Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/5FDRpXcZXqO6HjslKlkK7QLvmtg.roa
File: 5FDRpXcZXqO6HjslKlkK7QLvmtg.roa (raw, json)
Hash identifier: IYRq6MSo1GtLZWHwx2VS+jNcanoQKHs1hDXgg8MMKQY=
Subject key identifier: E4:50:D1:A5:77:19:5E:A3:BA:1E:3B:25:2A:59:0A:ED:02:EF:9A:D8
Certificate issuer: /CN=77292dc63718eebc704ab002ecb81d3d52d4d1c3
Certificate serial: 018C81AA3B8AD3F34B54136D03D745816B71
Authority key identifier: 77:29:2D:C6:37:18:EE:BC:70:4A:B0:02:EC:B8:1D:3D:52:D4:D1:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dyktxjcY7rxwSrAC7LgdPVLU0cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/5FDRpXcZXqO6HjslKlkK7QLvmtg.roa
Signing time: Tue 19 Dec 2023 10:41:06 +0000
ROA not before: Tue 19 Dec 2023 10:41:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15435
IP address blocks: 193.176.104.0/21 maxlen: 24
2001:67c:460::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:aa:3b:8a:d3:f3:4b:54:13:6d:03:d7:45:81:6b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77292dc63718eebc704ab002ecb81d3d52d4d1c3
Validity
Not Before: Dec 19 10:41:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e450d1a577195ea3ba1e3b252a590aed02ef9ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:2f:0e:44:95:b8:1a:f5:4d:4b:5d:30:b9:
3b:41:94:25:4c:ae:2b:fe:dc:df:c2:bd:b1:6a:a7:
33:26:73:6b:ea:8a:1d:5c:9d:9a:f3:b3:a2:81:1f:
39:6b:4e:70:c4:62:7d:a8:cf:54:ba:fd:13:3f:ab:
40:8f:3f:31:67:f8:a3:38:56:2d:86:da:65:88:45:
a1:64:5f:4a:10:c5:0a:56:41:a3:0c:06:c5:88:d2:
b9:ad:63:06:c1:da:00:91:29:b4:df:b8:cb:e2:60:
67:ec:3c:f6:02:6d:08:9e:52:76:a1:0f:7e:9b:d9:
c7:8e:19:52:18:ef:62:ce:5f:d0:0c:6c:66:b0:ab:
07:6d:bb:d0:d1:df:cf:5f:f7:1d:c8:0c:fa:6a:ea:
4c:e3:47:55:7a:45:48:34:83:2d:7c:66:82:02:9c:
63:3d:3e:5c:d5:b2:f5:6e:8c:a9:6e:1f:61:b0:8a:
92:3d:97:32:f8:06:56:e7:27:9c:8f:03:6e:d8:01:
89:17:c1:f4:f3:87:d2:c7:59:41:a2:0e:79:e6:d9:
81:7b:68:da:59:ee:a5:d2:ee:d2:7e:75:9e:db:de:
ae:59:ef:0a:7d:6c:b1:1d:e1:d5:b1:ec:d9:74:4f:
87:fb:70:e1:a4:b6:56:45:18:96:3e:29:74:83:6f:
f5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:50:D1:A5:77:19:5E:A3:BA:1E:3B:25:2A:59:0A:ED:02:EF:9A:D8
X509v3 Authority Key Identifier:
keyid:77:29:2D:C6:37:18:EE:BC:70:4A:B0:02:EC:B8:1D:3D:52:D4:D1:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dyktxjcY7rxwSrAC7LgdPVLU0cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/5FDRpXcZXqO6HjslKlkK7QLvmtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/dyktxjcY7rxwSrAC7LgdPVLU0cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.104.0/21
IPv6:
2001:67c:460::/48
