Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/CUnsBDXVCgsmX9-d3DQMawGbk14.roa
File: CUnsBDXVCgsmX9-d3DQMawGbk14.roa (raw, json)
Hash identifier: q88AAgQzK2oxelTDf/xG+j3qAGVJah7Y8a4Tw4AtkDc=
Subject key identifier: 09:49:EC:04:35:D5:0A:0B:26:5F:DF:9D:DC:34:0C:6B:01:9B:93:5E
Certificate issuer: /CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Certificate serial: 018571DE9596CBA80C85514BB5C47293FD6C
Authority key identifier: 4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/CUnsBDXVCgsmX9-d3DQMawGbk14.roa
Signing time: Mon 02 Jan 2023 09:44:50 +0000
ROA not before: Mon 02 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 193.111.234.0/24 maxlen: 24
193.134.101.0/24 maxlen: 24
193.134.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:95:96:cb:a8:0c:85:51:4b:b5:c4:72:93:fd:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acef45fbb0f26930aeb833cf79fc41e22ca9235
Validity
Not Before: Jan 2 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0949ec0435d50a0b265fdf9ddc340c6b019b935e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:ad:7d:03:d2:d1:bf:e9:65:ad:3c:d7:60:
ce:d2:38:6b:0c:e3:3b:12:a1:42:31:9d:a3:5b:46:
a3:68:09:78:94:4c:b4:59:46:bc:b7:db:d7:fa:53:
a4:d0:be:42:dd:68:58:70:f7:5e:f2:49:7f:46:ee:
70:ee:6b:94:94:c3:66:c4:ba:ff:e3:87:a1:a4:40:
6f:c9:dd:bd:79:0b:0b:4b:d1:1b:52:88:97:a7:30:
78:0f:01:5c:f3:e4:f4:ab:c8:d5:3d:5b:58:b1:0a:
3f:d1:f4:8d:f6:ab:8d:41:5e:5b:ba:b3:7d:32:0d:
9a:10:dd:ea:08:59:14:11:8f:56:ad:c5:6f:53:3b:
3e:79:8b:8c:44:b0:44:1b:a2:92:d9:06:e8:7f:54:
64:e8:02:58:03:06:ca:14:a1:93:d9:8b:d6:64:36:
ae:0a:63:1f:32:85:75:ef:81:23:2e:4c:51:a6:69:
d1:da:bd:41:56:90:e0:af:dc:93:10:d9:28:53:22:
3e:64:54:60:fb:28:3a:9c:40:25:5a:2e:4b:5f:99:
39:ea:e1:a6:02:c8:ce:6a:1d:d4:42:15:98:ed:d0:
5a:4e:3e:6e:72:b3:5a:ea:6d:2e:30:c3:a7:7e:b6:
fd:0a:94:a3:b3:b4:17:0b:e2:c8:ea:55:ba:40:77:
19:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:49:EC:04:35:D5:0A:0B:26:5F:DF:9D:DC:34:0C:6B:01:9B:93:5E
X509v3 Authority Key Identifier:
keyid:4A:CE:F4:5F:BB:0F:26:93:0A:EB:83:3C:F7:9F:C4:1E:22:CA:92:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss70X7sPJpMK64M895_EHiLKkjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/CUnsBDXVCgsmX9-d3DQMawGbk14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/97fb36-ea9b-43f4-aad5-06f7290dc44a/1/Ss70X7sPJpMK64M895_EHiLKkjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.234.0/24
