Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/U-WyHpOZ8ip-xEG6YjrmBwnW1Qk.roa
File: U-WyHpOZ8ip-xEG6YjrmBwnW1Qk.roa (raw, json)
Hash identifier: RGSb535TJNQeW/qhGJTZh5AGmnU4RxshciNsmKDFhvo=
Subject key identifier: 53:E5:B2:1E:93:99:F2:2A:7E:C4:41:BA:62:3A:E6:07:09:D6:D5:09
Certificate issuer: /CN=bfbb03016c83cea8aa4fa9c36a3643a565cc93e6
Certificate serial: 0184EC32263FA0D79FB1EA45DA9EE3663E8D
Authority key identifier: BF:BB:03:01:6C:83:CE:A8:AA:4F:A9:C3:6A:36:43:A5:65:CC:93:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7sDAWyDzqiqT6nDajZDpWXMk-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/U-WyHpOZ8ip-xEG6YjrmBwnW1Qk.roa
Signing time: Wed 07 Dec 2022 10:47:00 +0000
ROA not before: Wed 07 Dec 2022 10:47:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20676
IP address blocks: 193.100.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:32:26:3f:a0:d7:9f:b1:ea:45:da:9e:e3:66:3e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfbb03016c83cea8aa4fa9c36a3643a565cc93e6
Validity
Not Before: Dec 7 10:47:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53e5b21e9399f22a7ec441ba623ae60709d6d509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5a:b2:c2:51:16:e0:2e:40:18:d6:37:f4:d1:
3b:e3:b0:f9:f5:2f:d0:bd:95:ce:82:17:cf:50:9a:
4b:f8:c5:b7:92:9f:55:5d:30:84:11:19:9f:8e:2c:
be:b5:5c:a1:63:77:b2:8e:04:1f:6c:a3:7e:c1:aa:
e6:b5:20:4d:d1:c9:c3:9f:3f:11:59:b5:a3:cc:82:
4b:4d:01:20:d2:12:d0:80:9c:d4:39:fd:bc:9a:8d:
23:a7:82:19:e6:bc:d2:a2:a6:6c:67:eb:ee:63:d0:
79:f6:21:a1:0c:cf:92:cf:f5:4d:f7:32:46:c5:9f:
27:3f:1b:02:10:58:26:20:b7:70:24:00:cc:78:20:
db:bc:d8:9d:e0:4e:16:05:7c:ca:d2:94:35:44:31:
b2:ca:b2:53:58:3f:29:dc:a1:d1:fe:0a:30:b5:22:
04:b7:3c:8a:92:60:37:b1:e4:a0:03:3b:3d:18:36:
9a:f2:48:86:ca:40:fb:08:52:1c:95:e6:2e:84:74:
4e:53:c3:d9:73:fa:31:cf:80:e1:c8:ec:77:45:d3:
39:7b:51:c1:9e:3a:14:7c:74:0e:7b:02:be:6c:6d:
6e:37:19:5e:3d:03:98:cb:aa:9e:5c:83:69:12:0e:
74:c4:76:57:a1:65:26:da:8d:a4:43:93:48:02:1f:
5d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E5:B2:1E:93:99:F2:2A:7E:C4:41:BA:62:3A:E6:07:09:D6:D5:09
X509v3 Authority Key Identifier:
keyid:BF:BB:03:01:6C:83:CE:A8:AA:4F:A9:C3:6A:36:43:A5:65:CC:93:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7sDAWyDzqiqT6nDajZDpWXMk-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/U-WyHpOZ8ip-xEG6YjrmBwnW1Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/v7sDAWyDzqiqT6nDajZDpWXMk-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.100.209.0/24