Signature Algorithm: sha256WithRSAEncryption
91:97:9e:65:ae:6e:4d:29:c5:28:b9:ae:42:c8:bc:95:a7:0f:
b3:2b:a5:31:5b:65:46:b5:77:d1:28:83:35:a1:83:02:c9:95:
a7:0e:5e:b5:0a:63:9e:c5:b5:00:fb:b9:06:95:a8:c2:4c:e2:
81:03:bc:b0:25:7c:af:2e:20:b5:c3:75:c1:55:4d:a5:e1:fd:
ca:91:f3:05:a1:08:55:3f:a1:07:c6:68:98:cd:3b:7c:ae:bb:
ad:bf:14:90:29:e6:6e:94:de:31:98:de:33:53:2c:72:c5:6d:
58:ce:05:8c:0f:47:7a:de:c0:07:7b:65:dd:61:f5:74:38:ab:
04:08:f8:46:39:d1:45:79:08:2b:18:2a:84:41:14:35:75:fe:
ec:af:a9:65:02:1c:2e:ae:6d:5f:d4:18:38:4b:7a:0e:b0:cb:
92:d9:11:8e:33:62:fc:8d:69:48:f4:c6:d6:77:75:6a:cb:7a:
78:01:05:db:b0:cd:88:0c:ca:d4:6c:26:73:6d:49:db:29:17:
9d:7e:2d:04:3f:73:2f:cc:56:8a:ed:d7:21:f2:98:09:1b:e8:
76:f5:37:2b:35:6d:f7:fb:78:ec:6c:37:77:76:47:0c:39:e1:
be:ca:3b:b2:72:b6:ea:9d:bf:ef:d5:93:a0:fa:13:d3:e4:d2:
b7:eb:2b:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyBqjuK0/NLVBNtA9dFgWtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjkyZGM2MzcxOGVlYmM3MDRhYjAwMmVjYjgxZDNkNTJk
NGQxYzMwHhcNMjMxMjE5MTA0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDUwZDFhNTc3MTk1ZWEzYmExZTNiMjUyYTU5MGFlZDAyZWY5YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqkvDkSVuBr1TUtdMLk7QZQlTK4r
/tzfwr2xaqczJnNr6oodXJ2a87OigR85a05wxGJ9qM9Uuv0TP6tAjz8xZ/ijOFYt
htpliEWhZF9KEMUKVkGjDAbFiNK5rWMGwdoAkSm037jL4mBn7Dz2Am0InlJ2oQ9+
m9nHjhlSGO9izl/QDGxmsKsHbbvQ0d/PX/cdyAz6aupM40dVekVINIMtfGaCApxj
PT5c1bL1boypbh9hsIqSPZcy+AZW5yecjwNu2AGJF8H084fSx1lBog555tmBe2ja
We6l0u7SfnWe296uWe8KfWyxHeHVsezZdE+H+3DhpLZWRRiWPil0g2/11wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFORQ0aV3GV6juh47JSpZCu0C75rYMB8GA1UdIwQY
MBaAFHcpLcY3GO68cEqwAuy4HT1S1NHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlrdHhqY1k3cnh3U3JBQzdMZ2RQVkxVMGNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82NTc2NGEtZGQ4ZS00MDFiLWI3MzEt
ZDljNWQyNjQxOWIyLzEvNUZEUnBYY1pYcU82SGpzbEtsa0s3UUx2bXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82NTc2NGEtZGQ4ZS00MDFiLWI3MzEtZDljNWQyNjQxOWIy
LzEvZHlrdHhqY1k3cnh3U3JBQzdMZ2RQVkxVMGNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwbBoMA8E
AgACMAkDBwAgAQZ8BGAwDQYJKoZIhvcNAQELBQADggEBAJGXnmWubk0pxSi5rkLI
vJWnD7MrpTFbZUa1d9EogzWhgwLJlacOXrUKY57FtQD7uQaVqMJM4oEDvLAlfK8u
ILXDdcFVTaXh/cqR8wWhCFU/oQfGaJjNO3yuu62/FJAp5m6U3jGY3jNTLHLFbVjO
BYwPR3rewAd7Zd1h9XQ4qwQI+EY50UV5CCsYKoRBFDV1/uyvqWUCHC6ubV/UGDhL
eg6wy5LZEY4zYvyNaUj0xtZ3dWrLengBBduwzYgMytRsJnNtSdspF51+LQQ/cy/M
Vort1yHymAkb6Hb1Nys1bff7eOxsN3d2Rww54b7KO7Jytuqdv+/Vk6D6E9Pk0rfr
K/E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:45 2025 by rpki-client