Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/h5kFJtID-8GYLyPJ4Taw29HNqyc.roa
File: h5kFJtID-8GYLyPJ4Taw29HNqyc.roa (raw, json)
Hash identifier: 1FjJsIT9lXLW9YuA95CR2rQcLx+/8qqgwRHh/UJVV6I=
Subject key identifier: 87:99:05:26:D2:03:FB:C1:98:2F:23:C9:E1:36:B0:DB:D1:CD:AB:27
Certificate issuer: /CN=4d2f9fd5c8a14cdc9f31c4585cd60db57cffb4c2
Certificate serial: 01856F6FF918B94D555E196CFD33E547B85B
Authority key identifier: 4D:2F:9F:D5:C8:A1:4C:DC:9F:31:C4:58:5C:D6:0D:B5:7C:FF:B4:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TS-f1cihTNyfMcRYXNYNtXz_tMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/h5kFJtID-8GYLyPJ4Taw29HNqyc.roa
Signing time: Sun 01 Jan 2023 22:24:47 +0000
ROA not before: Sun 01 Jan 2023 22:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34022
IP address blocks: 193.17.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:f9:18:b9:4d:55:5e:19:6c:fd:33:e5:47:b8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d2f9fd5c8a14cdc9f31c4585cd60db57cffb4c2
Validity
Not Before: Jan 1 22:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87990526d203fbc1982f23c9e136b0dbd1cdab27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:53:e0:3f:50:ea:f6:22:1a:22:f8:b6:b7:
3b:cc:5a:d4:93:5e:3e:0e:02:05:db:52:08:16:b9:
58:84:6a:af:48:53:26:5b:9d:8b:66:76:a4:ee:b2:
ed:32:a3:fe:ae:1d:fd:41:08:9b:49:f0:49:5c:29:
4d:5c:de:7d:b5:ff:de:b7:4f:8a:26:f5:0d:89:36:
f9:da:4e:b2:4b:11:e3:ad:80:1c:72:0e:9f:0f:3c:
d7:08:aa:d8:bd:4c:a8:a8:8c:8b:d6:9b:6b:be:e1:
6f:a9:c1:10:f2:7f:ea:fd:43:69:62:a1:b4:93:13:
fa:4d:be:e3:8c:b4:9b:d6:10:9a:54:5c:12:94:03:
a6:27:6c:95:e3:78:7f:8d:4f:c4:87:7e:de:67:7a:
51:29:d3:8f:de:5b:5c:61:7c:91:3c:96:03:6c:31:
c8:ac:1d:7e:32:e5:26:67:79:14:4d:a8:21:cd:ba:
d4:01:cd:88:22:ea:f4:79:f3:50:ca:c7:56:46:1c:
9a:76:6a:ed:af:6a:d9:79:58:a3:32:ff:a0:10:e3:
44:a9:33:dc:3f:f7:96:d0:7a:11:28:6b:87:c3:6c:
51:df:1f:e6:5e:05:06:43:45:aa:30:bb:3b:6d:19:
ac:ff:1e:c9:06:ae:f2:50:9f:30:cd:34:ec:56:38:
92:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:99:05:26:D2:03:FB:C1:98:2F:23:C9:E1:36:B0:DB:D1:CD:AB:27
X509v3 Authority Key Identifier:
keyid:4D:2F:9F:D5:C8:A1:4C:DC:9F:31:C4:58:5C:D6:0D:B5:7C:FF:B4:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TS-f1cihTNyfMcRYXNYNtXz_tMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/h5kFJtID-8GYLyPJ4Taw29HNqyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/TS-f1cihTNyfMcRYXNYNtXz_tMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.195.0/24
Signature Algorithm: sha256WithRSAEncryption
