Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/U2A1ficfx6ZCyQ6Ql_VWnYe2zrM.roa
File: U2A1ficfx6ZCyQ6Ql_VWnYe2zrM.roa (raw, json)
Hash identifier: d6WAG6EqeI8aiInp89xKmarynlC2N7Qb3sUZM2ekDF0=
Subject key identifier: 53:60:35:7E:27:1F:C7:A6:42:C9:0E:90:97:F5:56:9D:87:B6:CE:B3
Certificate issuer: /CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Certificate serial: 0184ED2203B52CB4FD91BF2FE478B2F9DE64
Authority key identifier: 1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/U2A1ficfx6ZCyQ6Ql_VWnYe2zrM.roa
Signing time: Wed 07 Dec 2022 15:09:00 +0000
ROA not before: Wed 07 Dec 2022 15:09:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201579
IP address blocks: 193.138.195.0/24 maxlen: 24
2a13:2480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:22:03:b5:2c:b4:fd:91:bf:2f:e4:78:b2:f9:de:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Validity
Not Before: Dec 7 15:09:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5360357e271fc7a642c90e9097f5569d87b6ceb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:9a:f7:f8:fa:27:06:13:fc:25:15:f1:76:
43:38:93:8b:82:76:ad:aa:c1:33:94:0b:3a:52:5c:
62:4a:ca:d8:bc:dd:66:90:da:81:45:9f:ca:30:3e:
3f:09:5d:76:8d:09:f8:61:f5:27:d3:d0:f1:dd:61:
60:2b:78:39:2f:13:15:41:92:49:91:4d:8a:d5:f8:
3b:03:48:fe:51:c2:b2:5c:3c:b0:b5:c0:a7:2a:78:
8c:19:9a:90:c1:93:91:f7:b5:a7:03:2e:2f:96:1a:
26:49:37:12:37:2a:45:35:39:a7:6b:89:db:47:ed:
e2:70:20:55:0b:c3:06:c0:4e:da:91:24:a9:1f:a0:
69:37:13:c2:23:ea:6f:7c:1f:ec:07:0c:4d:37:12:
af:cd:b5:30:01:2d:a4:2c:fd:dd:d6:28:74:a9:01:
83:98:55:9a:9d:45:f9:c5:9c:30:db:8f:8f:15:65:
75:ca:58:8d:3e:de:45:87:2e:a8:58:72:c2:03:bd:
d8:2e:a8:99:5b:78:b7:3f:84:72:54:24:06:b0:9c:
67:b9:c2:fd:14:8d:85:48:2e:b4:23:6d:8b:3c:15:
23:77:38:90:b3:b3:d8:4a:48:10:cc:4d:26:bd:75:
96:31:4d:18:97:64:27:39:e7:76:88:0f:4b:de:5d:
14:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:60:35:7E:27:1F:C7:A6:42:C9:0E:90:97:F5:56:9D:87:B6:CE:B3
X509v3 Authority Key Identifier:
keyid:1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/U2A1ficfx6ZCyQ6Ql_VWnYe2zrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.195.0/24
IPv6:
2a13:2480::/29
Signature Algorithm: sha256WithRSAEncryption
3d:ef:ab:37:97:b5:1b:1e:31:39:9f:1b:5e:b2:74:11:50:99:
a3:a6:d3:94:4c:2c:88:32:78:1c:a2:20:76:0f:85:33:43:98:
c5:19:be:97:cf:9e:2c:41:ce:59:e8:30:fa:68:33:b4:80:2d:
f7:cd:b1:d3:ca:95:ba:24:f6:ea:b2:41:86:32:3d:8a:c2:3c:
00:16:33:71:57:7f:41:00:b0:d4:b9:6c:ed:44:66:e6:5c:b8:
b0:f5:19:bc:1a:45:27:25:df:6b:3f:a1:5c:6c:19:00:fd:3c:
5d:bf:97:31:9c:ec:51:fe:32:4b:7b:17:a4:bd:ca:4e:b9:18:
d6:db:b4:39:a5:2f:56:cf:c6:4b:dd:86:cb:36:1b:83:e7:21:
7a:2e:a1:91:6a:76:57:85:fd:9f:9d:82:b1:47:37:6d:8c:ef:
6b:db:ca:74:af:0d:d2:38:30:e3:c1:76:0d:24:f5:15:a7:49:
ff:cf:e1:51:6d:37:cf:ea:0d:84:fa:68:75:30:32:69:c7:de:
08:80:0d:9f:38:8c:a2:5e:2f:56:ee:7b:cb:39:24:23:0b:d3:
a6:09:61:5b:ea:18:f9:90:1b:e2:93:1a:6c:b4:b7:8c:3d:1f:
e9:57:be:45:c7:eb:ab:d1:70:6d:66:15:d5:05:77:e2:0a:b5:
85:b6:f0:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTtIgO1LLT9kb8v5Hiy+d5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZTM2ZmNmYjA0N2I4YzY1M2ZmYTMyN2ZjMmNhNTExNjll
OTQ3YTQwHhcNMjIxMjA3MTUwOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzYwMzU3ZTI3MWZjN2E2NDJjOTBlOTA5N2Y1NTY5ZDg3YjZjZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjWa9/j6JwYT/CUV8XZDOJOLgnat
qsEzlAs6UlxiSsrYvN1mkNqBRZ/KMD4/CV12jQn4YfUn09Dx3WFgK3g5LxMVQZJJ
kU2K1fg7A0j+UcKyXDywtcCnKniMGZqQwZOR97WnAy4vlhomSTcSNypFNTmna4nb
R+3icCBVC8MGwE7akSSpH6BpNxPCI+pvfB/sBwxNNxKvzbUwAS2kLP3d1ih0qQGD
mFWanUX5xZww24+PFWV1yliNPt5Fhy6oWHLCA73YLqiZW3i3P4RyVCQGsJxnucL9
FI2FSC60I22LPBUjdziQs7PYSkgQzE0mvXWWMU0Yl2QnOed2iA9L3l0U0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFNgNX4nH8emQskOkJf1Vp2Hts6zMB8GA1UdIwQY
MBaAFBvjb8+wR7jGU/+jJ/wspRFp6UekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMt
ZTBjOTY2YzE1ZDVmLzEvVTJBMWZpY2Z4NlpDeVE2UWxfVlduWWUyenJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMtZTBjOTY2YzE1ZDVm
LzEvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwYrDMA0E
AgACMAcDBQMqEySAMA0GCSqGSIb3DQEBCwUAA4IBAQA976s3l7UbHjE5nxtesnQR
UJmjptOUTCyIMngcoiB2D4UzQ5jFGb6Xz54sQc5Z6DD6aDO0gC33zbHTypW6JPbq
skGGMj2KwjwAFjNxV39BALDUuWztRGbmXLiw9Rm8GkUnJd9rP6FcbBkA/Txdv5cx
nOxR/jJLexekvcpOuRjW27Q5pS9Wz8ZL3YbLNhuD5yF6LqGRanZXhf2fnYKxRzdt
jO9r28p0rw3SODDjwXYNJPUVp0n/z+FRbTfP6g2E+mh1MDJpx94IgA2fOIyiXi9W
7nvLOSQjC9OmCWFb6hj5kBvikxpstLeMPR/pV75Fx+ur0XBtZhXVBXfiCrWFtvC4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:52 2024 by rpki-client on console-fra.rpki-client.org