93:4c:9c:51:ed:8b:4c:ec:18:be:d5:be:
ff:c2:c0:5e:c1:69:30:1a:96:9a:60:43:50:ea:0d:
c7:38:8a:0b:48:11:42:09:9e:76:b0:46:1e:2f:4c:
89:72:83:14:e5:09:39:8f:9f:54:0b:1b:d8:ec:4e:
3d:8f:89:9a:46:b3:47:33:66:8a:77:4e:bb:63:bf:
85:91:b3:2a:14:14:73:81:4f:7d:2a:1d:28:c3:36:
4c:92:f2:ea:06:7f:81:00:64:45:bb:bb:19:81:c2:
2c:ba:97:20:e3:33:80:c9:5c:4d:37:5c:27:4b:64:
6b:a6:8d:4a:d2:aa:9c:1d:b6:68:bd:cf:5c:a7:18:
04:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4E:FC:1D:5F:FA:A7:05:38:D2:A0:3B:1E:2C:C8:FA:D2:FA:02:83
X509v3 Authority Key Identifier:
keyid:51:5F:61:A6:E0:8D:ED:6F:1F:F5:05:11:C6:20:89:69:6A:B5:64:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UV9hpuCN7W8f9QURxiCJaWq1ZKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3a90f5-65b5-40b5-8ed9-98c095c07e24/1/DU78HV_6pwU40qA7HizI-tL6AoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3a90f5-65b5-40b5-8ed9-98c095c07e24/1/UV9hpuCN7W8f9QURxiCJaWq1ZKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.157.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0d:53:a4:47:f2:39:3d:aa:fb:ae:dc:f2:7d:f8:ca:3b:67:
45:b1:da:be:34:52:30:8b:b7:63:cb:60:f3:b0:80:63:37:bb:
8b:ce:bf:f6:92:6c:7a:e4:ff:88:62:25:21:4e:a5:00:3b:06:
ac:99:2c:6f:14:b5:fa:11:2d:38:79:f9:e2:c8:c4:d7:27:e2:
23:cb:da:9e:63:7f:ff:3a:cb:5d:34:c7:74:51:05:d5:7d:7a:
0b:0d:4a:a2:23:e0:1a:67:89:f1:db:d2:46:17:d4:64:c7:ec:
29:69:4d:ba:5a:bb:51:37:6a:55:03:1b:47:9b:08:a9:31:f5:
66:b9:82:e9:83:3c:38:e1:6b:5c:5c:24:32:7b:45:2b:9a:ad:
bb:7f:6b:8a:3d:1b:35:70:65:7d:e9:a8:ae:43:3e:79:b1:8d:
20:12:52:0e:72:8c:f2:41:71:d9:03:0d:41:8a:42:72:24:28:
20:d5:dc:7f:13:a5:41:1b:88:43:97:29:5c:60:4f:ba:f8:93:
3f:93:6f:a9:41:a7:51:e7:eb:ff:9b:0f:2d:19:02:b8:5c:0f:
3f:f4:9a:5c:62:08:29:2f:68:a6:0e:63:f3:b6:2d:1d:5b:cd:
ac:45:26:7e:95:93:f5:a6:e6:e0:ef:ad:50:1d:4f:3f:b5:18:
06:de:eb:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQYCzSfWfxJwR+C8CpodjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNWY2MWE2ZTA4ZGVkNmYxZmY1MDUxMWM2MjA4OTY5NmFi
NTY0YTgwHhcNMjMwMTAxMTIxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRlZmMxZDVmZmFhNzA1MzhkMmEwM2IxZTJjYzhmYWQyZmEwMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd88yYRSLc7RdjhyaVg9NhVy4HDj
/84c5uX6DqreYHDtTZ5DZxW0efQTZwmY3fbE3Z3ahLBDFDeA1QcPAz3E7nVpMZQU
vBngZv+TT12yRE+6FQ/fhBdLARmS5jmgsMR6CLi3HdQTwR6dl07cCmAfcLHxy6HK
IlmwmCuTTJxR7YtM7Bi+1b7/wsBewWkwGpaaYENQ6g3HOIoLSBFCCZ52sEYeL0yJ
coMU5Qk5j59UCxvY7E49j4maRrNHM2aKd067Y7+FkbMqFBRzgU99Kh0owzZMkvLq
Bn+BAGRFu7sZgcIsupcg4zOAyVxNN1wnS2Rrpo1K0qqcHbZovc9cpxgETwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1O/B1f+qcFONKgOx4syPrS+gKDMB8GA1UdIwQY
MBaAFFFfYabgje1vH/UFEcYgiWlqtWSoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVY5aHB1Q043VzhmOVFVUnhpQ0phV3ExWktnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zYTkwZjUtNjViNS00MGI1LThlZDkt
OThjMDk1YzA3ZTI0LzEvRFU3OEhWXzZwd1U0MHFBN0hpekktdEw2QW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zYTkwZjUtNjViNS00MGI1LThlZDktOThjMDk1YzA3ZTI0
LzEvVVY5aHB1Q043VzhmOVFVUnhpQ0phV3ExWktnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRedMA0G
CSqGSIb3DQEBCwUAA4IBAQB/DVOkR/I5Par7rtzyffjKO2dFsdq+NFIwi7djy2Dz
sIBjN7uLzr/2kmx65P+IYiUhTqUAOwasmSxvFLX6ES04efniyMTXJ+Ijy9qeY3//
OstdNMd0UQXVfXoLDUqiI+AaZ4nx29JGF9Rkx+wpaU26WrtRN2pVAxtHmwipMfVm
uYLpgzw44WtcXCQye0Urmq27f2uKPRs1cGV96aiuQz55sY0gElIOcozyQXHZAw1B
ikJyJCgg1dx/E6VBG4hDlylcYE+6+JM/k2+pQadR5+v/mw8tGQK4XA8/9JpcYggp
L2imDmPzti0dW82sRSZ+lZP1pubg761QHU8/tRgG3usf
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:44 2025 by rpki-client