Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/kwl7fr2hZDbq7Pkd-zfnBQ4Yqdo.roa
File: kwl7fr2hZDbq7Pkd-zfnBQ4Yqdo.roa (raw, json)
Hash identifier: r0VYIjd58/98+V+VVlgApt0tBVxcn6plmrxgcSdf1SA=
Subject key identifier: 93:09:7B:7E:BD:A1:64:36:EA:EC:F9:1D:FB:37:E7:05:0E:18:A9:DA
Certificate issuer: /CN=4d2f9fd5c8a14cdc9f31c4585cd60db57cffb4c2
Certificate serial: 0186DAD9867BE45FACBA3EA0262F0A2C046E
Authority key identifier: 4D:2F:9F:D5:C8:A1:4C:DC:9F:31:C4:58:5C:D6:0D:B5:7C:FF:B4:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TS-f1cihTNyfMcRYXNYNtXz_tMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/kwl7fr2hZDbq7Pkd-zfnBQ4Yqdo.roa
Signing time: Mon 13 Mar 2023 12:02:14 +0000
ROA not before: Mon 13 Mar 2023 12:02:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 193.17.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:da:d9:86:7b:e4:5f:ac:ba:3e:a0:26:2f:0a:2c:04:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d2f9fd5c8a14cdc9f31c4585cd60db57cffb4c2
Validity
Not Before: Mar 13 12:02:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93097b7ebda16436eaecf91dfb37e7050e18a9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:47:d1:4b:32:c1:c3:00:54:89:c6:0d:88:d8:
54:77:20:da:d0:d3:a6:b5:42:1c:63:8c:07:be:c4:
74:41:bd:a7:36:d1:69:66:03:9d:dc:3c:1b:4d:36:
f5:57:4f:25:c6:ef:e1:ec:ed:60:10:24:19:09:11:
9b:35:fa:8c:25:73:e5:68:4d:a9:64:e4:c7:d0:62:
79:17:4a:13:87:9a:26:93:ac:94:10:72:ef:60:87:
ce:a0:dc:9d:24:9a:b1:18:d1:4f:4b:32:a8:fa:4b:
aa:78:a3:78:01:27:d0:f5:5d:ba:ac:86:6d:55:35:
93:ab:e4:b8:c0:84:47:d7:ba:d4:84:1b:0d:55:ab:
22:b7:c2:f0:29:6c:5d:b8:5d:1c:cd:89:b0:17:6e:
a9:15:e5:2e:07:40:82:01:4d:38:ac:46:e2:fa:e7:
9f:87:62:f1:02:6b:2f:de:43:64:dc:67:91:f2:dc:
2b:7e:99:36:de:e1:d6:06:53:ab:e1:f5:91:2c:9f:
11:52:7c:2e:cf:19:81:7b:4f:60:c9:16:dc:95:a2:
d0:99:3a:60:db:c4:14:5c:8d:01:b2:49:b5:89:c4:
16:8c:32:45:8c:3a:14:1b:63:de:ba:2b:7c:db:0f:
05:8b:93:e0:21:29:85:00:1e:f7:0f:2b:df:e2:a4:
84:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:09:7B:7E:BD:A1:64:36:EA:EC:F9:1D:FB:37:E7:05:0E:18:A9:DA
X509v3 Authority Key Identifier:
keyid:4D:2F:9F:D5:C8:A1:4C:DC:9F:31:C4:58:5C:D6:0D:B5:7C:FF:B4:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TS-f1cihTNyfMcRYXNYNtXz_tMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/kwl7fr2hZDbq7Pkd-zfnBQ4Yqdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/da4e46-2a93-44a4-b8e3-c2133dd81b56/1/TS-f1cihTNyfMcRYXNYNtXz_tMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.195.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:0c:58:24:a3:5d:93:22:3f:26:4c:05:10:4b:5f:06:98:1f:
