Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/2vBTKzZ15p3vMxaCKrBj5l_MAFc.roa
File: 2vBTKzZ15p3vMxaCKrBj5l_MAFc.roa (raw, json)
Hash identifier: THcpLwtCW+XVDrK0HjQN/zDw/3nHLl3ozp+40W97OIk=
Subject key identifier: DA:F0:53:2B:36:75:E6:9D:EF:33:16:82:2A:B0:63:E6:5F:CC:00:57
Certificate issuer: /CN=1a946f4a826d622a338ed83e0afcdf78c87604f8
Certificate serial: 91F96B
Authority key identifier: 1A:94:6F:4A:82:6D:62:2A:33:8E:D8:3E:0A:FC:DF:78:C8:76:04:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpRvSoJtYiozjtg-CvzfeMh2BPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/2vBTKzZ15p3vMxaCKrBj5l_MAFc.roa
Signing time: Sat 01 Jan 2022 02:53:10 +0000
ROA not before: Sat 01 Jan 2022 02:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210568
IP address blocks: 193.111.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9566571 (0x91f96b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a946f4a826d622a338ed83e0afcdf78c87604f8
Validity
Not Before: Jan 1 02:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daf0532b3675e69def3316822ab063e65fcc0057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5b:77:ab:0d:d8:c6:e0:95:2f:33:ca:ae:6c:
61:b8:58:0e:05:bb:12:98:ec:36:f4:c8:39:d7:f3:
a4:c8:c3:34:c3:ec:7e:df:74:fc:e1:51:e5:ed:46:
11:34:87:e6:8f:b6:6e:39:47:6c:53:ff:89:ff:f3:
69:6d:dd:27:01:06:26:dd:83:af:b8:f8:7d:7d:46:
46:3c:70:c6:be:23:5a:d2:23:96:50:a3:6f:c2:77:
11:72:35:8e:fb:b3:54:0c:94:98:3a:9a:f5:e4:5d:
b0:cc:46:cf:d6:fb:b4:d9:a2:10:90:59:8f:47:cc:
a9:cf:50:1a:ef:ca:6d:63:7e:1f:90:20:22:4d:a4:
1d:c5:13:a7:19:6a:2c:f9:62:ae:5a:06:06:7b:6c:
84:9c:04:66:cf:ca:b5:bd:a0:fc:7d:aa:ea:a9:02:
1a:57:1b:37:e4:4f:0e:3b:cd:fd:7d:a5:dc:90:00:
aa:9c:e2:b0:58:52:06:30:37:3e:40:b2:ab:76:2f:
2e:1b:f0:74:17:5f:54:0c:6a:d9:da:5d:ef:ea:6b:
f7:5b:f1:4e:48:6f:ec:88:a4:61:76:ae:1c:b0:d6:
52:cc:03:34:e7:89:7b:7e:24:ef:18:34:63:9b:e7:
17:e5:36:a7:ef:7e:ef:48:49:2c:49:03:81:a4:52:
b7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F0:53:2B:36:75:E6:9D:EF:33:16:82:2A:B0:63:E6:5F:CC:00:57
X509v3 Authority Key Identifier:
keyid:1A:94:6F:4A:82:6D:62:2A:33:8E:D8:3E:0A:FC:DF:78:C8:76:04:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpRvSoJtYiozjtg-CvzfeMh2BPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/2vBTKzZ15p3vMxaCKrBj5l_MAFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/GpRvSoJtYiozjtg-CvzfeMh2BPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.28.0/24
Signature Algorithm: sha256WithRSAEncryption
