Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/KSjDoQv9iBwbWBRUIqQIL5G0xeI.roa
File: KSjDoQv9iBwbWBRUIqQIL5G0xeI.roa (raw, json)
Hash identifier: s6TWr4tI9kpnCEVgspigKQOabMqAm74n+uTmo/FBw3w=
Subject key identifier: 29:28:C3:A1:0B:FD:88:1C:1B:58:14:54:22:A4:08:2F:91:B4:C5:E2
Certificate issuer: /CN=afab1e48def14b29d21d34234c448ea808e618bf
Certificate serial: 0188295B1111AFAAB793C42A71E18287EFFF
Authority key identifier: AF:AB:1E:48:DE:F1:4B:29:D2:1D:34:23:4C:44:8E:A8:08:E6:18:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6seSN7xSynSHTQjTESOqAjmGL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/KSjDoQv9iBwbWBRUIqQIL5G0xeI.roa
Signing time: Wed 17 May 2023 10:56:53 +0000
ROA not before: Wed 17 May 2023 10:56:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 193.246.28.0/24 maxlen: 24
193.246.31.0/24 maxlen: 24
193.246.30.0/24 maxlen: 24
193.246.29.0/24 maxlen: 24
193.246.24.0/21 maxlen: 24
193.246.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:5b:11:11:af:aa:b7:93:c4:2a:71:e1:82:87:ef:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afab1e48def14b29d21d34234c448ea808e618bf
Validity
Not Before: May 17 10:56:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2928c3a10bfd881c1b58145422a4082f91b4c5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:68:fe:44:1f:50:3b:ab:7c:f6:97:65:ec:42:
60:d7:9d:73:8c:eb:71:12:36:36:a3:c9:97:56:fd:
af:35:3a:39:0b:ae:6f:02:1e:d3:bf:bf:81:f9:d9:
a8:6a:66:dd:82:cf:1d:13:d9:85:af:8b:6a:a2:ee:
20:50:b6:da:ec:8b:1f:b1:ff:87:f6:2a:9e:b1:2d:
ef:40:f7:2b:20:0c:1a:59:76:bf:68:f3:d2:b1:a4:
f3:13:28:37:eb:8e:05:e3:16:26:f6:cd:76:83:21:
99:ae:fe:fc:95:2b:6e:f0:aa:f4:fa:c3:ae:2d:78:
b7:2b:7a:a2:a3:ce:90:a3:0d:b0:1b:9a:d5:1d:6c:
3e:b3:e1:c0:39:e8:98:65:c4:af:6c:0b:90:8a:57:
f9:24:22:fb:b4:1d:1d:e6:87:65:32:d5:6f:ce:8f:
7e:de:0d:d1:1d:74:d9:9b:6b:85:f3:eb:c3:f2:ef:
2c:68:b2:df:20:fb:f4:21:e5:e9:9e:94:80:5d:12:
c9:0e:1c:da:b6:fd:85:e7:4f:33:49:34:c1:5e:84:
c1:ac:dd:44:ff:88:6f:c3:bd:01:dc:9d:5b:b2:ec:
6f:a4:fd:f9:0f:31:f8:11:57:72:c3:a1:da:36:10:
6c:05:6b:ed:40:76:59:d6:b3:db:a2:1e:b4:e0:ef:
5c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:28:C3:A1:0B:FD:88:1C:1B:58:14:54:22:A4:08:2F:91:B4:C5:E2
X509v3 Authority Key Identifier:
keyid:AF:AB:1E:48:DE:F1:4B:29:D2:1D:34:23:4C:44:8E:A8:08:E6:18:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6seSN7xSynSHTQjTESOqAjmGL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/KSjDoQv9iBwbWBRUIqQIL5G0xeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0e607f-e21f-4cfa-a336-9314860c2c7f/1/r6seSN7xSynSHTQjTESOqAjmGL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.24.0/21
