Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/s19N22ltTmtCxmfbrVZX0xatRBY.roa
File: s19N22ltTmtCxmfbrVZX0xatRBY.roa (raw, json)
Hash identifier: gtA7nj7weqQa5tmrDavwCxS190KCgzHffF5KjQKCQjo=
Subject key identifier: B3:5F:4D:DB:69:6D:4E:6B:42:C6:67:DB:AD:56:57:D3:16:AD:44:16
Certificate issuer: /CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Certificate serial: 01857328148F0D3FE69050705C5F47917B51
Authority key identifier: 18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/s19N22ltTmtCxmfbrVZX0xatRBY.roa
Signing time: Mon 02 Jan 2023 15:44:44 +0000
ROA not before: Mon 02 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60154
IP address blocks: 193.0.184.0/24 maxlen: 24
193.0.212.0/24 maxlen: 24
193.0.129.0/24 maxlen: 24
192.251.230.0/24 maxlen: 24
2a0f:7ac0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:14:8f:0d:3f:e6:90:50:70:5c:5f:47:91:7b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Validity
Not Before: Jan 2 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b35f4ddb696d4e6b42c667dbad5657d316ad4416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:03:a5:2a:61:7e:3e:5c:66:8b:a3:ad:80:41:
61:9e:2e:59:bf:29:b0:d0:72:c2:62:66:30:96:c1:
e4:2d:0d:03:05:49:9e:e8:d1:c4:06:3e:2b:84:c8:
a5:ae:ac:be:72:ff:64:94:9e:e5:63:54:da:68:4e:
d2:a5:55:51:87:57:28:8f:75:3b:07:87:7c:ac:2c:
31:f0:af:95:1e:7f:8c:01:62:e4:f7:dc:e9:10:f5:
80:0a:8d:08:fe:51:a5:1b:26:60:54:b0:0d:c1:77:
b7:27:ff:8b:de:d2:75:78:1a:e1:89:78:d9:a9:db:
2a:d0:d1:9c:95:48:8d:5c:99:a7:56:82:fc:27:cd:
f2:61:d1:35:12:b8:d8:a1:a9:9a:75:80:12:42:c7:
63:03:56:95:83:fc:f5:5a:7d:c1:00:08:ae:86:2b:
b9:52:b0:d6:ee:a9:5e:f3:5a:4b:0e:dd:73:66:1b:
1b:9c:42:74:1f:2f:13:14:81:a3:c9:5e:fb:f8:8d:
44:9c:77:74:8c:5d:56:f1:6f:d6:b6:83:86:ed:c9:
b7:db:07:5b:ed:e3:23:5a:45:cc:59:b7:cc:55:77:
85:f7:ef:67:bf:f4:0c:99:cd:71:ad:3a:43:27:94:
c7:88:a0:15:2d:ea:58:d5:6f:02:f6:c0:49:39:5a:
d8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5F:4D:DB:69:6D:4E:6B:42:C6:67:DB:AD:56:57:D3:16:AD:44:16
X509v3 Authority Key Identifier:
keyid:18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/s19N22ltTmtCxmfbrVZX0xatRBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.251.230.0/24
193.0.129.0/24
193.0.184.0/24
193.0.212.0/24
IPv6:
2a0f:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:6a:d3:d6:81:57:cf:13:00:f5:2e:26:b4:02:00:6a:3a:e8:
57:01:4c:48:c9:42:5b:81:20:b4:fe:d7:c8:20:a5:11:9d:fe:
83:ca:97:01:9f:94:60:50:18:15:44:a7:ee:c4:b0:db:5a:ab:
b9:a6:31:e6:42:b3:a8:0a:f8:73:a5:87:76:9c:97:99:d1:40:
be:f1:97:57:64:36:4e:ee:3b:63:a7:5e:fb:79:92:41:ff:33:
14:10:06:19:15:62:89:18:b0:96:02:46:b5:74:3f:17:58:d0:
8c:1f:a1:02:c6:90:ca:49:5e:99:18:e8:68:fe:2d:60:aa:48:
6d:ac:0b:c6:05:71:f0:7c:12:9d:ae:f0:c5:00:22:c1:fa:5a:
d4:ee:2b:b7:b1:36:1c:c8:f5:89:fa:7c:69:2c:93:60:d2:d3:
9f:f2:55:d1:dc:9e:bf:1a:28:0c:36:13:b3:79:7a:bf:63:11:
c4:fc:00:5d:19:26:70:4d:5c:c1:9b:43:1b:c4:ab:5b:2f:9b:
14:b2:74:2b:d8:21:e2:1e:75:ec:ae:7d:9c:94:35:10:c7:08:
e8:03:be:62:8f:0f:67:86:e8:7b:b9:7f:7b:2f:7b:78:d5:52:
8b:f9:5d:40:24:b5:10:39:92:eb:e3:e4:4e:62:15:21:6d:5a:
76:18:56:8d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzKBSPDT/mkFBwXF9HkXtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTdhNWVjMThjNGYyYzQ0Nzg0YWRjNTAzODM1NmJlNWFl
ODk0MjkwHhcNMjMwMTAyMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzVmNGRkYjY5NmQ0ZTZiNDJjNjY3ZGJhZDU2NTdkMzE2YWQ0NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AOlKmF+Plxmi6OtgEFhni5Zvymw
0HLCYmYwlsHkLQ0DBUme6NHEBj4rhMilrqy+cv9klJ7lY1TaaE7SpVVRh1coj3U7
B4d8rCwx8K+VHn+MAWLk99zpEPWACo0I/lGlGyZgVLANwXe3J/+L3tJ1eBrhiXjZ
qdsq0NGclUiNXJmnVoL8J83yYdE1ErjYoamadYASQsdjA1aVg/z1Wn3BAAiuhiu5
UrDW7qle81pLDt1zZhsbnEJ0Hy8TFIGjyV77+I1EnHd0jF1W8W/WtoOG7cm32wdb
7eMjWkXMWbfMVXeF9+9nv/QMmc1xrTpDJ5THiKAVLepY1W8C9sBJOVrYsQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLNfTdtpbU5rQsZn261WV9MWrUQWMB8GA1UdIwQY
MBaAFBgXpewYxPLER4StxQODVr5a6JQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEt
NmJkODAyMmQyZWFlLzEvczE5TjIybHRUbXRDeG1mYnJWWlgweGF0UkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEtNmJkODAyMmQyZWFl
LzEvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwPvmAwQA
wQCBAwQAwQC4AwQAwQDUMA0EAgACMAcDBQMqD3rAMA0GCSqGSIb3DQEBCwUAA4IB
AQA9atPWgVfPEwD1Lia0AgBqOuhXAUxIyUJbgSC0/tfIIKURnf6DypcBn5RgUBgV
RKfuxLDbWqu5pjHmQrOoCvhzpYd2nJeZ0UC+8ZdXZDZO7jtjp177eZJB/zMUEAYZ
FWKJGLCWAka1dD8XWNCMH6ECxpDKSV6ZGOho/i1gqkhtrAvGBXHwfBKdrvDFACLB
+lrU7iu3sTYcyPWJ+nxpLJNg0tOf8lXR3J6/GigMNhOzeXq/YxHE/ABdGSZwTVzB
m0MbxKtbL5sUsnQr2CHiHnXsrn2clDUQxwjoA75ijw9nhuh7uX97L3t41VKL+V1A
JLUQOZLr4+ROYhUhbVp2GFaN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:41 2025 by rpki-client