Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/aarhX6J8AHng2Z1IsA41w2zb7rA.roa
File: aarhX6J8AHng2Z1IsA41w2zb7rA.roa (raw, json)
Hash identifier: Xicxzi+xkvqPCN8b6ZVOmX/da4zGUuPhTP0OmdBEGeo=
Subject key identifier: 69:AA:E1:5F:A2:7C:00:79:E0:D9:9D:48:B0:0E:35:C3:6C:DB:EE:B0
Certificate issuer: /CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537
Certificate serial: 0185249EF4DA53F441692EBE01F80DFA8C25
Authority key identifier: D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/aarhX6J8AHng2Z1IsA41w2zb7rA.roa
Signing time: Sun 18 Dec 2022 09:44:35 +0000
ROA not before: Sun 18 Dec 2022 09:44:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16019
IP address blocks: 193.84.128.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:9e:f4:da:53:f4:41:69:2e:be:01:f8:0d:fa:8c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537
Validity
Not Before: Dec 18 09:44:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69aae15fa27c0079e0d99d48b00e35c36cdbeeb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:eb:10:45:a6:61:4c:ca:76:fc:96:3c:81:3e:
1a:3d:7d:02:ea:d4:a1:0c:bc:f8:18:01:65:ec:b1:
f5:5c:6e:8f:9f:6f:91:ec:0b:19:c6:42:cd:33:22:
b4:84:e3:52:3d:f6:bc:10:de:89:fa:77:ef:49:97:
b6:f3:11:5d:cd:92:49:08:9f:a9:9f:ae:74:58:19:
4b:99:45:d1:b1:8a:56:6c:52:23:05:5a:74:86:a8:
ff:63:28:da:f6:80:cb:f8:ee:f0:3a:94:b4:95:12:
eb:05:3a:34:a0:1f:ef:92:8c:27:28:f6:61:12:11:
3b:ea:e0:ce:ba:be:49:6e:31:19:ed:62:cd:84:02:
1c:78:d0:cc:fe:5a:30:44:81:68:28:c5:5a:fe:87:
13:8e:ba:de:cd:2b:29:0c:6b:bc:a4:8c:71:e1:f4:
6c:2c:c7:e4:98:03:b6:d3:9d:af:96:37:b6:fe:5d:
85:09:57:fc:d3:ec:95:eb:a5:f5:ef:c3:07:c3:59:
33:e7:d6:d3:4b:d0:71:ec:7d:95:a0:f0:cb:e2:d1:
33:46:81:53:b6:f7:17:50:10:6e:a7:02:d3:7a:a4:
a1:ce:d5:f6:d1:d8:03:05:5d:b3:e9:21:86:50:27:
7a:40:01:d1:78:12:fd:7a:cb:c5:a4:6c:7b:48:32:
43:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AA:E1:5F:A2:7C:00:79:E0:D9:9D:48:B0:0E:35:C3:6C:DB:EE:B0
X509v3 Authority Key Identifier:
keyid:D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/aarhX6J8AHng2Z1IsA41w2zb7rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.128.0/23
Signature Algorithm: sha256WithRSAEncryption
81:50:b4:1a:28:8d:56:a1:c5:82:07:71:f0:b1:a6:96:64:6e:
dc:32:c3:6a:d2:0b:ae:60:17:d5:2e:f1:8c:df:58:b3:6d:e9:
88:dc:76:cf:f2:6a:0d:2b:89:6c:f1:81:50:4e:34:70:4a:09:
c2:4d:4c:4e:60:51:07:21:f4:e3:0a:89:6e:93:23:49:78:09:
77:02:17:2a:04:ce:46:f2:dd:3d:21:9d:26:a0:4f:91:cc:56:
97:ca:e8:7c:4a:8b:cd:b2:88:6b:ad:b6:ea:f1:67:b0:6c:cd:
02:f0:fd:38:0e:e1:51:cc:a7:ea:04:26:42:33:bd:ae:d7:cf:
4e:f2:a9:a9:2c:a9:82:71:b6:03:fd:dc:50:13:04:a4:8c:ed:
21:e7:23:06:e0:83:22:2c:83:0e:26:b2:7d:9f:47:0c:d0:64:
50:7f:25:5e:18:6b:b1:40:4b:e0:eb:1f:f4:e6:e2:9a:7f:b8:
c8:c1:fb:5c:13:3e:49:52:5c:5a:ce:2e:32:ca:18:82:61:74:
2b:85:5f:5d:61:fd:0f:fb:e0:9a:ac:cf:93:95:d5:cc:90:79:
a6:69:57:ac:be:ff:6d:15:27:79:9c:75:7f:ae:35:55:03:56:
03:c9:61:a9:46:8c:2f:03:d5:0e:df:16:7c:ea:84:10:6b:72:
5e:59:73:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUknvTaU/RBaS6+AfgN+owlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM0M2EzN2VjYWQyYmZiMmMzNWJkOWIyNmQ3ZjQ4YmNi
NTc1MzcwHhcNMjIxMjE4MDk0NDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFhZTE1ZmEyN2MwMDc5ZTBkOTlkNDhiMDBlMzVjMzZjZGJlZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+sQRaZhTMp2/JY8gT4aPX0C6tSh
DLz4GAFl7LH1XG6Pn2+R7AsZxkLNMyK0hONSPfa8EN6J+nfvSZe28xFdzZJJCJ+p
n650WBlLmUXRsYpWbFIjBVp0hqj/Yyja9oDL+O7wOpS0lRLrBTo0oB/vkownKPZh
EhE76uDOur5JbjEZ7WLNhAIceNDM/lowRIFoKMVa/ocTjrrezSspDGu8pIxx4fRs
LMfkmAO2052vlje2/l2FCVf80+yV66X178MHw1kz59bTS9Bx7H2VoPDL4tEzRoFT
tvcXUBBupwLTeqShztX20dgDBV2z6SGGUCd6QAHReBL9esvFpGx7SDJDOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmq4V+ifAB54NmdSLAONcNs2+6wMB8GA1UdIwQY
MBaAFNCjQ6N+ytK/ssNb2bJtf0i8tXU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYt
YzdiMzZiOGEyNjg1LzEvYWFyaFg2SjhBSG5nMloxSXNBNDF3MnpiN3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYtYzdiMzZiOGEyNjg1
LzEvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwVSAMA0G
CSqGSIb3DQEBCwUAA4IBAQCBULQaKI1WocWCB3HwsaaWZG7cMsNq0guuYBfVLvGM
31izbemI3HbP8moNK4ls8YFQTjRwSgnCTUxOYFEHIfTjColukyNJeAl3AhcqBM5G
8t09IZ0moE+RzFaXyuh8SovNsohrrbbq8WewbM0C8P04DuFRzKfqBCZCM72u189O
8qmpLKmCcbYD/dxQEwSkjO0h5yMG4IMiLIMOJrJ9n0cM0GRQfyVeGGuxQEvg6x/0
5uKaf7jIwftcEz5JUlxazi4yyhiCYXQrhV9dYf0P++CarM+TldXMkHmmaVesvv9t
FSd5nHV/rjVVA1YDyWGpRowvA9UO3xZ86oQQa3JeWXM8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:49 2025 by rpki-client