Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/3u3Fvo5Xc4wKu6ZNyjNwQzt89DE.roa
File: 3u3Fvo5Xc4wKu6ZNyjNwQzt89DE.roa (raw, json)
Hash identifier: Vz3lNSOsnIREj1cR1KniRr8csd7ClR49+pWsJS0qBdw=
Subject key identifier: DE:ED:C5:BE:8E:57:73:8C:0A:BB:A6:4D:CA:33:70:43:3B:7C:F4:31
Certificate issuer: /CN=b68f8f32514a183e977a3c7df36473d56260c4a4
Certificate serial: 0184D1C6D9E5F50132CBA62B6EF9C64A2CCD
Authority key identifier: B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/3u3Fvo5Xc4wKu6ZNyjNwQzt89DE.roa
Signing time: Fri 02 Dec 2022 07:39:40 +0000
ROA not before: Fri 02 Dec 2022 07:39:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1759
IP address blocks: 193.142.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d1:c6:d9:e5:f5:01:32:cb:a6:2b:6e:f9:c6:4a:2c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b68f8f32514a183e977a3c7df36473d56260c4a4
Validity
Not Before: Dec 2 07:39:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=deedc5be8e57738c0abba64dca3370433b7cf431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9a:54:5c:f1:74:16:b2:55:1c:d4:69:94:5c:
24:e9:68:8e:c4:e7:ac:b9:16:54:c9:8b:63:aa:87:
ec:3e:fe:7e:40:00:61:8c:70:60:fa:eb:a9:b6:02:
cf:d1:7e:ce:57:3f:95:76:36:4f:1f:23:8b:ae:dd:
7c:3e:62:cc:6b:ce:1d:3f:61:ec:64:bc:d9:22:74:
48:ad:b3:8c:77:52:bb:20:27:74:11:13:ea:3e:87:
c7:80:06:c1:eb:f4:a6:56:60:d8:d3:86:7c:3f:ba:
00:f0:71:88:cb:95:50:bf:07:13:f3:9b:fe:42:11:
18:b4:92:8d:26:1a:09:2b:8d:a8:01:8d:c8:81:61:
fa:d6:99:ef:49:43:6e:a1:be:4e:78:2e:3e:3c:0c:
d1:1e:8a:e3:c9:42:f9:64:ce:38:db:42:72:6e:b9:
51:d6:82:fc:51:dc:a7:ca:d5:b6:dd:28:54:1c:6b:
1a:da:29:84:86:05:5c:27:e7:97:97:ea:b1:71:60:
c7:36:0b:8f:61:d1:9c:55:bd:8b:88:4f:3b:ea:66:
a2:2d:83:ec:84:90:75:ab:57:92:60:24:dd:bc:14:
b6:bd:d9:97:6e:3f:33:d5:1a:5d:ca:c8:31:91:11:
34:e0:31:41:69:8e:25:f0:75:19:89:f3:9f:41:81:
cb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:ED:C5:BE:8E:57:73:8C:0A:BB:A6:4D:CA:33:70:43:3B:7C:F4:31
X509v3 Authority Key Identifier:
keyid:B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/3u3Fvo5Xc4wKu6ZNyjNwQzt89DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.26.0/24
Signature Algorithm: sha256WithRSAEncryption
64:2e:a9:87:aa:eb:b5:4d:be:7c:d7:5c:79:91:c0:47:ca:66:
df:c9:0e:ab:c5:7c:5c:45:b1:13:0b:95:22:af:00:bc:45:fe:
7b:0c:1d:7e:73:7e:b8:a3:e5:c2:b4:95:0e:23:47:c0:1c:bc:
b4:28:b2:e5:ac:e2:d4:7f:75:a5:da:80:91:b1:4a:87:1d:23:
75:2b:1a:09:60:39:38:da:cb:71:95:1f:fe:ef:e0:f8:20:72:
ec:d3:b8:55:46:b3:3b:1e:3b:17:59:0f:75:11:58:8d:dd:77:
a1:14:c3:02:0a:59:a8:a5:ae:ad:b0:8b:d7:4c:21:7d:95:62:
5f:7d:15:f4:f0:55:fc:ec:4e:0e:c0:fe:45:de:11:96:2e:2f:
84:b6:7a:5c:e8:b5:46:13:b0:b6:b8:92:cb:19:3a:05:b0:12:
4d:15:29:ac:70:aa:8c:d9:4e:e7:38:03:12:aa:16:4f:65:bc:
44:eb:b8:e7:7f:3a:9f:94:e2:97:4e:2f:ca:a5:55:2e:21:bc:
52:7f:7f:dc:da:b3:31:96:79:e7:25:31:b5:df:06:d2:01:53:
7e:ab:8b:f8:72:3b:3b:ed:4f:18:b8:2e:45:be:d6:f2:12:16:
5b:b0:f3:4d:c1:4b:ca:99:de:d8:bb:72:56:20:de:ab:5d:09:
a9:09:ce:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTRxtnl9QEyy6YrbvnGSizNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGY4ZjMyNTE0YTE4M2U5NzdhM2M3ZGYzNjQ3M2Q1NjI2
MGM0YTQwHhcNMjIxMjAyMDczOTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWVkYzViZThlNTc3MzhjMGFiYmE2NGRjYTMzNzA0MzNiN2NmNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJpUXPF0FrJVHNRplFwk6WiOxOes
uRZUyYtjqofsPv5+QABhjHBg+uuptgLP0X7OVz+VdjZPHyOLrt18PmLMa84dP2Hs
ZLzZInRIrbOMd1K7ICd0ERPqPofHgAbB6/SmVmDY04Z8P7oA8HGIy5VQvwcT85v+
QhEYtJKNJhoJK42oAY3IgWH61pnvSUNuob5OeC4+PAzRHorjyUL5ZM4420JybrlR
1oL8UdynytW23ShUHGsa2imEhgVcJ+eXl+qxcWDHNguPYdGcVb2LiE876maiLYPs
hJB1q1eSYCTdvBS2vdmXbj8z1RpdysgxkRE04DFBaY4l8HUZifOfQYHLdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7txb6OV3OMCrumTcozcEM7fPQxMB8GA1UdIwQY
MBaAFLaPjzJRShg+l3o8ffNkc9ViYMSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUt
MjIxMGVkOWQwODYxLzEvM3UzRnZvNVhjNHdLdTZaTnlqTndRenQ4OURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUtMjIxMGVkOWQwODYx
LzEvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY4aMA0G
CSqGSIb3DQEBCwUAA4IBAQBkLqmHquu1Tb5811x5kcBHymbfyQ6rxXxcRbETC5Ui
rwC8Rf57DB1+c364o+XCtJUOI0fAHLy0KLLlrOLUf3Wl2oCRsUqHHSN1KxoJYDk4
2stxlR/+7+D4IHLs07hVRrM7HjsXWQ91EViN3XehFMMCClmopa6tsIvXTCF9lWJf
fRX08FX87E4OwP5F3hGWLi+Etnpc6LVGE7C2uJLLGToFsBJNFSmscKqM2U7nOAMS
qhZPZbxE67jnfzqflOKXTi/KpVUuIbxSf3/c2rMxlnnnJTG13wbSAVN+q4v4cjs7
7U8YuC5FvtbyEhZbsPNNwUvKmd7Yu3JWIN6rXQmpCc5L
-----END CERTIFICATE-----
Generated at Thu May 1 13:47:35 2025 by rpki-client