Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/Sx53h7jrg9Z3MdlLVNvZMzmbnUE.roa
File: Sx53h7jrg9Z3MdlLVNvZMzmbnUE.roa (raw, json)
Hash identifier: dRNBvsD4hNzeV2lEPIvtVxf1NWrqh4hIUiQkLUgEffQ=
Subject key identifier: 4B:1E:77:87:B8:EB:83:D6:77:31:D9:4B:54:DB:D9:33:39:9B:9D:41
Certificate issuer: /CN=961b9df745c32df27df33ebcfd536f19e13474fe
Certificate serial: 01856DDD42C0FBC187153419A2551137E046
Authority key identifier: 96:1B:9D:F7:45:C3:2D:F2:7D:F3:3E:BC:FD:53:6F:19:E1:34:74:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhud90XDLfJ98z68_VNvGeE0dP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/Sx53h7jrg9Z3MdlLVNvZMzmbnUE.roa
Signing time: Sun 01 Jan 2023 15:04:55 +0000
ROA not before: Sun 01 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.100.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:42:c0:fb:c1:87:15:34:19:a2:55:11:37:e0:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=961b9df745c32df27df33ebcfd536f19e13474fe
Validity
Not Before: Jan 1 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b1e7787b8eb83d67731d94b54dbd933399b9d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d5:13:55:9a:b5:35:b0:93:57:57:6a:26:4d:
ba:53:e4:a6:2b:87:92:85:13:3c:ef:6b:56:90:1d:
45:1d:b5:85:f2:64:54:2a:3c:03:c8:b5:83:68:ed:
0e:17:aa:19:d2:9d:9a:da:a5:7f:17:d4:1f:68:54:
51:54:6a:c7:3f:07:44:89:58:f1:3a:06:d8:6c:0c:
36:01:6a:a1:f4:1f:8d:95:37:e0:cb:ad:8f:88:ec:
28:f5:51:88:9b:27:6a:c7:6a:f2:8c:75:7b:99:e7:
fa:6e:87:d9:7e:53:34:d7:5c:15:d5:99:68:e3:c2:
98:ba:8b:c8:a1:a2:6a:c6:a3:d4:56:d7:46:1e:84:
dc:bb:3e:24:a3:23:e0:36:79:26:79:4e:84:70:ba:
0e:f2:ce:81:04:77:6f:09:03:3a:72:5d:4a:c6:d3:
9d:72:5f:0a:ea:0f:2a:06:ff:ce:95:88:33:d9:aa:
a6:a0:7b:b9:8b:d7:17:8c:b1:c9:af:29:ee:35:67:
c9:cf:bf:f3:cc:04:a9:9a:e4:33:9b:04:66:5a:5d:
61:ee:15:29:79:0a:23:1d:59:af:91:bd:55:3f:85:
17:3f:db:cf:63:90:20:bd:72:c6:01:f1:fe:b1:cc:
3e:ed:d6:19:af:53:83:4d:2a:1a:0b:a8:a8:45:ea:
63:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1E:77:87:B8:EB:83:D6:77:31:D9:4B:54:DB:D9:33:39:9B:9D:41
X509v3 Authority Key Identifier:
keyid:96:1B:9D:F7:45:C3:2D:F2:7D:F3:3E:BC:FD:53:6F:19:E1:34:74:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhud90XDLfJ98z68_VNvGeE0dP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/Sx53h7jrg9Z3MdlLVNvZMzmbnUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/lhud90XDLfJ98z68_VNvGeE0dP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.100.64.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ca:e7:5e:de:ab:ee:2c:ce:3b:78:a7:be:9b:f9:1a:fa:fa:
fe:91:43:ec:68:e2:1a:03:e7:45:5c:63:22:f2:1a:9b:45:2d:
08:00:b9:15:13:5b:c0:9f:33:5b:d3:b9:b7:3d:59:d3:fe:0c:
54:1b:c1:03:35:75:c2:51:77:b1:03:14:e2:92:bd:25:a5:39:
61:5f:a5:2f:2f:75:d5:a5:5c:c6:be:0e:96:0a:a4:b6:4b:7b:
7e:f9:d0:9d:77:83:40:bb:c7:0a:3a:dd:e2:95:77:cc:f7:00:
f6:3b:71:6d:ae:c4:60:5b:15:c9:37:1a:4f:d9:3c:ad:bd:f0:
98:cc:ac:cd:78:3a:22:13:aa:97:f1:1a:26:d6:0c:81:09:8c:
59:de:27:84:cc:be:45:5b:d8:d3:c8:d0:12:e5:c8:b4:a0:d1:
0e:66:6a:89:86:d4:69:e2:6c:04:ee:94:b0:33:d0:1e:23:0a:
fa:a3:c2:fd:4c:04:01:a5:57:e7:df:6a:35:50:c3:8e:dd:a6:
8d:61:58:b9:b9:2f:9a:57:f6:c2:c8:52:50:42:9f:02:2d:dd:
f8:92:43:48:81:84:b4:4f:7c:41:16:9b:43:ab:ba:95:a9:a7:
b4:c8:7a:40:b0:b4:fb:30:04:11:38:ba:0c:d7:4b:8e:1d:a7:
8c:95:7e:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3ULA+8GHFTQZolURN+BGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MWI5ZGY3NDVjMzJkZjI3ZGYzM2ViY2ZkNTM2ZjE5ZTEz
NDc0ZmUwHhcNMjMwMTAxMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFlNzc4N2I4ZWI4M2Q2NzczMWQ5NGI1NGRiZDkzMzM5OWI5ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNUTVZq1NbCTV1dqJk26U+SmK4eS
hRM872tWkB1FHbWF8mRUKjwDyLWDaO0OF6oZ0p2a2qV/F9QfaFRRVGrHPwdEiVjx
OgbYbAw2AWqh9B+NlTfgy62PiOwo9VGImydqx2ryjHV7mef6bofZflM011wV1Zlo
48KYuovIoaJqxqPUVtdGHoTcuz4koyPgNnkmeU6EcLoO8s6BBHdvCQM6cl1KxtOd
cl8K6g8qBv/OlYgz2aqmoHu5i9cXjLHJrynuNWfJz7/zzASpmuQzmwRmWl1h7hUp
eQojHVmvkb1VP4UXP9vPY5AgvXLGAfH+scw+7dYZr1ODTSoaC6ioRepjewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsed4e464PWdzHZS1Tb2TM5m51BMB8GA1UdIwQY
MBaAFJYbnfdFwy3yffM+vP1TbxnhNHT+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGh1ZDkwWERMZko5OHo2OF9WTnZHZUUwZFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lODQ5MjAtZjVjYi00NmQ3LWJjOTkt
ZmU1MzIxMGI1N2I2LzEvU3g1M2g3anJnOVozTWRsTFZOdlpNem1iblVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lODQ5MjAtZjVjYi00NmQ3LWJjOTktZmU1MzIxMGI1N2I2
LzEvbGh1ZDkwWERMZko5OHo2OF9WTnZHZUUwZFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWRAMA0G
CSqGSIb3DQEBCwUAA4IBAQAqyude3qvuLM47eKe+m/ka+vr+kUPsaOIaA+dFXGMi
8hqbRS0IALkVE1vAnzNb07m3PVnT/gxUG8EDNXXCUXexAxTikr0lpTlhX6UvL3XV
pVzGvg6WCqS2S3t++dCdd4NAu8cKOt3ilXfM9wD2O3FtrsRgWxXJNxpP2TytvfCY
zKzNeDoiE6qX8Rom1gyBCYxZ3ieEzL5FW9jTyNAS5ci0oNEOZmqJhtRp4mwE7pSw
M9AeIwr6o8L9TAQBpVfn32o1UMOO3aaNYVi5uS+aV/bCyFJQQp8CLd34kkNIgYS0
T3xBFptDq7qVqae0yHpAsLT7MAQROLoM10uOHaeMlX5k
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:40 2025 by rpki-client