Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/sn4VZBHAVsVo6dLkyGswiuh8OU8.roa
File: sn4VZBHAVsVo6dLkyGswiuh8OU8.roa (raw, json)
Hash identifier: nSe45pmPEOHJz1FxqnltrWKYwN3yxIwQtIICYJUZF94=
Subject key identifier: B2:7E:15:64:11:C0:56:C5:68:E9:D2:E4:C8:6B:30:8A:E8:7C:39:4F
Certificate issuer: /CN=2f3eaf4ec754f4a0e3d84ca253ad406ee9c7de15
Certificate serial: 01856C13722AB54CBE9D675160080D333765
Authority key identifier: 2F:3E:AF:4E:C7:54:F4:A0:E3:D8:4C:A2:53:AD:40:6E:E9:C7:DE:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lz6vTsdU9KDj2EyiU61AbunH3hU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/sn4VZBHAVsVo6dLkyGswiuh8OU8.roa
Signing time: Sun 01 Jan 2023 06:44:51 +0000
ROA not before: Sun 01 Jan 2023 06:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212088
IP address blocks: 193.219.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:72:2a:b5:4c:be:9d:67:51:60:08:0d:33:37:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3eaf4ec754f4a0e3d84ca253ad406ee9c7de15
Validity
Not Before: Jan 1 06:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b27e156411c056c568e9d2e4c86b308ae87c394f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:87:67:13:8f:31:07:f6:0e:07:3a:25:72:34:
83:7d:ff:33:e9:4e:72:e4:06:b6:99:d4:fc:d6:f6:
4b:cb:51:16:27:fb:d8:ad:24:e5:57:9f:99:1e:14:
06:31:bd:e7:1d:ca:89:48:48:d3:fe:69:f3:57:a4:
85:e1:91:75:1f:f6:de:19:08:e4:3c:20:f2:3e:79:
0d:aa:bd:6d:1c:76:09:9f:fe:a2:40:69:fa:39:05:
45:04:79:b7:30:06:be:ae:8f:1a:e8:48:00:37:b0:
81:4f:76:e7:15:ca:a1:0a:3a:61:99:aa:bd:b3:0e:
68:0f:7e:1b:ff:21:93:92:a4:6a:d4:36:93:5f:c1:
42:dd:f2:82:0f:72:64:6a:40:c5:cb:51:16:48:83:
fa:62:70:6b:66:ec:89:35:32:57:b2:be:b0:8d:1b:
cc:bb:9f:52:83:74:b3:9c:b1:38:b8:13:ed:13:96:
c0:35:b3:11:93:c6:94:53:49:ae:4c:a9:9a:eb:cc:
b8:4c:07:1f:64:c9:f1:6b:94:d9:5b:25:bb:ab:4f:
95:7d:1c:c1:de:ec:7a:61:ed:8c:24:cd:9d:47:c7:
14:83:1a:ee:ae:3f:e4:99:9a:3a:04:59:42:42:09:
d2:67:60:64:c1:bd:30:18:fe:3a:9b:20:d8:75:44:
66:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7E:15:64:11:C0:56:C5:68:E9:D2:E4:C8:6B:30:8A:E8:7C:39:4F
X509v3 Authority Key Identifier:
keyid:2F:3E:AF:4E:C7:54:F4:A0:E3:D8:4C:A2:53:AD:40:6E:E9:C7:DE:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lz6vTsdU9KDj2EyiU61AbunH3hU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/sn4VZBHAVsVo6dLkyGswiuh8OU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/Lz6vTsdU9KDj2EyiU61AbunH3hU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.112.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:eb:89:f5:43:82:c2:94:a1:52:61:39:ab:63:bc:62:07:36:
