Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/3sm1KXLIIRTRdzM5XpT_PCwo2V4.roa
File: 3sm1KXLIIRTRdzM5XpT_PCwo2V4.roa (raw, json)
Hash identifier: zoJ7UXEl5y9o4d4FTAYwR8/mX1lgaG77qTKcjgmb1cI=
Subject key identifier: DE:C9:B5:29:72:C8:21:14:D1:77:33:39:5E:94:FF:3C:2C:28:D9:5E
Certificate issuer: /CN=29187f811597dd03513be42f43155bc15a3a0b3f
Certificate serial: 06D474BA
Authority key identifier: 29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/3sm1KXLIIRTRdzM5XpT_PCwo2V4.roa
Signing time: Tue 08 Mar 2022 23:25:00 +0000
ROA not before: Tue 08 Mar 2022 23:25:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49239
IP address blocks: 193.17.179.0/24 maxlen: 24
193.17.70.0/24 maxlen: 24
193.17.193.0/24 maxlen: 24
193.17.220.0/24 maxlen: 24
2a0f:7540:1::/48 maxlen: 48
2a0f:7540::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114586810 (0x6d474ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29187f811597dd03513be42f43155bc15a3a0b3f
Validity
Not Before: Mar 8 23:25:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dec9b52972c82114d17733395e94ff3c2c28d95e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:57:13:0a:3d:a8:57:dc:b6:65:0a:4a:4f:31:
d8:9c:89:56:5f:09:99:52:0e:4c:fe:d2:f2:d9:e4:
d3:a5:5f:c6:f9:1e:47:e1:e9:fc:0a:2a:ea:c1:b8:
59:1c:97:13:47:f4:ac:f6:49:00:34:1e:bf:85:e3:
35:0b:87:d3:7c:58:ed:c7:fb:2a:69:2a:ff:75:1d:
ba:7e:4f:6e:78:dc:0f:69:b1:6f:e4:14:f1:c3:84:
9d:a9:7e:46:d9:ac:cb:d2:b6:54:9c:7e:c6:76:8b:
00:96:97:90:a0:bc:03:2c:85:17:c3:77:0e:c4:7b:
a1:68:92:e1:a6:77:8e:9c:00:a4:cf:2b:6b:81:16:
d9:9b:81:c5:34:78:f7:3a:f3:6e:8c:a5:42:e9:45:
d4:27:13:26:1f:36:af:63:01:20:c3:ba:2a:a0:e5:
ed:97:ad:91:02:fd:cc:cc:81:70:ec:ec:b2:e3:57:
f2:38:e0:15:b3:44:cf:73:5c:3f:77:a8:6a:3f:60:
18:b0:9c:38:6a:4d:17:41:27:cc:68:d3:dd:fa:a9:
e3:63:ae:4f:a0:93:ac:be:e5:39:e2:af:7e:29:7e:
3b:99:57:8b:6b:27:95:61:45:99:75:ef:ea:bd:15:
dc:42:c6:86:51:db:02:b4:bf:e2:29:a2:ac:4c:85:
3f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C9:B5:29:72:C8:21:14:D1:77:33:39:5E:94:FF:3C:2C:28:D9:5E
X509v3 Authority Key Identifier:
keyid:29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/3sm1KXLIIRTRdzM5XpT_PCwo2V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.70.0/24
193.17.179.0/24
193.17.193.0/24
193.17.220.0/24
IPv6:
2a0f:7540::/47
Signature Algorithm: sha256WithRSAEncryption
97:24:c1:43:47:1a:0f:75:3a:55:d0:9e:96:60:04:fa:fd:62:
1d:a0:64:7c:ea:b6:f1:15:8d:97:8e:5e:34:75:46:ed:17:cd:
47:98:33:62:d0:65:14:39:b7:89:20:c0:ef:3f:8f:40:f7:f9:
2c:58:70:7d:cd:55:78:e2:e3:a0:77:ae:26:72:a1:b5:08:63:
c0:42:94:88:b9:8f:a8:8c:09:5f:08:9d:fd:66:e8:5e:29:43:
28:56:26:6a:af:7d:ea:c7:3d:b9:26:48:15:5e:27:74:1b:61:
04:f0:c8:4c:c3:da:6c:e2:a0:c8:39:2e:be:9c:a5:cc:3f:1f:
0a:f5:4e:cd:aa:a3:77:2f:4c:d4:d3:36:4a:9b:39:22:84:dc:
1f:50:d7:2f:8e:7d:ad:9e:22:15:ae:cf:38:11:ec:44:b7:b9:
9c:03:d1:aa:ac:e2:1e:54:b4:2d:a4:49:1a:ff:46:ea:0d:e1:
32:0e:53:c5:31:cf:0e:31:5a:c2:4c:a3:f8:db:f4:11:89:c4:
c7:11:ec:25:ca:50:8e:af:43:4b:ca:8e:c5:87:21:9f:71:d6:
2f:2e:e5:30:fa:62:b3:83:4c:91:51:00:a6:1d:26:d1:f2:a8:
3c:ac:60:f3:b1:cc:f0:07:ed:d6:70:7a:42:20:7f:44:41:f3:
5d:3e:30:ee
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBtR0ujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTE4N2Y4MTE1OTdkZDAzNTEzYmU0MmY0MzE1NWJjMTVhM2EwYjNmMB4XDTIyMDMw
ODIzMjUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVjOWI1Mjk3MmM4
MjExNGQxNzczMzM5NWU5NGZmM2MyYzI4ZDk1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlXEwo9qFfctmUKSk8x2JyJVl8JmVIOTP7S8tnk06Vfxvke
R+Hp/Aoq6sG4WRyXE0f0rPZJADQev4XjNQuH03xY7cf7Kmkq/3Udun5PbnjcD2mx
b+QU8cOEnal+Rtmsy9K2VJx+xnaLAJaXkKC8AyyFF8N3DsR7oWiS4aZ3jpwApM8r
a4EW2ZuBxTR49zrzboylQulF1CcTJh82r2MBIMO6KqDl7ZetkQL9zMyBcOzssuNX
8jjgFbNEz3NcP3eoaj9gGLCcOGpNF0EnzGjT3fqp42OuT6CTrL7lOeKvfil+O5lX
i2snlWFFmXXv6r0V3ELGhlHbArS/4imirEyFPx8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTeybUpcsghFNF3MzlelP88LCjZXjAfBgNVHSMEGDAWgBQpGH+BFZfdA1E7
5C9DFVvBWjoLPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSaF9nUldYM1FOUk8tUXZReFZid1ZvNkN6OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvOGMwMDZkLTUwZjUtNDQ1ZC1iN2U4LTI0OTk0YjA0MGY0MS8x
LzNzbTFLWExJSVJUUmR6TTVYcFRfUEN3bzJWNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
OGMwMDZkLTUwZjUtNDQ1ZC1iN2U4LTI0OTk0YjA0MGY0MS8xL0tSaF9nUldYM1FO
Uk8tUXZReFZid1ZvNkN6OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAMERRgMEAMERswMEAMERwQMEAMER
3DAPBAIAAjAJAwcBKg91QAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCXJMFDRxoPdTpV
0J6WYAT6/WIdoGR86rbxFY2Xjl40dUbtF81HmDNi0GUUObeJIMDvP49A9/ksWHB9
zVV44uOgd64mcqG1CGPAQpSIuY+ojAlfCJ39ZuheKUMoViZqr33qxz25JkgVXid0
G2EE8MhMw9ps4qDIOS6+nKXMPx8K9U7NqqN3L0zU0zZKmzkihNwfUNcvjn2tniIV
rs84EexEt7mcA9GqrOIeVLQtpEka/0bqDeEyDlPFMc8OMVrCTKP42/QRicTHEewl
ylCOr0NLyo7FhyGfcdYvLuUw+mKzg0yRUQCmHSbR8qg8rGDzsczwB+3WcHpCIH9E
QfNdPjDu
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:41 2025 by rpki-client