Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/u3Tp__pC0xg1UZQi-KJisnhA4B8.roa
File: u3Tp__pC0xg1UZQi-KJisnhA4B8.roa (raw, json)
Hash identifier: L1MRft3BJi6JdMf6B6jJrOyqHdTSkIU/b4pu6GU3IVk=
Subject key identifier: BB:74:E9:FF:FA:42:D3:18:35:51:94:22:F8:A2:62:B2:78:40:E0:1F
Certificate issuer: /CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
Certificate serial: 018BD3CDBDAD14FF612F0EBD177F57B4E78A
Authority key identifier: 66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/u3Tp__pC0xg1UZQi-KJisnhA4B8.roa
Signing time: Wed 15 Nov 2023 16:25:57 +0000
ROA not before: Wed 15 Nov 2023 16:25:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.160.155.0/24 maxlen: 24
2a0c:9e40:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:cd:bd:ad:14:ff:61:2f:0e:bd:17:7f:57:b4:e7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
Validity
Not Before: Nov 15 16:25:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb74e9fffa42d31835519422f8a262b27840e01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:26:1d:c6:96:91:a6:90:e4:f7:fc:e9:be:
b8:5d:76:17:d5:b8:bf:b6:80:2d:b4:b9:5e:85:08:
3f:12:ed:26:40:9f:55:f5:bc:9d:88:8c:60:90:23:
88:93:67:49:8b:b3:b0:71:d2:dc:82:23:18:63:84:
db:bc:51:e1:77:64:13:b8:fb:06:7b:40:6f:09:c7:
47:0d:28:da:87:1b:8e:6d:a7:e6:4a:56:bd:fa:b0:
0f:44:fb:e7:f8:9a:13:fe:31:88:dd:56:ab:d2:f7:
2c:d4:cb:0a:93:d6:87:47:2f:1d:d7:d2:67:1e:b1:
22:5d:79:c2:5d:c7:98:4d:97:18:f0:85:12:7f:c9:
22:13:10:c0:5b:9a:d4:1a:21:38:9a:60:ca:93:57:
4a:18:67:34:88:4f:38:b6:0c:87:82:31:c5:67:91:
c2:f2:2d:bd:10:6f:21:5a:5f:a7:4d:3d:00:f7:13:
c4:8c:d6:0c:e9:85:72:c1:ac:85:e8:95:03:10:3c:
d8:98:95:af:84:c3:46:28:25:78:e2:cc:e5:4a:a7:
27:fe:a6:06:da:49:ab:98:26:37:5f:c3:ad:52:12:
4b:86:de:0f:85:06:c8:98:9f:82:82:9b:2c:6d:4e:
e9:db:b9:a9:a0:3a:ee:cc:5b:1e:83:26:b2:a1:fb:
f1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:74:E9:FF:FA:42:D3:18:35:51:94:22:F8:A2:62:B2:78:40:E0:1F
X509v3 Authority Key Identifier:
keyid:66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/u3Tp__pC0xg1UZQi-KJisnhA4B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/Zu8xraxmOFWz3dGTHETPgGTWpus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.155.0/24
IPv6:
2a0c:9e40:3::/48
Signature Algorithm: sha256WithRSAEncryption
15:f5:b9:6b:ba:ac:dd:d3:06:ee:89:86:59:c4:11:91:77:2e:
30:93:c6:51:80:5f:a4:80:1b:85:80:a6:24:ba:d1:30:79:88:
be:b2:7f:77:3d:01:5b:ee:d9:a0:70:07:2d:9a:f1:74:f1:f8:
19:a1:8c:03:ef:25:dc:52:88:d0:2c:ed:c9:ea:0d:8b:ef:b7:
0e:07:ab:05:19:ec:74:eb:35:71:a7:61:36:0f:e7:df:2d:83:
a4:63:95:66:6c:d3:22:d2:f5:ab:37:58:71:d6:4a:ed:da:4f:
3d:ff:e5:dc:6b:ba:31:c8:dc:d2:33:da:2a:5e:23:1d:84:1e:
b0:f0:e9:14:ad:43:44:3f:33:34:4a:a7:54:2b:7a:77:79:cf:
2b:ac:cc:47:3a:14:17:75:e6:e2:50:86:2a:56:63:63:83:70:
f7:03:94:5a:60:c6:59:9b:9a:94:2a:0d:1b:d3:48:10:eb:a9:
b8:a1:61:4e:8e:49:17:76:f2:5a:d9:02:99:2f:0e:20:09:48:
42:86:1b:8f:64:9c:9a:e1:2b:e2:02:d6:7c:5f:f9:04:ed:d9:
10:ff:e4:2a:54:95:b7:a0:91:09:80:2b:2c:e3:86:6d:cf:81:
25:7a:4d:6e:e1:5e:9a:2a:a8:d1:d5:fe:9f:94:4f:82:ba:d7:
99:dc:dd:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvTzb2tFP9hLw69F39XtOeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWYzMWFkYWM2NjM4NTViM2RkZDE5MzFjNDRjZjgwNjRk
NmE2ZWIwHhcNMjMxMTE1MTYyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjc0ZTlmZmZhNDJkMzE4MzU1MTk0MjJmOGEyNjJiMjc4NDBlMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+ImHcaWkaaQ5Pf86b64XXYX1bi/
toAttLlehQg/Eu0mQJ9V9bydiIxgkCOIk2dJi7OwcdLcgiMYY4TbvFHhd2QTuPsG
e0BvCcdHDSjahxuObafmSla9+rAPRPvn+JoT/jGI3Var0vcs1MsKk9aHRy8d19Jn
HrEiXXnCXceYTZcY8IUSf8kiExDAW5rUGiE4mmDKk1dKGGc0iE84tgyHgjHFZ5HC
8i29EG8hWl+nTT0A9xPEjNYM6YVywayF6JUDEDzYmJWvhMNGKCV44szlSqcn/qYG
2kmrmCY3X8OtUhJLht4PhQbImJ+CgpssbU7p27mpoDruzFsegyayofvx/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLt06f/6QtMYNVGUIviiYrJ4QOAfMB8GA1UdIwQY
MBaAFGbvMa2sZjhVs93RkxxEz4Bk1qbrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnU4eHJheG1PRld6M2RHVEhFVFBnR1RXcHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lZDRkYTAtMDY0Ny00NDZmLWIwNjUt
ZGIwZGNjMDhmNDUyLzEvdTNUcF9fcEMweGcxVVpRaS1LSmlzbmhBNEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lZDRkYTAtMDY0Ny00NDZmLWIwNjUtZGIwZGNjMDhmNDUy
LzEvWnU4eHJheG1PRld6M2RHVEhFVFBnR1RXcHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwaCbMA8E
AgACMAkDBwAqDJ5AAAMwDQYJKoZIhvcNAQELBQADggEBABX1uWu6rN3TBu6JhlnE
EZF3LjCTxlGAX6SAG4WApiS60TB5iL6yf3c9AVvu2aBwBy2a8XTx+BmhjAPvJdxS
iNAs7cnqDYvvtw4HqwUZ7HTrNXGnYTYP598tg6RjlWZs0yLS9as3WHHWSu3aTz3/
5dxrujHI3NIz2ipeIx2EHrDw6RStQ0Q/MzRKp1Qrend5zyuszEc6FBd15uJQhipW
Y2ODcPcDlFpgxlmbmpQqDRvTSBDrqbihYU6OSRd28lrZApkvDiAJSEKGG49knJrh
K+IC1nxf+QTt2RD/5CpUlbegkQmAKyzjhm3PgSV6TW7hXpoqqNHV/p+UT4K615nc
3TY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:03:36 2025 by rpki-client