Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/usUFXw9P8q-pD5n-j_hprHyCPHY.roa
File: usUFXw9P8q-pD5n-j_hprHyCPHY.roa (raw, json)
Hash identifier: 6WpxH3BPQH4KoAADLMngcPIdqK56ldZJlhwdZ3h/K4A=
Subject key identifier: BA:C5:05:5F:0F:4F:F2:AF:A9:0F:99:FE:8F:F8:69:AC:7C:82:3C:76
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 35BBD42B
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/usUFXw9P8q-pD5n-j_hprHyCPHY.roa
Signing time: Sat 01 Jan 2022 12:06:28 +0000
ROA not before: Sat 01 Jan 2022 12:06:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2088
IP address blocks: 193.54.33.0/24 maxlen: 24
193.51.58.0/24 maxlen: 24
193.55.5.0/24 maxlen: 24
194.254.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901501995 (0x35bbd42b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 1 12:06:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bac5055f0f4ff2afa90f99fe8ff869ac7c823c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:24:fc:18:a3:f7:44:80:d7:ef:c4:7d:c3:fd:
a5:17:e8:3a:b1:75:9d:75:10:a5:98:23:7e:bc:ef:
97:84:c6:3d:b7:17:b9:ac:da:60:c9:96:f7:22:b5:
ff:61:8c:80:89:6e:1f:d4:cb:f4:09:56:fd:17:ae:
70:27:21:17:6c:fd:76:8a:b4:e4:8b:14:db:3d:0d:
19:21:be:a6:19:72:83:3c:41:41:a3:3b:cc:83:a6:
6c:8a:03:9c:ae:5f:71:97:41:b9:9f:fd:08:a2:7c:
98:7e:2d:0e:81:1a:ca:d3:2b:a6:22:3e:f5:58:8f:
51:6d:70:47:3a:50:6e:64:61:1c:2e:ea:4e:0d:2e:
da:e2:75:71:0a:76:c2:4c:d2:b3:82:fc:e2:d9:69:
71:54:07:df:3f:19:25:94:11:12:d1:d6:b2:e1:2c:
d4:97:e3:04:25:2b:28:5b:5c:00:d9:57:54:aa:e3:
7f:6b:18:c2:03:46:9d:f5:bf:3c:c8:0a:cb:04:bb:
a4:8f:69:5f:13:fb:95:5f:b8:78:04:36:2b:15:bb:
a6:00:10:9d:1e:ce:1e:7a:23:21:80:f4:49:6a:7a:
19:6b:d6:a7:ef:73:3d:d6:bf:60:a1:e6:62:87:5b:
14:e7:3b:5a:fe:13:3a:af:4f:31:49:18:2d:a4:aa:
ec:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C5:05:5F:0F:4F:F2:AF:A9:0F:99:FE:8F:F8:69:AC:7C:82:3C:76
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/usUFXw9P8q-pD5n-j_hprHyCPHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.51.58.0/24
193.54.33.0/24
193.55.5.0/24
194.254.188.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:0f:d5:eb:be:ec:b7:95:e2:0b:1f:e4:65:dc:f8:a1:7d:c5:
ac:b0:8f:ee:08:8d:05:58:20:f8:01:66:87:70:40:11:b9:0e:
aa:d4:de:b9:df:87:53:4f:f2:23:39:5e:a0:cf:f0:3e:c2:b5:
fc:26:88:27:17:17:27:4b:3f:82:8f:9a:f2:75:35:91:3e:8f:
77:54:2a:b3:c5:20:a5:74:ca:20:16:19:ed:c3:f9:65:01:e5:
81:ec:c6:3c:34:2c:86:a0:e0:99:e3:40:b1:87:18:7e:87:77:
a5:ee:52:48:b3:96:00:ce:37:c5:17:be:25:2b:80:54:da:da:
89:be:2a:e9:24:40:2d:d6:d7:dd:a2:ac:a7:81:a0:0c:42:d8:
a2:b5:7c:4d:af:ad:0f:f3:eb:fa:ab:8c:21:07:ad:f4:4a:b7:
52:00:7d:56:7f:c1:50:f1:11:ff:ff:e3:9f:05:d5:58:f3:82:
1d:6c:78:e3:f8:53:2d:4b:be:ed:a8:a2:34:a3:db:a2:9b:79:
65:e7:f2:cb:7c:14:30:0b:46:69:91:5d:bb:0e:ca:6d:1e:0f:
0d:19:4c:73:4a:91:63:17:13:c5:b4:d3:4c:de:3a:33:bc:30:
49:fb:d6:c5:5b:c4:c2:d5:9d:de:6f:30:b3:0b:de:62:8f:30:
d6:9a:90:83
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIENbvUKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWY5NTdhYmEyZWYwMDM1Mjg1MGUyMDI0NjRjNzFkMzNjYTgxNDQ4MB4XDTIyMDEw
MTEyMDYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFjNTA1NWYwZjRm
ZjJhZmE5MGY5OWZlOGZmODY5YWM3YzgyM2M3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsk/Bij90SA1+/EfcP9pRfoOrF1nXUQpZgjfrzvl4TGPbcX
uazaYMmW9yK1/2GMgIluH9TL9AlW/ReucCchF2z9doq05IsU2z0NGSG+phlygzxB
QaM7zIOmbIoDnK5fcZdBuZ/9CKJ8mH4tDoEaytMrpiI+9ViPUW1wRzpQbmRhHC7q
Tg0u2uJ1cQp2wkzSs4L84tlpcVQH3z8ZJZQREtHWsuEs1JfjBCUrKFtcANlXVKrj
f2sYwgNGnfW/PMgKywS7pI9pXxP7lV+4eAQ2KxW7pgAQnR7OHnojIYD0SWp6GWvW
p+9zPda/YKHmYodbFOc7Wv4TOq9PMUkYLaSq7GMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBS6xQVfD0/yr6kPmf6P+GmsfII8djAfBgNVHSMEGDAWgBQu+Verou8ANShQ
4gJGTHHTPKgUSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x2bFhxNkx2QURVb1VPSUNSa3h4MHp5b0ZFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvYTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8x
L3VzVUZYdzlQOHEtcEQ1bi1qX2hwckh5Q1BIWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
YTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8xL0x2bFhxNkx2QURV
b1VPSUNSa3h4MHp5b0ZFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMEzOgMEAME2IQMEAME3BQMEAML+
vDANBgkqhkiG9w0BAQsFAAOCAQEAWw/V677st5XiCx/kZdz4oX3FrLCP7giNBVgg
+AFmh3BAEbkOqtTeud+HU0/yIzleoM/wPsK1/CaIJxcXJ0s/go+a8nU1kT6Pd1Qq
s8UgpXTKIBYZ7cP5ZQHlgezGPDQshqDgmeNAsYcYfod3pe5SSLOWAM43xRe+JSuA
VNraib4q6SRALdbX3aKsp4GgDELYorV8Ta+tD/Pr+quMIQet9Eq3UgB9Vn/BUPER
///jnwXVWPOCHWx44/hTLUu+7aiiNKPbopt5Zefyy3wUMAtGaZFduw7KbR4PDRlM
c0qRYxcTxbTTTN46M7wwSfvWxVvEwtWd3m8wswveYo8w1pqQgw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:37 2025 by rpki-client