Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f54cb3-ebae-46b2-8b17-84b57693c7a8/1/oFI0_jm5CP46I6wpfLKBIz13Ye4.roa
File: oFI0_jm5CP46I6wpfLKBIz13Ye4.roa (raw, json)
Hash identifier: bVuLscsflUY898IN+hnM4f2Una0FnCmgP66r5M/pLE8=
Subject key identifier: A0:52:34:FE:39:B9:08:FE:3A:23:AC:29:7C:B2:81:23:3D:77:61:EE
Certificate issuer: /CN=741491a6b10433b99615756fde9313f2be1d3df0
Certificate serial: 0201E3B8
Authority key identifier: 74:14:91:A6:B1:04:33:B9:96:15:75:6F:DE:93:13:F2:BE:1D:3D:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBSRprEEM7mWFXVv3pMT8r4dPfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/f54cb3-ebae-46b2-8b17-84b57693c7a8/1/oFI0_jm5CP46I6wpfLKBIz13Ye4.roa
Signing time: Sat 01 Jan 2022 09:06:12 +0000
ROA not before: Sat 01 Jan 2022 09:06:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9211
IP address blocks: 193.28.52.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33678264 (0x201e3b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=741491a6b10433b99615756fde9313f2be1d3df0
Validity
Not Before: Jan 1 09:06:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a05234fe39b908fe3a23ac297cb281233d7761ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:57:8f:b8:c1:97:ae:da:42:36:6c:31:79:51:
64:95:d9:1a:c4:18:e0:e8:a5:dd:e7:25:bf:ff:50:
ad:ed:bc:ad:ec:b9:fd:38:11:34:6b:94:47:c8:96:
db:52:a4:96:e2:73:3a:f4:44:92:a2:7d:4a:20:e7:
7a:ee:b5:ba:4f:09:13:59:aa:cc:2d:67:a0:35:68:
69:ca:77:29:1f:2c:63:c9:6c:1b:f9:f5:b2:39:be:
97:7b:0c:ae:25:87:3a:4e:58:80:94:ad:60:37:ec:
79:47:bd:42:77:49:7d:be:cd:cc:18:cf:e6:ee:98:
41:a2:85:d2:54:fb:ee:0c:2b:d0:49:b6:73:a0:38:
59:7a:1f:26:1a:b8:e8:ec:82:55:16:c2:0a:06:50:
0f:62:42:5e:7f:d1:97:24:15:21:86:6e:40:8e:90:
85:bb:03:3f:8d:09:82:75:ba:27:f5:f1:c8:7d:cc:
62:f1:4f:dc:fa:43:07:f2:5a:0e:62:44:76:78:43:
ef:8a:6e:7e:04:4a:6b:29:0b:63:02:e5:c6:ec:2b:
86:2d:80:b7:66:f9:31:fa:cb:46:84:48:4f:c4:13:
39:f0:c3:32:97:c2:73:9f:2c:b6:74:2a:d9:a8:4d:
31:fd:de:bd:4e:f8:1a:46:04:01:55:3f:06:2a:2f:
5e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:52:34:FE:39:B9:08:FE:3A:23:AC:29:7C:B2:81:23:3D:77:61:EE
X509v3 Authority Key Identifier:
keyid:74:14:91:A6:B1:04:33:B9:96:15:75:6F:DE:93:13:F2:BE:1D:3D:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBSRprEEM7mWFXVv3pMT8r4dPfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f54cb3-ebae-46b2-8b17-84b57693c7a8/1/oFI0_jm5CP46I6wpfLKBIz13Ye4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f54cb3-ebae-46b2-8b17-84b57693c7a8/1/dBSRprEEM7mWFXVv3pMT8r4dPfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.52.0/23
