Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/jGDxyE7HDVXsB-AwVeFG1mraLNM.roa
File: jGDxyE7HDVXsB-AwVeFG1mraLNM.roa (raw, json)
Hash identifier: 2RzhRx9uv/vD5WGUu4Foyxsji/j/Zi/mQNwwrFcFK38=
Subject key identifier: 8C:60:F1:C8:4E:C7:0D:55:EC:07:E0:30:55:E1:46:D6:6A:DA:2C:D3
Certificate issuer: /CN=b0bd68e370e7ec25bec8e01497b2138d95dc6ebc
Certificate serial: 01843C97C39E0A8E6EAA68DDF2D7A573DA1D
Authority key identifier: B0:BD:68:E3:70:E7:EC:25:BE:C8:E0:14:97:B2:13:8D:95:DC:6E:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sL1o43Dn7CW-yOAUl7ITjZXcbrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/jGDxyE7HDVXsB-AwVeFG1mraLNM.roa
Signing time: Thu 03 Nov 2022 08:24:49 +0000
ROA not before: Thu 03 Nov 2022 08:24:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8423
IP address blocks: 193.200.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:97:c3:9e:0a:8e:6e:aa:68:dd:f2:d7:a5:73:da:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0bd68e370e7ec25bec8e01497b2138d95dc6ebc
Validity
Not Before: Nov 3 08:24:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c60f1c84ec70d55ec07e03055e146d66ada2cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:13:90:09:d7:b9:04:75:63:d6:84:4c:07:e2:
fa:b9:f3:de:7e:bd:5d:52:33:9d:74:5a:4d:4d:36:
bb:0e:ec:27:a5:e2:5e:b2:1c:f8:0d:cd:37:b5:74:
b5:8c:12:31:77:c1:5f:81:b8:bb:9a:8f:d8:eb:a3:
b3:07:b8:38:08:5d:cd:98:2a:bd:35:22:57:23:93:
c5:38:6d:d4:f9:3a:ba:38:d3:9d:de:3a:47:67:35:
28:08:03:15:61:9b:a6:bb:6b:0e:0c:a0:fb:43:68:
00:35:62:a0:61:ad:f5:e4:e4:21:14:cd:e4:24:70:
6b:08:5e:07:e0:b5:ea:d3:d3:15:73:5e:b8:9e:c1:
81:e8:49:87:b0:20:fc:71:4b:1f:94:d1:51:20:3b:
24:74:ff:0b:3d:ae:50:86:79:73:7c:05:4d:1e:bc:
1b:db:d7:5b:cf:7f:69:bf:85:7d:4d:0a:2c:8c:1b:
9c:23:f3:fd:35:e3:f9:52:a1:81:02:b5:fe:4c:7d:
89:f9:68:6a:1a:5f:23:c4:99:a8:ff:7d:72:3e:60:
64:9f:56:a1:f1:5a:eb:c8:26:bf:0f:d8:94:89:f1:
f0:c8:5d:99:99:f2:59:36:31:ad:a8:0f:74:d4:a3:
c7:dd:35:ce:a1:7b:7e:cd:ff:72:7b:53:25:6f:7f:
8b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:60:F1:C8:4E:C7:0D:55:EC:07:E0:30:55:E1:46:D6:6A:DA:2C:D3
X509v3 Authority Key Identifier:
keyid:B0:BD:68:E3:70:E7:EC:25:BE:C8:E0:14:97:B2:13:8D:95:DC:6E:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sL1o43Dn7CW-yOAUl7ITjZXcbrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/jGDxyE7HDVXsB-AwVeFG1mraLNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/sL1o43Dn7CW-yOAUl7ITjZXcbrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.141.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:c5:69:24:60:e4:b9:08:e3:e6:01:6b:c4:8f:29:a7:78:fe:
95:b9:bb:a2:b8:85:2d:3a:7c:cd:81:08:2b:2f:34:3b:ff:32:
df:f3:06:13:73:25:9a:cf:c5:7e:cf:ff:62:c1:93:d6:55:a9:
a8:76:7c:df:5c:fe:ce:03:1d:ff:66:c7:ad:cf:55:54:ed:9e:
00:f1:ea:78:41:8e:9b:7d:65:e3:27:4e:b3:be:28:21:60:23:
87:c9:00:9e:38:5e:f1:7b:8a:60:a5:6d:58:83:e0:95:f3:e9:
c7:50:bb:49:9d:d1:b3:3f:88:00:ff:87:ed:58:08:96:67:b8:
27:3f:43:a3:e6:a2:22:93:fe:fe:21:8b:ec:47:74:42:23:bf:
9b:bb:51:4a:13:09:07:39:f3:9b:72:69:a7:69:2e:12:83:54:
bd:df:4f:a7:a4:2a:6e:30:09:51:c0:b4:8c:3f:0d:f1:4e:7d:
83:b9:fb:c3:01:7c:01:40:e8:f9:7e:02:15:87:35:5d:97:50:
ac:a7:87:d9:2d:dc:78:f1:46:a9:f7:64:da:7f:a4:18:4d:1b:
3d:3c:97:62:17:fb:6a:d2:48:ba:79:f4:0a:35:00:e0:eb:9d:
9e:42:f3:e7:95:91:d7:16:d6:be:29:88:2e:51:6f:e2:f4:1f:
fd:f6:70:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8l8OeCo5uqmjd8telc9odMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmQ2OGUzNzBlN2VjMjViZWM4ZTAxNDk3YjIxMzhkOTVk
YzZlYmMwHhcNMjIxMTAzMDgyNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzYwZjFjODRlYzcwZDU1ZWMwN2UwMzA1NWUxNDZkNjZhZGEyY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshOQCde5BHVj1oRMB+L6ufPefr1d
UjOddFpNTTa7DuwnpeJeshz4Dc03tXS1jBIxd8Ffgbi7mo/Y66OzB7g4CF3NmCq9
NSJXI5PFOG3U+Tq6ONOd3jpHZzUoCAMVYZumu2sODKD7Q2gANWKgYa315OQhFM3k
JHBrCF4H4LXq09MVc164nsGB6EmHsCD8cUsflNFRIDskdP8LPa5QhnlzfAVNHrwb
29dbz39pv4V9TQosjBucI/P9NeP5UqGBArX+TH2J+WhqGl8jxJmo/31yPmBkn1ah
8VrryCa/D9iUifHwyF2ZmfJZNjGtqA901KPH3TXOoXt+zf9ye1Mlb3+LzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIxg8chOxw1V7AfgMFXhRtZq2izTMB8GA1UdIwQY
MBaAFLC9aONw5+wlvsjgFJeyE42V3G68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0wxbzQzRG43Q1cteU9BVWw3SVRqWlhjYnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9mNGNhMWMtMzVkZC00Y2IxLTg0ZmEt
ODExNWNhZmQzOGNlLzEvakdEeHlFN0hEVlhzQi1Bd1ZlRkcxbXJhTE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9mNGNhMWMtMzVkZC00Y2IxLTg0ZmEtODExNWNhZmQzOGNl
LzEvc0wxbzQzRG43Q1cteU9BVWw3SVRqWlhjYnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwciNMA0G
CSqGSIb3DQEBCwUAA4IBAQCqxWkkYOS5COPmAWvEjymneP6VubuiuIUtOnzNgQgr
LzQ7/zLf8wYTcyWaz8V+z/9iwZPWVamodnzfXP7OAx3/Zsetz1VU7Z4A8ep4QY6b
fWXjJ06zvighYCOHyQCeOF7xe4pgpW1Yg+CV8+nHULtJndGzP4gA/4ftWAiWZ7gn
P0Oj5qIik/7+IYvsR3RCI7+bu1FKEwkHOfObcmmnaS4Sg1S930+npCpuMAlRwLSM
Pw3xTn2DufvDAXwBQOj5fgIVhzVdl1Csp4fZLdx48Uap92Taf6QYTRs9PJdiF/tq
0ki6efQKNQDg652eQvPnlZHXFta+KYguUW/i9B/99nAm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:18 2025 by rpki-client