Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/DzOr9yeqjarx7Y_hEJD797VjPr8.roa
File: DzOr9yeqjarx7Y_hEJD797VjPr8.roa (raw, json)
Hash identifier: 84gNyiZk2LxwofM8rP/h3su4g+HACPBQWcY7swtKM0E=
Subject key identifier: 0F:33:AB:F7:27:AA:8D:AA:F1:ED:8F:E1:10:90:FB:F7:B5:63:3E:BF
Certificate issuer: /CN=5a1b1acf226f3c2ffc31c1eb2b6a5194b50b52f4
Certificate serial: 01857102DC41BE615B4E88B826D844F9A807
Authority key identifier: 5A:1B:1A:CF:22:6F:3C:2F:FC:31:C1:EB:2B:6A:51:94:B5:0B:52:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhsazyJvPC_8McHrK2pRlLULUvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/DzOr9yeqjarx7Y_hEJD797VjPr8.roa
Signing time: Mon 02 Jan 2023 05:44:50 +0000
ROA not before: Mon 02 Jan 2023 05:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 193.239.22.0/23 maxlen: 23
193.239.20.0/22 maxlen: 22
193.239.20.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:dc:41:be:61:5b:4e:88:b8:26:d8:44:f9:a8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a1b1acf226f3c2ffc31c1eb2b6a5194b50b52f4
Validity
Not Before: Jan 2 05:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f33abf727aa8daaf1ed8fe11090fbf7b5633ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a2:b9:04:e6:9a:ea:45:0f:df:b7:03:e8:d7:
cf:2f:32:87:e1:01:29:b6:90:99:03:67:52:e5:64:
ed:b3:7e:21:4e:5d:09:4f:7e:f8:4b:78:8f:42:34:
4a:9a:ea:45:b0:63:b9:ed:20:6a:42:12:5e:2d:2e:
34:f9:1c:c1:8f:6b:07:3f:49:46:0e:dc:a9:51:bd:
bc:c2:36:95:7b:b2:54:63:28:bc:16:a1:ca:41:80:
29:a4:24:99:2d:08:b8:fa:1e:6f:f8:0b:6d:a0:2a:
24:a3:fc:3c:98:0f:ab:f3:d7:54:bd:a0:b3:42:da:
2b:44:44:57:8f:df:08:64:49:a2:8e:8b:15:8c:a8:
ed:a3:e7:0d:0f:9e:11:c2:a2:72:3e:83:76:cd:4c:
83:73:02:be:46:6e:4a:9d:92:cb:08:1e:16:18:07:
8b:a3:9b:c0:89:2d:c0:72:be:4e:37:17:8f:63:46:
8c:05:a6:7b:78:31:6a:36:1a:da:20:c5:c8:62:f9:
8d:57:1d:23:22:e8:c9:44:26:f6:01:69:26:bf:b3:
63:8c:e9:ed:77:16:2a:7a:e4:c7:06:14:b3:af:77:
b7:e1:30:79:9f:2c:5c:2b:ab:7a:ad:58:c8:7b:0e:
5c:47:5a:78:65:36:63:8d:e8:a7:08:92:85:a5:12:
e6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:33:AB:F7:27:AA:8D:AA:F1:ED:8F:E1:10:90:FB:F7:B5:63:3E:BF
X509v3 Authority Key Identifier:
keyid:5A:1B:1A:CF:22:6F:3C:2F:FC:31:C1:EB:2B:6A:51:94:B5:0B:52:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhsazyJvPC_8McHrK2pRlLULUvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/DzOr9yeqjarx7Y_hEJD797VjPr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/WhsazyJvPC_8McHrK2pRlLULUvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.20.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:e0:f1:2d:e2:b5:49:b9:fa:5f:35:16:aa:e6:a5:98:9b:39:
84:fe:bd:2c:bb:23:de:c5:3f:6e:b4:dc:8c:36:7b:9e:6b:a0:
de:4e:a8:90:03:b2:c7:c9:6d:03:f7:1e:48:c7:c1:77:d4:8c:
83:45:fc:de:99:cd:aa:e3:73:f7:dd:04:bf:31:8f:89:27:8f:
9e:a2:1a:6e:10:ef:c8:b4:43:cb:47:92:d9:e2:75:b8:6d:8f:
47:ab:58:74:58:1d:7d:c9:30:69:d2:8c:73:65:e7:92:70:d7:
51:d6:76:47:08:da:46:39:72:4e:6b:8b:0c:f5:be:a7:d3:ad:
a7:c9:ea:92:d7:66:1c:7e:d4:a6:42:2f:92:0d:1e:c3:4e:4b:
7d:4a:fa:f4:13:fd:b7:2c:b7:72:93:38:63:06:a5:6b:50:a3:
6c:cc:ce:d9:f5:8d:74:6a:e3:eb:1d:63:20:9b:a5:ac:ec:bb:
01:33:5a:ab:6b:40:a4:32:9c:a6:15:0d:dd:d8:b5:98:d3:76:
ed:18:a1:7c:df:11:e9:cc:38:68:83:a3:c8:f7:b6:5c:a5:e3:
d8:32:66:05:b5:b5:58:ac:ed:0b:10:72:24:f6:ed:2a:d5:db:
30:42:42:6e:29:0f:d1:18:e3:3c:98:f9:a4:b0:4d:f0:04:65:
ec:5c:c1:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAtxBvmFbToi4JthE+agHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMWIxYWNmMjI2ZjNjMmZmYzMxYzFlYjJiNmE1MTk0YjUw
YjUyZjQwHhcNMjMwMTAyMDU0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjMzYWJmNzI3YWE4ZGFhZjFlZDhmZTExMDkwZmJmN2I1NjMzZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqK5BOaa6kUP37cD6NfPLzKH4QEp
tpCZA2dS5WTts34hTl0JT374S3iPQjRKmupFsGO57SBqQhJeLS40+RzBj2sHP0lG
DtypUb28wjaVe7JUYyi8FqHKQYAppCSZLQi4+h5v+AttoCoko/w8mA+r89dUvaCz
QtorRERXj98IZEmijosVjKjto+cND54RwqJyPoN2zUyDcwK+Rm5KnZLLCB4WGAeL
o5vAiS3Acr5ONxePY0aMBaZ7eDFqNhraIMXIYvmNVx0jIujJRCb2AWkmv7NjjOnt
dxYqeuTHBhSzr3e34TB5nyxcK6t6rVjIew5cR1p4ZTZjjeinCJKFpRLm3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8zq/cnqo2q8e2P4RCQ+/e1Yz6/MB8GA1UdIwQY
MBaAFFobGs8ibzwv/DHB6ytqUZS1C1L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hzYXp5SnZQQ184TWNIcksycFJsTFVMVXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8yM2I1ZjktODg4MC00YjU0LWFkMDgt
NzMxZGRiMWMwN2VkLzEvRHpPcjl5ZXFqYXJ4N1lfaEVKRDc5N1ZqUHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8yM2I1ZjktODg4MC00YjU0LWFkMDgtNzMxZGRiMWMwN2Vk
LzEvV2hzYXp5SnZQQ184TWNIcksycFJsTFVMVXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwe8UMA0G
CSqGSIb3DQEBCwUAA4IBAQBu4PEt4rVJufpfNRaq5qWYmzmE/r0suyPexT9utNyM
Nnuea6DeTqiQA7LHyW0D9x5Ix8F31IyDRfzemc2q43P33QS/MY+JJ4+eohpuEO/I
tEPLR5LZ4nW4bY9Hq1h0WB19yTBp0oxzZeeScNdR1nZHCNpGOXJOa4sM9b6n062n
yeqS12YcftSmQi+SDR7DTkt9Svr0E/23LLdykzhjBqVrUKNszM7Z9Y10auPrHWMg
m6Ws7LsBM1qra0CkMpymFQ3d2LWY03btGKF83xHpzDhog6PI97ZcpePYMmYFtbVY
rO0LEHIk9u0q1dswQkJuKQ/RGOM8mPmksE3wBGXsXMH3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:25 2025 by rpki-client