a8:e6:9e:0d:01:3c:8c:b7:ff:8c:d4:6a:91:48:76:86:f4:6b:
86:f2:4d:c0:66:eb:a0:68:ba:5d:e6:ee:f0:ed:0d:34:20:d9:
57:6c:29:40:e0:ae:a9:ee:12:05:04:8e:c4:66:b3:d7:94:37:
ee:3b:1e:b0:55:39:f1:c8:41:3f:65:05:4e:ce:97:3a:ab:29:
4a:53:c7:6f:89:0b:ff:96:11:43:8e:e9:73:e1:d6:a7:cc:f7:
0c:2f:47:55:c8:31:22:77:a5:53:bd:09:58:cb:89:bd:04:00:
34:93:9c:04:42:bd:e9:6b:30:69:a8:e2:bf:54:6a:8c:bf:76:
cb:82:da:03:70:31:d8:47:d3:a8:f5:93:4d:5d:3b:0e:f5:d2:
b3:75:27:42:64:9e:06:ba:9c:60:68:7b:82:78:ce:99:8c:c9:
3c:0b:0d:49:69:c9:d7:0a:28:35:98:84:77:d9:72:1f:93:42:
92:81:34:db:62:fa:63:66:13:4d:9e:5c:8b:09:cb:e7:60:e7:
0d:33:ba:1a:83:77:f6:72:c2:cc:1e:85:64:82:34:39:8e:5d:
7b:6c:9d:58:a1:ea:74:ce:ff:78:43:5e:e6:3e:cf:18:31:c3:
88:d6:4f:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYba2YZ75F+suj6gJi8KLARuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmY5ZmQ1YzhhMTRjZGM5ZjMxYzQ1ODVjZDYwZGI1N2Nm
ZmI0YzIwHhcNMjMwMzEzMTIwMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA5N2I3ZWJkYTE2NDM2ZWFlY2Y5MWRmYjM3ZTcwNTBlMThhOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUfRSzLBwwBUicYNiNhUdyDa0NOm
tUIcY4wHvsR0Qb2nNtFpZgOd3DwbTTb1V08lxu/h7O1gECQZCRGbNfqMJXPlaE2p
ZOTH0GJ5F0oTh5omk6yUEHLvYIfOoNydJJqxGNFPSzKo+kuqeKN4ASfQ9V26rIZt
VTWTq+S4wIRH17rUhBsNVasit8LwKWxduF0czYmwF26pFeUuB0CCAU04rEbi+uef
h2LxAmsv3kNk3GeR8twrfpk23uHWBlOr4fWRLJ8RUnwuzxmBe09gyRbclaLQmTpg
28QUXI0Bskm1icQWjDJFjDoUG2Peuit82w8Fi5PgISmFAB73Dyvf4qSEJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMJe369oWQ26uz5Hfs35wUOGKnaMB8GA1UdIwQY
MBaAFE0vn9XIoUzcnzHEWFzWDbV8/7TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFMtZjFjaWhUTnlmTWNSWVhOWU50WHpfdE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kYTRlNDYtMmE5My00NGE0LWI4ZTMt
YzIxMzNkZDgxYjU2LzEva3dsN2ZyMmhaRGJxN1BrZC16Zm5CUTRZcWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kYTRlNDYtMmE5My00NGE0LWI4ZTMtYzIxMzNkZDgxYjU2
LzEvVFMtZjFjaWhUTnlmTWNSWVhOWU50WHpfdE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRHDMA0G
CSqGSIb3DQEBCwUAA4IBAQBbDFgko12TIj8mTAUQS18GmB+o5p4NATyMt/+M1GqR
SHaG9GuG8k3AZuugaLpd5u7w7Q00INlXbClA4K6p7hIFBI7EZrPXlDfuOx6wVTnx
yEE/ZQVOzpc6qylKU8dviQv/lhFDjulz4danzPcML0dVyDEid6VTvQlYy4m9BAA0
k5wEQr3pazBpqOK/VGqMv3bLgtoDcDHYR9Oo9ZNNXTsO9dKzdSdCZJ4GupxgaHuC
eM6ZjMk8Cw1JacnXCig1mIR32XIfk0KSgTTbYvpjZhNNnlyLCcvnYOcNM7oag3f2
csLMHoVkgjQ5jl17bJ1Yoep0zv94Q17mPs8YMcOI1k/E
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:46:28 2025 by rpki-client