Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/UrV8ZTUfw88b7cpKJh0vQXrt8Hs.roa
File: UrV8ZTUfw88b7cpKJh0vQXrt8Hs.roa (raw, json)
Hash identifier: AQaCKCX8cz9MCM6YRxRKvOlGL4FXLcY+4mKyYMxoUg8=
Subject key identifier: 52:B5:7C:65:35:1F:C3:CF:1B:ED:CA:4A:26:1D:2F:41:7A:ED:F0:7B
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 018B197E65EA36FDE01AF78F2BE019FBC1D8
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/UrV8ZTUfw88b7cpKJh0vQXrt8Hs.roa
Signing time: Tue 10 Oct 2023 12:09:55 +0000
ROA not before: Tue 10 Oct 2023 12:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 213.171.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:7e:65:ea:36:fd:e0:1a:f7:8f:2b:e0:19:fb:c1:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Oct 10 12:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b57c65351fc3cf1bedca4a261d2f417aedf07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:82:0b:fa:f3:cf:89:71:be:70:be:d5:15:84:
ce:8d:68:c8:0c:20:6d:51:a3:93:4f:04:47:b6:82:
c8:0e:15:ea:c9:5a:d5:75:5f:68:eb:8a:96:14:6b:
b8:a5:db:ad:36:ad:d9:d4:cb:cc:3c:02:c3:b9:97:
08:82:20:77:36:8c:35:c2:37:81:c1:68:ba:e6:ea:
a6:e7:1b:c9:5a:02:a5:29:b7:ad:c4:3a:f9:f4:eb:
46:8c:29:ce:1e:16:54:c5:d9:19:20:04:29:46:8d:
39:33:f7:dc:17:be:b2:12:6c:65:7d:95:ad:fc:c3:
72:4a:1c:1f:24:3b:58:a0:19:d9:ca:6d:66:52:27:
f0:6e:dd:38:1f:a4:6a:4e:03:11:d5:33:da:2f:35:
1c:ff:70:31:14:9e:6f:88:22:dd:73:0c:68:e7:53:
96:6b:9e:ad:65:4c:58:4c:af:c7:c0:05:40:39:b2:
ce:88:e7:ce:e9:b0:f8:6b:86:0a:04:03:ce:d6:da:
20:c1:54:c6:fe:e4:a0:ab:fa:ad:42:2b:b9:57:00:
2c:1a:c2:b1:84:d9:46:82:b9:b0:2b:de:4a:4b:23:
f1:88:6f:74:aa:f6:f7:ec:4a:de:38:dd:d4:52:f3:
2a:15:8f:0c:00:17:95:e8:2c:70:1b:e1:13:ff:2d:
26:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B5:7C:65:35:1F:C3:CF:1B:ED:CA:4A:26:1D:2F:41:7A:ED:F0:7B
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/UrV8ZTUfw88b7cpKJh0vQXrt8Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:dc:33:0e:cb:0d:ce:18:04:35:b1:3e:1a:8e:ff:a1:0c:64:
a7:56:22:7b:a2:fd:5f:a5:55:9b:5a:b4:14:20:69:71:af:8b:
04:0b:32:65:56:fd:10:c2:80:09:19:b2:2c:9f:a5:f1:5f:2a:
c7:eb:6b:6f:a6:15:90:e2:41:4d:6a:62:e5:e0:50:e7:fd:38:
c9:09:26:c2:a7:58:df:2b:fd:08:9d:1a:57:dd:86:1c:96:23:
b8:80:b7:5d:2c:69:fd:87:8b:cd:e3:c3:8e:21:da:21:ea:c4:
7c:d4:cc:c6:05:d0:12:07:f1:df:e7:b8:15:18:8c:14:5a:c9:
28:28:e7:cb:61:13:c1:d0:8e:62:8f:96:36:c7:2b:16:97:c1:
c1:32:17:1b:26:fb:40:86:08:86:b4:91:f8:26:84:75:f2:cb:
4f:ba:77:3a:7f:5a:10:49:3d:27:4e:5f:b4:4a:90:c8:17:c6:
1e:3f:dd:57:08:2f:31:0c:8b:b1:01:04:9a:a1:6d:c0:33:1e:
eb:5b:05:44:26:39:8d:ee:7a:f6:66:8e:d6:04:a5:f6:70:bc:
8c:d2:f4:4f:55:03:ed:cf:c6:59:02:ac:d5:e2:51:4e:c0:a8:
38:31:be:9a:6a:dc:7e:7e:29:c5:52:2b:55:98:5d:f7:9a:82:
f7:b5:50:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsZfmXqNv3gGvePK+AZ+8HYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjMxMDEwMTIwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI1N2M2NTM1MWZjM2NmMWJlZGNhNGEyNjFkMmY0MTdhZWRmMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYIL+vPPiXG+cL7VFYTOjWjIDCBt
UaOTTwRHtoLIDhXqyVrVdV9o64qWFGu4pdutNq3Z1MvMPALDuZcIgiB3Now1wjeB
wWi65uqm5xvJWgKlKbetxDr59OtGjCnOHhZUxdkZIAQpRo05M/fcF76yEmxlfZWt
/MNyShwfJDtYoBnZym1mUifwbt04H6RqTgMR1TPaLzUc/3AxFJ5viCLdcwxo51OW
a56tZUxYTK/HwAVAObLOiOfO6bD4a4YKBAPO1togwVTG/uSgq/qtQiu5VwAsGsKx
hNlGgrmwK95KSyPxiG90qvb37EreON3UUvMqFY8MABeV6CxwG+ET/y0mWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFK1fGU1H8PPG+3KSiYdL0F67fB7MB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEvVXJWOFpUVWZ3ODhiN2NwS0poMHZRWHJ0OEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1asDMA0G
CSqGSIb3DQEBCwUAA4IBAQCd3DMOyw3OGAQ1sT4ajv+hDGSnViJ7ov1fpVWbWrQU
IGlxr4sECzJlVv0QwoAJGbIsn6XxXyrH62tvphWQ4kFNamLl4FDn/TjJCSbCp1jf
K/0InRpX3YYcliO4gLddLGn9h4vN48OOIdoh6sR81MzGBdASB/Hf57gVGIwUWsko
KOfLYRPB0I5ij5Y2xysWl8HBMhcbJvtAhgiGtJH4JoR18stPunc6f1oQST0nTl+0
SpDIF8YeP91XCC8xDIuxAQSaoW3AMx7rWwVEJjmN7nr2Zo7WBKX2cLyM0vRPVQPt
z8ZZAqzV4lFOwKg4Mb6aatx+finFUitVmF33moL3tVBS
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:28 2025 by rpki-client