193.134.100.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:14:d1:fe:b7:b6:4c:7e:c3:28:aa:d6:87:5f:f7:a9:c8:99:
9c:52:62:ac:be:2d:37:67:b6:41:8d:b1:47:66:a9:41:26:78:
51:88:3b:03:5e:30:bf:6b:d4:54:12:76:68:d2:36:5e:d1:8c:
cf:f2:ba:6c:27:39:1b:39:54:81:33:1f:a8:9e:14:c2:7c:af:
d6:28:ad:34:ec:8a:3a:61:84:c0:f1:c2:fd:eb:9b:27:d0:62:
21:bd:67:44:95:9d:06:c8:66:fa:e5:21:c8:61:85:e0:73:1d:
84:0d:2c:bb:3f:8d:eb:b8:f9:7d:42:6f:28:51:4f:2e:1e:80:
f2:30:2d:70:70:f3:d1:41:e9:8b:05:22:0b:66:61:ef:64:3a:
64:42:36:f4:8a:3b:93:93:b1:c5:b6:90:8f:ab:ee:63:b5:47:
9b:b4:e4:61:36:54:50:0a:1a:4f:47:0e:d9:2d:31:76:b2:70:
46:cf:b6:c7:60:7f:d4:c6:63:f7:73:0b:25:fd:e9:7d:06:95:
0a:9a:4b:85:fa:fc:50:45:70:f5:a1:92:50:c1:6a:08:da:45:
37:28:14:41:fe:89:0e:58:a4:22:ef:10:94:38:e0:ac:10:6e:
4b:85:6d:f2:9f:92:dc:b5:84:06:25:e2:29:5d:d9:e7:ff:3b:
26:3b:29:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3pWWy6gMhVFLtcRyk/1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2VmNDVmYmIwZjI2OTMwYWViODMzY2Y3OWZjNDFlMjJj
YTkyMzUwHhcNMjMwMTAyMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQ5ZWMwNDM1ZDUwYTBiMjY1ZmRmOWRkYzM0MGM2YjAxOWI5MzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA2tfQPS0b/pZa0812DO0jhrDOM7
EqFCMZ2jW0ajaAl4lEy0WUa8t9vX+lOk0L5C3WhYcPde8kl/Ru5w7muUlMNmxLr/
44ehpEBvyd29eQsLS9EbUoiXpzB4DwFc8+T0q8jVPVtYsQo/0fSN9quNQV5burN9
Mg2aEN3qCFkUEY9WrcVvUzs+eYuMRLBEG6KS2Qbof1Rk6AJYAwbKFKGT2YvWZDau
CmMfMoV174EjLkxRpmnR2r1BVpDgr9yTENkoUyI+ZFRg+yg6nEAlWi5LX5k56uGm
AsjOah3UQhWY7dBaTj5ucrNa6m0uMMOnfrb9CpSjs7QXC+LI6lW6QHcZEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAlJ7AQ11QoLJl/fndw0DGsBm5NeMB8GA1UdIwQY
MBaAFErO9F+7DyaTCuuDPPefxB4iypI1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUt
MDZmNzI5MGRjNDRhLzEvQ1Vuc0JEWFZDZ3NtWDktZDNEUU1hd0diazE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi85N2ZiMzYtZWE5Yi00M2Y0LWFhZDUtMDZmNzI5MGRjNDRh
LzEvU3M3MFg3c1BKcE1LNjRNODk1X0VIaUxLa2pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW/qAwQB
wYZkMA0GCSqGSIb3DQEBCwUAA4IBAQCyFNH+t7ZMfsMoqtaHX/epyJmcUmKsvi03
Z7ZBjbFHZqlBJnhRiDsDXjC/a9RUEnZo0jZe0YzP8rpsJzkbOVSBMx+onhTCfK/W
KK007Io6YYTA8cL965sn0GIhvWdElZ0GyGb65SHIYYXgcx2EDSy7P43ruPl9Qm8o
UU8uHoDyMC1wcPPRQemLBSILZmHvZDpkQjb0ijuTk7HFtpCPq+5jtUebtORhNlRQ
ChpPRw7ZLTF2snBGz7bHYH/UxmP3cwsl/el9BpUKmkuF+vxQRXD1oZJQwWoI2kU3
KBRB/okOWKQi7xCUOOCsEG5LhW3yn5LctYQGJeIpXdnn/zsmOyl4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:28 2025 by rpki-client