Signature Algorithm: sha256WithRSAEncryption
04:7d:68:03:40:43:2f:ec:6d:c8:99:01:bf:98:4f:5d:b7:7a:
35:16:da:bf:de:c8:ee:9b:8f:a0:81:0b:9b:bc:26:05:ef:03:
59:d9:2b:b9:9a:d3:43:a4:a7:f0:20:f7:d2:68:39:c0:d4:30:
b7:34:4d:ab:9d:3c:b4:b7:6c:e3:7f:28:c9:1a:3d:fa:b4:73:
e0:18:bc:39:d0:ba:98:3d:ec:53:78:55:3a:e0:6a:80:ea:1f:
71:66:b6:ed:70:f3:48:01:f1:66:cd:db:84:57:52:96:59:fb:
e6:81:fc:4c:aa:11:06:99:91:cf:cd:d3:a9:59:ba:cf:11:9e:
21:13:e2:5a:ea:f4:bd:72:f4:81:66:d5:79:d8:da:e7:f4:b2:
d5:0c:89:7f:c5:d7:4b:87:e7:f8:a5:e7:a8:51:d0:f8:e8:55:
df:a7:ba:ca:84:a8:4e:7b:03:8a:00:cb:5f:5a:41:58:c8:0b:
d1:4b:c0:82:ae:8b:41:7b:81:d6:a5:60:dd:e0:3e:ef:cd:09:
ac:75:01:8d:d9:4a:70:dc:13:fc:d6:74:d3:13:2c:94:2c:0f:
e5:31:e6:44:a9:2e:60:79:5b:c3:5d:32:2e:a1:6a:ad:d8:8d:
dd:33:a6:c2:aa:74:79:05:f4:1a:28:7c:e8:f3:e0:4c:f2:c7:
46:8d:c8:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTsMiY/oNefsepF2p7jZj6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYmIwMzAxNmM4M2NlYThhYTRmYTljMzZhMzY0M2E1NjVj
YzkzZTYwHhcNMjIxMjA3MTA0NzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2U1YjIxZTkzOTlmMjJhN2VjNDQxYmE2MjNhZTYwNzA5ZDZkNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1qywlEW4C5AGNY39NE747D59S/Q
vZXOghfPUJpL+MW3kp9VXTCEERmfjiy+tVyhY3eyjgQfbKN+warmtSBN0cnDnz8R
WbWjzIJLTQEg0hLQgJzUOf28mo0jp4IZ5rzSoqZsZ+vuY9B59iGhDM+Sz/VN9zJG
xZ8nPxsCEFgmILdwJADMeCDbvNid4E4WBXzK0pQ1RDGyyrJTWD8p3KHR/gowtSIE
tzyKkmA3seSgAzs9GDaa8kiGykD7CFIcleYuhHROU8PZc/oxz4DhyOx3RdM5e1HB
njoUfHQOewK+bG1uNxlePQOYy6qeXINpEg50xHZXoWUm2o2kQ5NIAh9dIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPlsh6TmfIqfsRBumI65gcJ1tUJMB8GA1UdIwQY
MBaAFL+7AwFsg86oqk+pw2o2Q6VlzJPmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdzREFXeUR6cWlxVDZuRGFqWkRwV1hNay1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zZjNlNTctMGUwMC00ZjJmLTk3NmIt
NDE0ZjA5YjkyYzE1LzEvVS1XeUhwT1o4aXAteEVHNllqcm1Cd25XMVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zZjNlNTctMGUwMC00ZjJmLTk3NmItNDE0ZjA5YjkyYzE1
LzEvdjdzREFXeUR6cWlxVDZuRGFqWkRwV1hNay1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWTRMA0G
CSqGSIb3DQEBCwUAA4IBAQAEfWgDQEMv7G3ImQG/mE9dt3o1Ftq/3sjum4+ggQub
vCYF7wNZ2Su5mtNDpKfwIPfSaDnA1DC3NE2rnTy0t2zjfyjJGj36tHPgGLw50LqY
PexTeFU64GqA6h9xZrbtcPNIAfFmzduEV1KWWfvmgfxMqhEGmZHPzdOpWbrPEZ4h
E+Ja6vS9cvSBZtV52Nrn9LLVDIl/xddLh+f4peeoUdD46FXfp7rKhKhOewOKAMtf
WkFYyAvRS8CCrotBe4HWpWDd4D7vzQmsdQGN2Upw3BP81nTTEyyULA/lMeZEqS5g
eVvDXTIuoWqt2I3dM6bCqnR5BfQaKHzo8+BM8sdGjcjB
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:21:33 2025 by rpki-client