Signature Algorithm: sha256WithRSAEncryption
b2:db:88:63:c3:5c:14:08:6c:15:05:7d:d9:dc:56:48:1a:e5:
87:76:6d:20:28:41:22:f1:f5:0f:9c:5f:ef:5d:c1:3b:f2:e0:
ff:45:ff:94:02:cd:b4:85:59:72:3f:7d:77:eb:57:40:7f:99:
44:74:a6:f7:f8:ff:64:46:32:b7:c3:cf:7c:4a:46:33:4d:67:
73:81:c2:cb:d6:f1:d6:fd:36:11:97:26:6f:b6:fa:f5:50:c4:
f4:8e:22:bc:4a:9d:c3:ec:91:d9:a4:35:68:80:ff:8d:d4:59:
78:5d:a2:88:81:a8:d2:7e:30:fe:e7:47:e5:4a:84:4e:9f:bc:
c3:8a:3c:32:de:b1:98:41:41:15:87:c7:1e:ea:6b:10:18:fa:
6c:91:65:bb:6b:3f:0e:29:c4:25:66:1a:e0:01:b0:d2:7e:99:
c4:2e:de:08:50:6b:28:90:6e:79:cd:89:9b:14:ad:93:60:6c:
47:1e:a0:e3:18:b0:c2:ac:29:57:9e:7e:5b:b6:ed:6f:39:3c:
c1:53:9f:de:8f:ee:b6:1d:8f:c1:a0:76:74:f6:c0:d0:17:76:
0d:28:da:2f:ea:ba:34:2c:a6:4f:01:17:4f:a1:47:33:8a:34:
f3:01:9b:bf:2d:dc:5a:c1:e5:c9:c9:7e:62:24:fb:a4:9b:3f:
61:67:e9:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgpWxERr6q3k8QqceGCh+//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYWIxZTQ4ZGVmMTRiMjlkMjFkMzQyMzRjNDQ4ZWE4MDhl
NjE4YmYwHhcNMjMwNTE3MTA1NjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTI4YzNhMTBiZmQ4ODFjMWI1ODE0NTQyMmE0MDgyZjkxYjRjNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWj+RB9QO6t89pdl7EJg151zjOtx
EjY2o8mXVv2vNTo5C65vAh7Tv7+B+dmoambdgs8dE9mFr4tqou4gULba7Isfsf+H
9iqesS3vQPcrIAwaWXa/aPPSsaTzEyg3644F4xYm9s12gyGZrv78lStu8Kr0+sOu
LXi3K3qio86Qow2wG5rVHWw+s+HAOeiYZcSvbAuQilf5JCL7tB0d5odlMtVvzo9+
3g3RHXTZm2uF8+vD8u8saLLfIPv0IeXpnpSAXRLJDhzatv2F508zSTTBXoTBrN1E
/4hvw70B3J1bsuxvpP35DzH4EVdyw6HaNhBsBWvtQHZZ1rPboh604O9ctQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkow6EL/YgcG1gUVCKkCC+RtMXiMB8GA1UdIwQY
MBaAFK+rHkje8Usp0h00I0xEjqgI5hi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZzZVNON3hTeW5TSFRRalRFU09xQWptR0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wZTYwN2YtZTIxZi00Y2ZhLWEzMzYt
OTMxNDg2MGMyYzdmLzEvS1NqRG9RdjlpQndiV0JSVUlxUUlMNUcweGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wZTYwN2YtZTIxZi00Y2ZhLWEzMzYtOTMxNDg2MGMyYzdm
LzEvcjZzZVNON3hTeW5TSFRRalRFU09xQWptR0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwfYYMA0G
CSqGSIb3DQEBCwUAA4IBAQCy24hjw1wUCGwVBX3Z3FZIGuWHdm0gKEEi8fUPnF/v
XcE78uD/Rf+UAs20hVlyP31361dAf5lEdKb3+P9kRjK3w898SkYzTWdzgcLL1vHW
/TYRlyZvtvr1UMT0jiK8Sp3D7JHZpDVogP+N1Fl4XaKIgajSfjD+50flSoROn7zD
ijwy3rGYQUEVh8ce6msQGPpskWW7az8OKcQlZhrgAbDSfpnELt4IUGsokG55zYmb
FK2TYGxHHqDjGLDCrClXnn5btu1vOTzBU5/ej+62HY/BoHZ09sDQF3YNKNov6ro0
LKZPARdPoUczijTzAZu/LdxaweXJyX5iJPukmz9hZ+mP
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:24 2025 by rpki-client