64:54:72:22:9c:85:f4:64:33:49:77:52:e8:ed:91:4d:e1:ca:
3f:61:bc:22:e7:19:34:94:a0:90:71:9d:49:1f:fb:b1:d2:38:
6e:db:13:1e:df:13:62:98:eb:e6:6f:6a:14:7e:82:20:e3:5b:
0f:18:1d:58:a6:22:10:30:79:cf:b7:e5:e5:1c:0e:9b:46:30:
76:00:60:f2:4b:6d:a4:cc:7b:ae:e8:2c:9f:7a:53:d8:06:a1:
dc:91:b5:6d:ad:87:a2:50:21:d7:c5:24:17:73:86:02:aa:eb:
3a:0e:01:05:d1:17:37:5e:e9:d1:05:cd:6a:99:09:40:b7:93:
f0:7a:86:49:e5:31:0a:04:df:e2:cd:4d:62:2f:a3:ee:40:80:
dc:ef:23:e0:7d:34:db:bc:72:9c:99:6f:dc:77:a7:ad:04:f4:
c3:bd:8f:1a:4c:1b:2c:d3:4f:30:2d:5f:b6:04:8d:9e:86:c0:
32:57:34:01:88:4d:cd:c7:6e:30:6f:e1:90:cf:36:ee:e8:a6:
08:8e:a0:dd:f7:f6:5f:ed:b7:28:f0:71:d4:23:e0:6c:fa:27:
33:47:8d:c2:08:be:45:23:f5:84:5d:2f:07:29:dd:51:87:fb:
7f:3a:a2:7d:15:c6:42:c7:5a:a5:6c:78:b3:d6:dc:7a:17:1f:
1f:2a:cc:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvb/kYuU1VXhls/TPlR7hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmY5ZmQ1YzhhMTRjZGM5ZjMxYzQ1ODVjZDYwZGI1N2Nm
ZmI0YzIwHhcNMjMwMTAxMjIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk5MDUyNmQyMDNmYmMxOTgyZjIzYzllMTM2YjBkYmQxY2RhYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlItT4D9Q6vYiGiL4trc7zFrUk14+
DgIF21IIFrlYhGqvSFMmW52LZnak7rLtMqP+rh39QQibSfBJXClNXN59tf/et0+K
JvUNiTb52k6ySxHjrYAccg6fDzzXCKrYvUyoqIyL1ptrvuFvqcEQ8n/q/UNpYqG0
kxP6Tb7jjLSb1hCaVFwSlAOmJ2yV43h/jU/Eh37eZ3pRKdOP3ltcYXyRPJYDbDHI
rB1+MuUmZ3kUTaghzbrUAc2IIur0efNQysdWRhyadmrtr2rZeVijMv+gEONEqTPc
P/eW0HoRKGuHw2xR3x/mXgUGQ0WqMLs7bRms/x7JBq7yUJ8wzTTsVjiScQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeZBSbSA/vBmC8jyeE2sNvRzasnMB8GA1UdIwQY
MBaAFE0vn9XIoUzcnzHEWFzWDbV8/7TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFMtZjFjaWhUTnlmTWNSWVhOWU50WHpfdE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kYTRlNDYtMmE5My00NGE0LWI4ZTMt
YzIxMzNkZDgxYjU2LzEvaDVrRkp0SUQtOEdZTHlQSjRUYXcyOUhOcXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kYTRlNDYtMmE5My00NGE0LWI4ZTMtYzIxMzNkZDgxYjU2
LzEvVFMtZjFjaWhUTnlmTWNSWVhOWU50WHpfdE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRHDMA0G
CSqGSIb3DQEBCwUAA4IBAQBkVHIinIX0ZDNJd1Lo7ZFN4co/Ybwi5xk0lKCQcZ1J
H/ux0jhu2xMe3xNimOvmb2oUfoIg41sPGB1YpiIQMHnPt+XlHA6bRjB2AGDyS22k
zHuu6CyfelPYBqHckbVtrYeiUCHXxSQXc4YCqus6DgEF0Rc3XunRBc1qmQlAt5Pw
eoZJ5TEKBN/izU1iL6PuQIDc7yPgfTTbvHKcmW/cd6etBPTDvY8aTBss008wLV+2
BI2ehsAyVzQBiE3Nx24wb+GQzzbu6KYIjqDd9/Zf7bco8HHUI+Bs+iczR43CCL5F
I/WEXS8HKd1Rh/t/OqJ9FcZCx1qlbHiz1tx6Fx8fKsyo
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:17:40 2025 by rpki-client