Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/3K6t9StVRRtAzzJ0PU6CUzauCsM.roa
File: 3K6t9StVRRtAzzJ0PU6CUzauCsM.roa (raw, json)
Hash identifier: mwGtEO+RluHTsQQd8gJetqA9ZSg2oHY9e2Lt38rwqSw=
Subject key identifier: DC:AE:AD:F5:2B:55:45:1B:40:CF:32:74:3D:4E:82:53:36:AE:0A:C3
Certificate issuer: /CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Certificate serial: 0185728C9EED75BC8935AD02BC02417FF021
Authority key identifier: AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/3K6t9StVRRtAzzJ0PU6CUzauCsM.roa
Signing time: Mon 02 Jan 2023 12:54:56 +0000
ROA not before: Mon 02 Jan 2023 12:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16184
IP address blocks: 193.109.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:9e:ed:75:bc:89:35:ad:02:bc:02:41:7f:f0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Validity
Not Before: Jan 2 12:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcaeadf52b55451b40cf32743d4e825336ae0ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:91:18:f6:d7:19:29:91:6b:ff:0e:14:dc:
d2:d8:76:6e:16:e1:97:07:02:a6:7b:1a:3e:9d:46:
98:ab:43:73:26:21:cb:e5:46:e9:d1:50:d8:56:03:
41:cf:5f:7b:e1:7e:d9:9e:1a:a1:53:0f:be:fa:53:
6c:14:1f:83:f1:58:d3:90:43:66:d4:c6:c2:1f:43:
6b:56:9c:33:2c:00:41:3d:2a:5e:ec:f9:8e:52:4d:
d1:4f:24:86:55:34:9f:a3:98:a6:2a:2d:97:97:ed:
c6:bc:76:16:02:3a:56:81:0a:eb:96:52:f7:b2:fc:
61:6c:ec:a9:1e:e3:fb:c4:d2:5e:c5:bc:0d:45:52:
de:90:33:93:38:df:5c:27:d3:d1:18:ea:f1:58:ee:
1f:4e:5c:2f:a0:92:c1:e6:20:a2:f3:b2:d9:3c:5f:
a0:f2:49:11:a2:0a:84:d7:84:ce:3d:81:e1:7d:29:
66:c9:d4:30:14:92:ab:b9:7f:a8:c6:9c:b4:91:f8:
66:e5:77:da:39:6b:24:9b:c7:49:c5:40:54:bb:56:
29:4c:e0:01:9c:bf:ae:ec:a7:20:4d:df:11:26:06:
0a:ee:2e:9d:71:bd:c0:ab:e1:d8:05:0c:15:7a:06:
48:10:52:8b:cb:48:bd:31:51:d5:00:54:e9:bb:30:
10:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AE:AD:F5:2B:55:45:1B:40:CF:32:74:3D:4E:82:53:36:AE:0A:C3
X509v3 Authority Key Identifier:
keyid:AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/3K6t9StVRRtAzzJ0PU6CUzauCsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.124.0/24
Signature Algorithm: sha256WithRSAEncryption
29:9e:a4:d3:40:93:96:ea:0b:11:69:d6:e9:e2:2a:4f:6e:9a:
cc:70:b0:9e:40:40:d4:47:b5:2a:ff:05:f8:eb:a4:f3:76:33:
dc:c3:af:6d:8e:1f:e1:55:a0:ce:d0:23:98:89:d7:c4:4f:81:
0c:2e:db:39:3c:30:3b:df:5f:5d:c7:3f:c1:eb:45:88:b5:27:
04:3e:a7:fb:f6:4c:f1:49:66:09:d7:bd:53:51:15:de:d2:17:
a3:d8:de:59:1e:a5:cc:0c:56:11:23:6b:af:93:5d:50:34:a5:
ab:bb:f7:cc:d1:74:c2:f2:86:ba:19:87:95:13:cd:02:fb:c0:
95:dc:a3:2b:31:81:ad:03:e1:c8:71:e6:fd:68:a7:a5:64:db:
50:86:82:1f:32:0e:05:c7:6c:2b:a7:45:16:f0:72:ab:49:ac:
fa:a2:43:24:00:29:80:7d:4d:0a:b0:2d:39:7c:a2:29:5a:e8:
f0:69:4c:7c:db:4d:b7:81:ee:61:2e:e4:b5:f3:bb:9a:60:5a:
b9:96:bb:b9:ce:2c:bc:ae:ec:64:01:15:db:2e:c6:99:c8:3e:
ce:19:5f:1a:4b:00:4a:77:35:3c:5b:ba:00:63:d0:c5:7f:05:
21:cb:c6:39:2b:e5:2c:da:cd:e7:d9:0d:97:85:6b:43:6a:92:
16:a3:fb:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjJ7tdbyJNa0CvAJBf/AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYTg0ZDdlNjRiYTNlODViNTcwMzZjNzMxOGY5M2NjM2Q5
NGQxODcwHhcNMjMwMTAyMTI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FlYWRmNTJiNTU0NTFiNDBjZjMyNzQzZDRlODI1MzM2YWUwYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSqRGPbXGSmRa/8OFNzS2HZuFuGX
BwKmexo+nUaYq0NzJiHL5Ubp0VDYVgNBz1974X7ZnhqhUw+++lNsFB+D8VjTkENm
1MbCH0NrVpwzLABBPSpe7PmOUk3RTySGVTSfo5imKi2Xl+3GvHYWAjpWgQrrllL3
svxhbOypHuP7xNJexbwNRVLekDOTON9cJ9PRGOrxWO4fTlwvoJLB5iCi87LZPF+g
8kkRogqE14TOPYHhfSlmydQwFJKruX+oxpy0kfhm5XfaOWskm8dJxUBUu1YpTOAB
nL+u7KcgTd8RJgYK7i6dcb3Aq+HYBQwVegZIEFKLy0i9MVHVAFTpuzAQewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyurfUrVUUbQM8ydD1OglM2rgrDMB8GA1UdIwQY
MBaAFK6oTX5kuj6FtXA2xzGPk8w9lNGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQt
OTdjMzMyZjcyMzlkLzEvM0s2dDlTdFZSUnRBenpKMFBVNkNVemF1Q3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQtOTdjMzMyZjcyMzlk
LzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW18MA0G
CSqGSIb3DQEBCwUAA4IBAQApnqTTQJOW6gsRadbp4ipPbprMcLCeQEDUR7Uq/wX4
66TzdjPcw69tjh/hVaDO0COYidfET4EMLts5PDA7319dxz/B60WItScEPqf79kzx
SWYJ171TURXe0hej2N5ZHqXMDFYRI2uvk11QNKWru/fM0XTC8oa6GYeVE80C+8CV
3KMrMYGtA+HIceb9aKelZNtQhoIfMg4Fx2wrp0UW8HKrSaz6okMkACmAfU0KsC05
fKIpWujwaUx82023ge5hLuS187uaYFq5lru5ziy8ruxkARXbLsaZyD7OGV8aSwBK
dzU8W7oAY9DFfwUhy8Y5K+Us2s3n2Q2XhWtDapIWo/t1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:15 2025 by rpki-client