Signature Algorithm: sha256WithRSAEncryption
24:f3:9a:32:ed:de:7d:56:45:6a:18:c6:e3:4e:3e:00:98:a4:
48:ef:f9:7c:c7:ee:fb:5e:e9:b8:4e:88:56:c2:2e:e1:f1:80:
da:d8:84:80:a7:79:4b:48:7f:d1:07:2e:8c:75:1a:87:44:65:
25:17:1f:bf:65:0a:5c:98:52:fc:ab:5b:a2:de:c8:dc:82:a0:
bb:9e:c8:fd:44:e6:3e:67:aa:d3:88:57:1e:6a:c6:bf:91:96:
48:e6:53:4b:46:c2:c1:7f:46:3a:8b:f8:85:24:6e:c5:8c:b8:
fd:06:66:96:6f:11:c0:8d:44:67:cd:35:55:1a:8d:7c:4e:a9:
50:9f:b9:96:2a:23:6e:ec:80:d2:ac:c4:8e:dd:64:36:12:29:
63:74:06:3f:5c:2a:b4:4a:7e:6d:07:02:63:17:8a:15:31:cc:
c9:66:f1:70:b9:4d:5d:8e:4f:16:e8:e4:6c:82:34:4f:19:37:
29:7e:cb:9d:03:31:2b:c4:21:40:c3:c1:15:4c:b5:f8:19:81:
c9:06:24:f7:3a:c5:eb:2f:21:34:5b:be:02:23:a4:42:c6:23:
7a:1f:74:55:d7:65:7c:61:15:9e:3d:8c:ad:d4:3e:d0:fd:b8:
9a:e3:c5:2e:f8:35:c9:fe:42:58:b6:21:ea:3b:fa:3b:11:6e:
ea:91:8e:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgHjuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDE0OTFhNmIxMDQzM2I5OTYxNTc1NmZkZTkzMTNmMmJlMWQzZGYwMB4XDTIyMDEw
MTA5MDYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA1MjM0ZmUzOWI5
MDhmZTNhMjNhYzI5N2NiMjgxMjMzZDc3NjFlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdXj7jBl67aQjZsMXlRZJXZGsQY4Oil3eclv/9Qre28rey5
/TgRNGuUR8iW21KkluJzOvREkqJ9SiDneu61uk8JE1mqzC1noDVoacp3KR8sY8ls
G/n1sjm+l3sMriWHOk5YgJStYDfseUe9QndJfb7NzBjP5u6YQaKF0lT77gwr0Em2
c6A4WXofJhq46OyCVRbCCgZQD2JCXn/RlyQVIYZuQI6QhbsDP40JgnW6J/XxyH3M
YvFP3PpDB/JaDmJEdnhD74pufgRKaykLYwLlxuwrhi2At2b5MfrLRoRIT8QTOfDD
MpfCc58stnQq2ahNMf3evU74GkYEAVU/BiovXo0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgUjT+ObkI/jojrCl8soEjPXdh7jAfBgNVHSMEGDAWgBR0FJGmsQQzuZYV
dW/ekxPyvh098DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RCU1JwckVFTTdtV0ZYVnYzcE1UOHI0ZFBmQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZjU0Y2IzLWViYWUtNDZiMi04YjE3LTg0YjU3NjkzYzdhOC8x
L29GSTBfam01Q1A0Nkk2d3BmTEtCSXoxM1llNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZjU0Y2IzLWViYWUtNDZiMi04YjE3LTg0YjU3NjkzYzdhOC8xL2RCU1JwckVFTTdt
V0ZYVnYzcE1UOHI0ZFBmQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcEcNDANBgkqhkiG9w0BAQsFAAOC
AQEAJPOaMu3efVZFahjG404+AJikSO/5fMfu+17puE6IVsIu4fGA2tiEgKd5S0h/
0QcujHUah0RlJRcfv2UKXJhS/Ktbot7I3IKgu57I/UTmPmeq04hXHmrGv5GWSOZT
S0bCwX9GOov4hSRuxYy4/QZmlm8RwI1EZ801VRqNfE6pUJ+5liojbuyA0qzEjt1k
NhIpY3QGP1wqtEp+bQcCYxeKFTHMyWbxcLlNXY5PFujkbII0Txk3KX7LnQMxK8Qh
QMPBFUy1+BmByQYk9zrF6y8hNFu+AiOkQsYjeh90VddlfGEVnj2MrdQ+0P24muPF
Lvg1yf5CWLYh6jv6OxFu6pGO5g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:54 2025 by rpki-client