04:8d:44:75:13:c3:af:fa:14:48:12:3d:69:49:9a:5f:23:fa:
c4:50:89:f9:3c:dc:29:70:fa:d2:0f:40:9e:21:bb:48:8a:6f:
e8:0e:bc:2c:e3:9c:c0:83:f3:3b:39:32:86:a3:3b:bd:34:19:
0d:b2:02:1e:15:b3:bb:e3:fd:04:21:eb:d6:f8:40:6b:14:17:
14:1f:18:c6:58:a8:e0:c2:6f:94:1a:e8:61:9c:86:a8:13:66:
8d:c9:41:5d:94:f5:89:ac:b4:39:c4:09:ef:f6:2a:d0:68:93:
18:51:2f:eb:62:6e:fa:65:24:2c:e3:5b:3a:ed:3b:0f:ea:33:
c6:c0:89:b3:be:58:f5:58:63:e4:4b:30:eb:47:2e:3d:57:a9:
1c:af:ba:cb:5e:79:6c:9b:55:24:36:b2:ce:34:c2:c2:6b:3c:
06:f9:fb:b6:ac:14:cc:53:8c:40:d2:36:be:b4:e1:e1:c7:fb:
ab:f4:6d:e9:d4:d8:da:c2:f6:31:af:30:ea:e3:ee:37:0b:51:
c2:08:6a:c5:eb:77:5c:7e:8d:e6:74:9f:95:73:14:fb:e8:50:
ee:33:1e:b4:79:b2:b4:3d:14:80:07:aa:29:1a:8c:95:c0:8c:
6d:2a:ed:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE3IqtUy+nWdRYAgNMzdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmM2VhZjRlYzc1NGY0YTBlM2Q4NGNhMjUzYWQ0MDZlZTlj
N2RlMTUwHhcNMjMwMTAxMDY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjdlMTU2NDExYzA1NmM1NjhlOWQyZTRjODZiMzA4YWU4N2MzOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYdnE48xB/YOBzolcjSDff8z6U5y
5Aa2mdT81vZLy1EWJ/vYrSTlV5+ZHhQGMb3nHcqJSEjT/mnzV6SF4ZF1H/beGQjk
PCDyPnkNqr1tHHYJn/6iQGn6OQVFBHm3MAa+ro8a6EgAN7CBT3bnFcqhCjphmaq9
sw5oD34b/yGTkqRq1DaTX8FC3fKCD3JkakDFy1EWSIP6YnBrZuyJNTJXsr6wjRvM
u59Sg3SznLE4uBPtE5bANbMRk8aUU0muTKma68y4TAcfZMnxa5TZWyW7q0+VfRzB
3ux6Ye2MJM2dR8cUgxrurj/kmZo6BFlCQgnSZ2Bkwb0wGP46myDYdURmBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJ+FWQRwFbFaOnS5MhrMIrofDlPMB8GA1UdIwQY
MBaAFC8+r07HVPSg49hMolOtQG7px94VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHo2dlRzZFU5S0RqMkV5aVU2MUFidW5IM2hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xMzBhNjUtMWI3YS00NTc1LWIyODAt
OTBjM2NjZTU2OWYwLzEvc240VlpCSEFWc1ZvNmRMa3lHc3dpdWg4T1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8xMzBhNjUtMWI3YS00NTc1LWIyODAtOTBjM2NjZTU2OWYw
LzEvTHo2dlRzZFU5S0RqMkV5aVU2MUFidW5IM2hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwdtwMA0G
CSqGSIb3DQEBCwUAA4IBAQAL64n1Q4LClKFSYTmrY7xiBzYEjUR1E8Ov+hRIEj1p
SZpfI/rEUIn5PNwpcPrSD0CeIbtIim/oDrws45zAg/M7OTKGozu9NBkNsgIeFbO7
4/0EIevW+EBrFBcUHxjGWKjgwm+UGuhhnIaoE2aNyUFdlPWJrLQ5xAnv9irQaJMY
US/rYm76ZSQs41s67TsP6jPGwImzvlj1WGPkSzDrRy49V6kcr7rLXnlsm1UkNrLO
NMLCazwG+fu2rBTMU4xA0ja+tOHhx/ur9G3p1NjawvYxrzDq4+43C1HCCGrF63dc
fo3mdJ+VcxT76FDuMx60ebK0PRSAB6opGoyVwIxtKu3W
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:51 2025 by rpki-client