Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/CcuV8UxSMLiVRRTsAx7IAm8KySM.roa
File: CcuV8UxSMLiVRRTsAx7IAm8KySM.roa (raw, json)
Hash identifier: mRAnYMwgIVxXIqvLmDLCy0toS6miI77Z8PGlBXn3y2Y=
Subject key identifier: 09:CB:95:F1:4C:52:30:B8:95:45:14:EC:03:1E:C8:02:6F:0A:C9:23
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 0182EA9985676CC812424E7870A2D78F3642
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/CcuV8UxSMLiVRRTsAx7IAm8KySM.roa
Signing time: Mon 29 Aug 2022 17:15:05 +0000
ROA not before: Mon 29 Aug 2022 17:15:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 193.168.141.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:99:85:67:6c:c8:12:42:4e:78:70:a2:d7:8f:36:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Aug 29 17:15:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09cb95f14c5230b8954514ec031ec8026f0ac923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:79:e5:25:96:56:bc:e0:e5:8d:43:d0:12:bf:
79:9d:b9:e6:44:4d:1c:42:b9:15:da:dd:d6:fc:fe:
61:83:bf:37:10:3a:1b:da:d3:6f:33:07:79:70:2f:
0d:86:70:07:e0:41:ea:94:ad:0f:26:36:c0:5e:14:
9f:54:cd:a1:e8:20:4a:f0:fa:ca:7b:a7:69:8c:fc:
34:a0:5c:55:4c:7d:8c:01:34:0e:b8:2d:12:f1:97:
24:7f:e5:56:31:01:d3:ed:f8:ce:7c:df:1b:22:14:
6c:78:61:38:46:d0:6f:fd:47:dc:83:41:fc:01:4f:
c3:89:c6:a3:38:76:e3:da:20:21:9d:e8:bb:9e:fe:
57:bf:d7:6d:85:73:0d:98:80:3b:ba:03:94:b2:3b:
dc:6f:00:82:61:c2:04:79:1d:1c:51:e8:4a:70:5f:
d1:e7:7e:eb:46:5d:99:fa:ff:e0:74:50:c3:f0:e4:
ea:9c:9b:53:46:88:a2:12:dd:95:2f:47:ec:fe:88:
d6:19:e4:e6:f2:a3:23:ff:80:14:90:7d:6c:6b:62:
3d:08:5a:bd:fb:4f:1e:8f:90:8e:d2:9c:24:80:ec:
e9:a1:03:3d:d1:7c:a6:f9:1e:b5:33:93:6a:a4:da:
10:72:29:7e:77:95:2b:13:b3:66:e7:48:f6:ff:bc:
5c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CB:95:F1:4C:52:30:B8:95:45:14:EC:03:1E:C8:02:6F:0A:C9:23
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/CcuV8UxSMLiVRRTsAx7IAm8KySM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.141.0-193.168.143.255
Signature Algorithm: sha256WithRSAEncryption
4e:43:4c:78:b0:ab:35:b8:44:71:4e:8b:14:1e:4c:f2:dd:5e:
cc:32:25:59:ce:d0:0d:0c:04:1e:c1:c8:88:c1:15:fb:ea:c1:
f8:7d:5b:3b:7d:30:4c:41:0d:a4:1f:84:11:4b:18:51:5b:7d:
fa:ba:88:68:10:a1:48:c5:dc:2d:e1:f6:02:13:5d:d7:63:61:
a2:f0:89:41:cf:aa:25:54:6d:2d:85:68:7f:fd:95:99:4d:b3:
68:62:15:16:43:d5:13:0f:2e:3c:9b:14:99:e3:c0:11:ef:49:
64:08:f6:68:e1:8c:15:ca:2c:42:7e:41:00:35:a7:cc:bb:8b:
1d:a5:99:5c:5c:ee:45:f6:41:b8:3a:78:13:6c:2e:19:c2:3c:
92:8e:75:ce:d1:fa:8f:56:84:c2:23:29:63:c6:4e:7c:ec:3b:
51:45:d6:61:56:a0:2f:7b:21:59:ba:be:0d:48:94:c0:8d:5e:
56:5b:69:07:1d:e7:64:77:43:e5:eb:5c:8e:4b:e5:a7:da:f2:
f6:b4:9e:8b:4e:9f:0c:27:d8:3d:8d:f4:c9:64:5b:15:76:97:
60:9b:05:59:76:4e:54:95:b6:3b:70:ea:c9:54:0c:2b:df:90:
da:ba:75:c1:40:7d:c2:1e:da:d9:2d:ae:10:f6:c5:de:20:3c:
43:42:42:e8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLqmYVnbMgSQk54cKLXjzZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTA2OWE1ZDc2NGRhMjU1OTU0ZGIyZWU5ZDEyNDNkZTE2
YjkxMDEwHhcNMjIwODI5MTcxNTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWNiOTVmMTRjNTIzMGI4OTU0NTE0ZWMwMzFlYzgwMjZmMGFjOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXnlJZZWvODljUPQEr95nbnmRE0c
QrkV2t3W/P5hg783EDob2tNvMwd5cC8NhnAH4EHqlK0PJjbAXhSfVM2h6CBK8PrK
e6dpjPw0oFxVTH2MATQOuC0S8Zckf+VWMQHT7fjOfN8bIhRseGE4RtBv/Ufcg0H8
AU/DicajOHbj2iAhnei7nv5Xv9dthXMNmIA7ugOUsjvcbwCCYcIEeR0cUehKcF/R
537rRl2Z+v/gdFDD8OTqnJtTRoiiEt2VL0fs/ojWGeTm8qMj/4AUkH1sa2I9CFq9
+08ej5CO0pwkgOzpoQM90Xym+R61M5NqpNoQcil+d5UrE7Nm50j2/7xcNQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAnLlfFMUjC4lUUU7AMeyAJvCskjMB8GA1UdIwQY
MBaAFJJQaaXXZNolWVTbLunRJD3ha5EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTkt
YTliOGRlNjExYTk2LzEvQ2N1VjhVeFNNTGlWUlJUc0F4N0lBbThLeVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTktYTliOGRlNjExYTk2
LzEva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBqI0D
BATBqIAwDQYJKoZIhvcNAQELBQADggEBAE5DTHiwqzW4RHFOixQeTPLdXswyJVnO
0A0MBB7ByIjBFfvqwfh9Wzt9MExBDaQfhBFLGFFbffq6iGgQoUjF3C3h9gITXddj
YaLwiUHPqiVUbS2FaH/9lZlNs2hiFRZD1RMPLjybFJnjwBHvSWQI9mjhjBXKLEJ+
QQA1p8y7ix2lmVxc7kX2Qbg6eBNsLhnCPJKOdc7R+o9WhMIjKWPGTnzsO1FF1mFW
oC97IVm6vg1IlMCNXlZbaQcd52R3Q+XrXI5L5afa8va0notOnwwn2D2N9MlkWxV2
l2CbBVl2TlSVtjtw6slUDCvfkNq6dcFAfcIe2tktrhD2xd4gPENCQug=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:01 2025 by rpki-client