Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/aVHf4G5mpxLqkgNjMUxwp2Why1Q.roa
File: aVHf4G5mpxLqkgNjMUxwp2Why1Q.roa (raw, json)
Hash identifier: 1oTocDq7bsjHvVc9FUC6iiULEb8MP39+OjoDVuxv8bE=
Subject key identifier: 69:51:DF:E0:6E:66:A7:12:EA:92:03:63:31:4C:70:A7:65:A1:CB:54
Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Certificate serial: 0185737A928814BF7CE2B5E58D5F5EED536B
Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/aVHf4G5mpxLqkgNjMUxwp2Why1Q.roa
Signing time: Mon 02 Jan 2023 17:14:50 +0000
ROA not before: Mon 02 Jan 2023 17:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29522
IP address blocks: 193.143.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:92:88:14:bf:7c:e2:b5:e5:8d:5f:5e:ed:53:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Validity
Not Before: Jan 2 17:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6951dfe06e66a712ea920363314c70a765a1cb54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:20:51:01:4e:0a:b4:6c:4b:98:76:bc:0d:
85:4a:b6:27:65:50:71:b7:50:27:a3:ec:d6:f3:98:
0c:f0:69:2d:b8:17:83:9a:00:f5:76:76:04:1f:89:
6d:bc:59:c2:4f:2d:88:5a:a6:65:77:8e:2a:e8:4a:
ca:8a:6c:0c:cf:02:0e:43:c2:ab:13:bc:15:f9:4f:
ed:ae:55:5b:a5:94:4b:d4:c4:c1:bc:14:3c:9d:14:
36:49:b9:48:96:85:04:bc:40:a9:c3:9a:49:78:48:
25:1b:ca:25:24:88:9c:78:19:78:31:5d:10:ea:96:
b9:9c:60:0d:6b:62:dd:7e:95:a8:98:0e:d9:88:ad:
41:93:fa:3a:a8:1d:b8:ef:f8:1b:40:af:0a:7f:e1:
9e:b6:91:49:63:5b:d4:c9:d2:2a:60:e7:40:df:5e:
86:0c:1b:53:ba:77:d4:26:d9:46:c5:2c:60:98:c7:
cb:dc:38:2d:42:a8:37:40:b8:36:42:0f:02:cd:85:
80:4c:2d:64:92:51:4e:c3:a1:ff:5f:68:1f:e5:a8:
77:47:82:aa:65:d8:6c:80:81:c2:56:8b:f6:b4:44:
09:9b:ab:ff:95:1c:91:8f:0d:50:a5:05:e9:1f:90:
bd:73:a8:4c:b6:ed:97:d4:39:75:b6:50:36:3f:25:
b5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:51:DF:E0:6E:66:A7:12:EA:92:03:63:31:4C:70:A7:65:A1:CB:54
X509v3 Authority Key Identifier:
keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/aVHf4G5mpxLqkgNjMUxwp2Why1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.77.0/24
Signature Algorithm: sha256WithRSAEncryption
90:41:32:f7:79:fb:e7:98:cf:06:b7:2c:36:24:68:99:dd:98:
10:5d:59:15:26:1a:11:18:7f:02:9d:47:62:39:72:bf:d6:07:
2c:0f:d0:37:8a:75:f7:28:6e:a1:9f:59:50:d8:7b:ec:e6:24:
b2:89:d1:7e:c1:cd:be:64:60:14:98:d2:4b:f1:b7:f3:91:32:
e2:9e:5e:3a:84:f3:7b:8e:25:a6:45:f0:d3:4d:06:45:27:0a:
1a:1f:06:64:6b:0f:29:30:b1:e6:d4:81:45:76:64:83:38:11:
a5:70:96:c7:c8:26:73:11:a7:ac:f0:4d:63:fb:18:7b:88:5a:
2e:99:d8:64:92:df:fb:41:70:8b:91:62:cc:52:cd:72:b9:a1:
ae:1b:be:38:3c:81:be:fd:a7:13:c2:e4:cd:d4:23:9f:75:92:
9e:18:8b:79:de:87:b5:61:3f:67:c3:77:94:af:53:d1:38:da:
c7:0b:4d:dc:1e:ee:44:96:43:cd:71:24:0b:e7:c0:a6:c6:f9:
3e:0b:f7:17:89:59:84:ce:f2:0a:52:e4:05:e3:af:53:bb:4f:
a4:11:2f:e3:66:f8:2a:33:41:d0:05:d3:b4:ba:c4:6e:67:0c:
92:3a:b8:97:ca:98:f7:7b:95:27:3b:6e:50:96:05:62:92:4d:
1d:2e:fc:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzepKIFL984rXljV9e7VNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk
NDNjZDAwHhcNMjMwMTAyMTcxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTUxZGZlMDZlNjZhNzEyZWE5MjAzNjMzMTRjNzBhNzY1YTFjYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFsgUQFOCrRsS5h2vA2FSrYnZVBx
t1Ano+zW85gM8GktuBeDmgD1dnYEH4ltvFnCTy2IWqZld44q6ErKimwMzwIOQ8Kr
E7wV+U/trlVbpZRL1MTBvBQ8nRQ2SblIloUEvECpw5pJeEglG8olJIiceBl4MV0Q
6pa5nGANa2LdfpWomA7ZiK1Bk/o6qB247/gbQK8Kf+GetpFJY1vUydIqYOdA316G
DBtTunfUJtlGxSxgmMfL3DgtQqg3QLg2Qg8CzYWATC1kklFOw6H/X2gf5ah3R4Kq
ZdhsgIHCVov2tEQJm6v/lRyRjw1QpQXpH5C9c6hMtu2X1Dl1tlA2PyW1NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGlR3+BuZqcS6pIDYzFMcKdloctUMB8GA1UdIwQY
MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It
ZDkyMjQ4YWFiZTJkLzEvYVZIZjRHNW1weExxa2dOak1VeHdwMldoeTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk
LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY9NMA0G
CSqGSIb3DQEBCwUAA4IBAQCQQTL3efvnmM8Gtyw2JGiZ3ZgQXVkVJhoRGH8CnUdi
OXK/1gcsD9A3inX3KG6hn1lQ2Hvs5iSyidF+wc2+ZGAUmNJL8bfzkTLinl46hPN7
jiWmRfDTTQZFJwoaHwZkaw8pMLHm1IFFdmSDOBGlcJbHyCZzEaes8E1j+xh7iFou
mdhkkt/7QXCLkWLMUs1yuaGuG744PIG+/acTwuTN1COfdZKeGIt53oe1YT9nw3eU
r1PRONrHC03cHu5ElkPNcSQL58Cmxvk+C/cXiVmEzvIKUuQF469Tu0+kES/jZvgq
M0HQBdO0usRuZwySOriXypj3e5UnO25QlgVikk0dLvwa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:01 2025 by rpki-client