94:93:bb:d4:bc:41:c8:ad:6c:6d:d5:de:da:88:e1:d8:7a:e4:
db:b2:0a:24:24:e5:1b:66:71:97:b8:3e:1f:27:20:60:2a:fb:
9a:fa:7a:ac:87:dc:1b:c7:f1:c0:05:15:ba:b9:f7:29:cf:19:
1b:56:db:f6:13:a4:a9:17:c7:91:b4:41:3a:13:44:bd:26:2f:
7d:16:4c:f7:e5:b9:d7:02:b9:15:36:c0:8c:17:fc:23:c2:73:
19:62:f9:6f:6e:6a:69:4b:f9:f0:7f:91:3f:e4:15:a0:f1:f2:
b8:be:02:c7:33:a9:5f:d7:50:38:6a:30:00:1d:31:11:87:2d:
47:42:1a:b6:79:83:cb:8e:92:dc:cb:8a:54:91:f2:14:01:0f:
e2:99:38:c3:16:db:76:fb:99:b1:24:02:74:a2:9d:79:9e:23:
29:47:7a:e2:c0:05:e1:39:d2:16:d7:ac:25:06:43:d2:f9:52:
63:11:24:47:72:45:4c:c6:9a:18:b1:63:5e:c9:2b:a1:43:d7:
fd:61:e7:d2:77:8d:c8:e3:ea:e9:7d:fd:18:6b:6c:21:d7:c4:
a9:ec:51:f4:97:2b:92:fe:33:00:b0:ce:69:e5:94:06:9e:27:
ff:ce:b3:99:ce:c8:86:d8:7a:a3:73:60:ea:cd:28:c0:60:58:
81:56:a9:c5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJH5azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTk0NmY0YTgyNmQ2MjJhMzM4ZWQ4M2UwYWZjZGY3OGM4NzYwNGY4MB4XDTIyMDEw
MTAyNTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFmMDUzMmIzNjc1
ZTY5ZGVmMzMxNjgyMmFiMDYzZTY1ZmNjMDA1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1bd6sN2MbglS8zyq5sYbhYDgW7EpjsNvTIOdfzpMjDNMPs
ft90/OFR5e1GETSH5o+2bjlHbFP/if/zaW3dJwEGJt2Dr7j4fX1GRjxwxr4jWtIj
llCjb8J3EXI1jvuzVAyUmDqa9eRdsMxGz9b7tNmiEJBZj0fMqc9QGu/KbWN+H5Ag
Ik2kHcUTpxlqLPlirloGBntshJwEZs/Ktb2g/H2q6qkCGlcbN+RPDjvN/X2l3JAA
qpzisFhSBjA3PkCyq3YvLhvwdBdfVAxq2dpd7+pr91vxTkhv7IikYXauHLDWUswD
NOeJe34k7xg0Y5vnF+U2p+9+70hJLEkDgaRSt3ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTa8FMrNnXmne8zFoIqsGPmX8wAVzAfBgNVHSMEGDAWgBQalG9Kgm1iKjOO
2D4K/N94yHYE+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dwUnZTb0p0WWlvemp0Zy1DdnpmZU1oMkJQZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvNmJhNmEzLTI1ZTAtNDk5YS1hN2E5LTk4Mzk4ZmRiYzlmYi8x
LzJ2QlRLeloxNXAzdk14YUNLckJqNWxfTUFGYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
NmJhNmEzLTI1ZTAtNDk5YS1hN2E5LTk4Mzk4ZmRiYzlmYi8xL0dwUnZTb0p0WWlv
emp0Zy1DdnpmZU1oMkJQZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFvHDANBgkqhkiG9w0BAQsFAAOC
AQEAlJO71LxByK1sbdXe2ojh2Hrk27IKJCTlG2Zxl7g+HycgYCr7mvp6rIfcG8fx
wAUVurn3Kc8ZG1bb9hOkqRfHkbRBOhNEvSYvfRZM9+W51wK5FTbAjBf8I8JzGWL5
b25qaUv58H+RP+QVoPHyuL4CxzOpX9dQOGowAB0xEYctR0IatnmDy46S3MuKVJHy
FAEP4pk4wxbbdvuZsSQCdKKdeZ4jKUd64sAF4TnSFtesJQZD0vlSYxEkR3JFTMaa
GLFjXskroUPX/WHn0neNyOPq6X39GGtsIdfEqexR9Jcrkv4zALDOaeWUBp4n/86z
mc7Ihth6o3Ng6s0owGBYgVapxQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:26:50 2025 by rpki-client