Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/XKbPrQGQfhwSp3Fewh3zEgc_J9c.roa
File: XKbPrQGQfhwSp3Fewh3zEgc_J9c.roa (raw, json)
Hash identifier: rlGYab+dFbfHJT6sdW1+oIeatugvg1O9vIQysJlUgHM=
Subject key identifier: 5C:A6:CF:AD:01:90:7E:1C:12:A7:71:5E:C2:1D:F3:12:07:3F:27:D7
Certificate issuer: /CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Certificate serial: 01825E7F19AD0EAA877324493155F6125B67
Authority key identifier: 9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/XKbPrQGQfhwSp3Fewh3zEgc_J9c.roa
Signing time: Tue 02 Aug 2022 12:19:24 +0000
ROA not before: Tue 02 Aug 2022 12:19:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33868
IP address blocks: 193.23.54.0/24 maxlen: 24
2a02:848::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:7f:19:ad:0e:aa:87:73:24:49:31:55:f6:12:5b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Validity
Not Before: Aug 2 12:19:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ca6cfad01907e1c12a7715ec21df312073f27d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2f:07:c0:67:78:07:ee:3c:3e:5a:89:ff:41:
70:0f:0b:65:e3:59:f9:94:19:c6:c2:b9:e6:9c:b9:
3d:96:0e:33:a5:f5:8c:3d:e4:0c:fd:c8:4a:21:9c:
23:ab:e7:7b:6e:44:4f:51:d8:92:42:52:ee:a6:c2:
d5:4f:16:8f:bd:03:39:1a:f0:da:8c:b8:43:c2:0f:
9f:32:c4:a2:19:2e:56:e2:e7:17:ce:c3:c2:c0:16:
1d:42:0b:ab:07:a8:dc:9d:6a:d2:0c:11:1c:a4:60:
d1:e9:9e:8d:ba:45:5f:95:54:56:21:eb:ac:46:60:
8c:17:d3:b2:f1:ff:0b:a1:ed:4e:38:0a:48:ab:51:
1f:0e:94:ee:2e:14:a0:cf:dc:5d:67:44:32:32:ab:
26:7c:43:18:74:c9:8b:e9:43:a2:dd:9e:31:21:3f:
e7:1e:9b:3f:eb:8a:fe:ed:30:9e:fa:41:c3:e3:4b:
42:4c:2a:c6:60:52:c0:4c:0e:98:ff:2d:32:67:fc:
f5:27:59:c1:03:6c:20:79:42:6b:fc:20:11:d2:72:
4d:d1:59:ea:2e:e2:38:84:c3:10:e8:89:c7:9d:e5:
2f:41:20:db:1d:ed:55:b6:fe:b7:57:a3:e4:47:f9:
12:66:4f:75:03:ef:f3:7b:86:a9:12:5f:47:d4:05:
57:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A6:CF:AD:01:90:7E:1C:12:A7:71:5E:C2:1D:F3:12:07:3F:27:D7
X509v3 Authority Key Identifier:
keyid:9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/XKbPrQGQfhwSp3Fewh3zEgc_J9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.54.0/24
IPv6:
2a02:848::/32
Signature Algorithm: sha256WithRSAEncryption
8c:c8:56:99:5b:85:54:5b:cb:53:36:18:8c:0e:8e:75:3b:77:
51:ef:bf:2b:73:5a:c9:e8:bc:32:4c:de:ba:ff:4f:8e:af:97:
e1:8d:10:38:3f:9c:fa:de:ce:55:36:5b:41:e1:75:b5:34:5f:
f9:dd:67:69:57:bc:06:60:57:08:b6:ba:9e:bf:32:ea:19:8d:
df:cc:71:25:cb:f1:30:86:7b:0f:80:65:b4:93:95:38:a1:4e:
1e:dc:c7:d3:2a:a1:5b:e6:ea:c9:73:7f:9e:a9:8a:cd:b5:d7:
d4:1c:8b:e8:69:4a:bd:37:67:7b:b4:33:f1:15:1e:60:91:e8:
b5:ea:11:e9:cf:f6:46:5c:98:e4:61:8a:91:55:e9:0c:d8:3a:
b4:0a:c7:fd:bd:52:29:5e:93:75:70:b6:5a:57:a7:44:33:09:
52:11:8c:ba:55:b6:71:96:9d:0e:63:50:64:74:6b:27:06:0a:
fb:e5:58:00:ab:23:0e:92:e9:1e:c3:65:78:d2:e1:97:d6:cd:
73:52:56:b3:60:50:8f:33:77:1a:65:ae:b7:be:19:df:2d:5e:
9d:a5:f1:67:33:db:b8:b7:c9:4c:25:1c:2b:11:b3:3b:4d:ca:
48:9a:b9:88:47:a8:25:28:fd:1a:e7:f9:08:e6:34:ad:d8:56:
8b:9d:00:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYJefxmtDqqHcyRJMVX2EltnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNmI3YjNlYTYwZWZiNGE1NzlhNGY1ZTIzN2VhN2E4OGQz
YmMwNzgwHhcNMjIwODAyMTIxOTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E2Y2ZhZDAxOTA3ZTFjMTJhNzcxNWVjMjFkZjMxMjA3M2YyN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS8HwGd4B+48PlqJ/0FwDwtl41n5
lBnGwrnmnLk9lg4zpfWMPeQM/chKIZwjq+d7bkRPUdiSQlLupsLVTxaPvQM5GvDa
jLhDwg+fMsSiGS5W4ucXzsPCwBYdQgurB6jcnWrSDBEcpGDR6Z6NukVflVRWIeus
RmCMF9Oy8f8Loe1OOApIq1EfDpTuLhSgz9xdZ0QyMqsmfEMYdMmL6UOi3Z4xIT/n
Hps/64r+7TCe+kHD40tCTCrGYFLATA6Y/y0yZ/z1J1nBA2wgeUJr/CAR0nJN0Vnq
LuI4hMMQ6InHneUvQSDbHe1Vtv63V6PkR/kSZk91A+/ze4apEl9H1AVXCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFymz60BkH4cEqdxXsId8xIHPyfXMB8GA1UdIwQY
MBaAFJtrez6mDvtKV5pPXiN+p6iNO8B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAt
ZTc0ZDhkMWQ0ZTAyLzEvWEtiUHJRR1FmaHdTcDNGZXdoM3pFZ2NfSjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAtZTc0ZDhkMWQ0ZTAy
LzEvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRc2MA0E
AgACMAcDBQAqAghIMA0GCSqGSIb3DQEBCwUAA4IBAQCMyFaZW4VUW8tTNhiMDo51
O3dR778rc1rJ6LwyTN66/0+Or5fhjRA4P5z63s5VNltB4XW1NF/53WdpV7wGYFcI
trqevzLqGY3fzHEly/EwhnsPgGW0k5U4oU4e3MfTKqFb5urJc3+eqYrNtdfUHIvo
aUq9N2d7tDPxFR5gkei16hHpz/ZGXJjkYYqRVekM2Dq0Csf9vVIpXpN1cLZaV6dE
MwlSEYy6VbZxlp0OY1BkdGsnBgr75VgAqyMOkukew2V40uGX1s1zUlazYFCPM3ca
Za63vhnfLV6dpfFnM9u4t8lMJRwrEbM7TcpImrmIR6glKP0a5/kI5jSt2FaLnQA4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:22 2024 by rpki-client on console-ams.rpki-client.org