Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/1-0AFOzknOq_Ol8btyATC7HMbZ7o.roa
File: 1-0AFOzknOq_Ol8btyATC7HMbZ7o.roa (raw, json)
Hash identifier: wXD2gKNXuPEJ/JzYABqA85evyXKnjxVx5kWRK/kltj4=
Subject key identifier: FB:40:05:3B:39:27:3A:AF:CE:97:C6:ED:C8:04:C2:EC:73:1B:67:BA
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 018B5370FEC1ED0B02B8FB09F37F3E768547
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/1-0AFOzknOq_Ol8btyATC7HMbZ7o.roa
Signing time: Sat 21 Oct 2023 18:13:15 +0000
ROA not before: Sat 21 Oct 2023 18:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 193.43.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:53:70:fe:c1:ed:0b:02:b8:fb:09:f3:7f:3e:76:85:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Oct 21 18:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb40053b39273aafce97c6edc804c2ec731b67ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fb:f4:c0:72:de:71:a7:3d:9f:bf:36:cc:ee:
10:89:e0:4e:81:f8:79:e1:0a:e8:d1:6a:ef:89:87:
74:57:2e:63:23:89:45:09:49:42:54:34:1a:4d:ec:
db:9b:c5:a6:00:af:89:1d:ac:21:9a:ea:59:67:e4:
2b:fc:d2:a6:14:de:57:2b:cb:2c:3e:93:0e:eb:09:
66:c1:e5:bf:ca:bb:33:90:e0:16:87:c0:2a:62:08:
17:8f:e2:09:3d:3a:dd:b0:ed:65:42:d2:03:50:2d:
94:a6:1e:75:af:52:ec:db:76:6d:b3:74:f6:cb:57:
d2:0d:f9:ec:81:ea:d8:17:be:90:57:75:66:4b:2c:
e4:56:3d:f7:76:ec:d8:4b:2a:a1:64:84:84:55:62:
3d:89:a6:ed:b9:c8:c4:9f:90:eb:15:42:3d:53:ab:
c9:e9:ad:2a:c2:9a:e9:09:a7:d2:e6:65:4e:cc:f6:
a8:8c:b2:e1:bb:3f:d0:54:09:2d:1d:78:ec:49:cd:
c0:2d:3a:c7:a7:d4:ae:c4:b1:2e:d3:46:63:c9:41:
96:4b:27:65:f9:0b:68:c9:1b:63:19:8b:e3:05:94:
96:2e:90:f7:36:80:1a:60:72:50:1e:a1:b3:f6:ab:
9a:8d:cf:00:37:cc:0a:56:d2:f1:49:ec:20:3c:40:
57:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:40:05:3B:39:27:3A:AF:CE:97:C6:ED:C8:04:C2:EC:73:1B:67:BA
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/1-0AFOzknOq_Ol8btyATC7HMbZ7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.142.0/24
Signature Algorithm: sha256WithRSAEncryption
51:3a:63:74:f6:21:0a:b7:5f:a3:93:35:54:3b:24:33:8c:a1:
4f:50:2b:e4:18:54:fb:38:e1:35:ec:f5:81:08:4e:e4:55:e3:
d7:d0:27:d8:f7:46:0c:d6:77:43:8c:bb:bc:2d:47:ea:f6:c4:
bd:62:48:ad:1f:20:c4:d0:3b:03:38:2b:a4:24:d9:d3:44:82:
7d:de:ec:24:f8:c6:b9:7c:cd:10:58:13:7f:6c:43:48:f6:39:
23:1f:f7:a9:57:94:86:40:7c:68:8c:13:1f:4a:c1:ee:bc:80:
a4:f2:49:f1:bd:8d:38:bc:4d:10:e9:82:49:90:30:ab:df:44:
ea:43:80:5f:b2:b8:04:92:dc:7d:01:a4:91:21:d5:4b:f2:d8:
60:7b:94:cd:98:bb:78:08:51:39:ca:b3:0d:38:5b:51:78:ad:
01:f8:96:a7:80:40:19:f0:d0:16:78:7b:34:39:c4:29:62:b8:
81:73:db:0e:f5:1a:36:73:c7:88:36:0a:70:b6:b1:08:a1:e1:
2d:c5:c7:98:a5:c6:09:39:70:b0:6f:b2:01:d4:75:51:84:e5:
6d:22:31:b4:93:18:e4:88:87:c2:2a:2a:75:3c:96:72:09:f1:
2e:db:06:4b:de:29:0a:77:85:09:35:5d:bf:b2:99:4f:f5:6a:
9e:ce:94:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtTcP7B7QsCuPsJ838+doVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjMxMDIxMTgxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjQwMDUzYjM5MjczYWFmY2U5N2M2ZWRjODA0YzJlYzczMWI2N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPv0wHLecac9n782zO4QieBOgfh5
4Qro0WrviYd0Vy5jI4lFCUlCVDQaTezbm8WmAK+JHawhmupZZ+Qr/NKmFN5XK8ss
PpMO6wlmweW/yrszkOAWh8AqYggXj+IJPTrdsO1lQtIDUC2Uph51r1Ls23Zts3T2
y1fSDfnsgerYF76QV3VmSyzkVj33duzYSyqhZISEVWI9iabtucjEn5DrFUI9U6vJ
6a0qwprpCafS5mVOzPaojLLhuz/QVAktHXjsSc3ALTrHp9SuxLEu00ZjyUGWSydl
+QtoyRtjGYvjBZSWLpD3NoAaYHJQHqGz9quajc8AN8wKVtLxSewgPEBXyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPtABTs5JzqvzpfG7cgEwuxzG2e6MB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvMS0wQUZPemtuT3FfT2w4YnR5QVRDN0hNYlo3by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjcvZjA3YzY2LTQ3M2QtNDM1YS1iNjkzLWMzNjljMWQ0YzMz
Ny8xL1JQeUlmSmR6azFkZDVpVi1kZnFaemVJRGZHdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMErjjAN
BgkqhkiG9w0BAQsFAAOCAQEAUTpjdPYhCrdfo5M1VDskM4yhT1Ar5BhU+zjhNez1
gQhO5FXj19An2PdGDNZ3Q4y7vC1H6vbEvWJIrR8gxNA7AzgrpCTZ00SCfd7sJPjG
uXzNEFgTf2xDSPY5Ix/3qVeUhkB8aIwTH0rB7ryApPJJ8b2NOLxNEOmCSZAwq99E
6kOAX7K4BJLcfQGkkSHVS/LYYHuUzZi7eAhROcqzDThbUXitAfiWp4BAGfDQFnh7
NDnEKWK4gXPbDvUaNnPHiDYKcLaxCKHhLcXHmKXGCTlwsG+yAdR1UYTlbSIxtJMY
5IiHwioqdTyWcgnxLtsGS94pCneFCTVdv7KZT/Vqns6UlQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:19 2025 by rpki-client