Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/2119ab-2f0a-451e-b3fa-98db4d5cdb33/1/2eH2wknrwkAPuV63I8odqj4xFDo.roa
File: 2eH2wknrwkAPuV63I8odqj4xFDo.roa (raw, json)
Hash identifier: FNZLu7f6Om1kApVOdboTVQ5XN9csyeOCJXDLpmidrkE=
Subject key identifier: D9:E1:F6:C2:49:EB:C2:40:0F:B9:5E:B7:23:CA:1D:AA:3E:31:14:3A
Certificate issuer: /CN=a712593732dffe385e676e90568772306cdaeb72
Certificate serial: 0187C1915B65B6630320D3A93C75253D745B
Authority key identifier: A7:12:59:37:32:DF:FE:38:5E:67:6E:90:56:87:72:30:6C:DA:EB:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxJZNzLf_jheZ26QVodyMGza63I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/2119ab-2f0a-451e-b3fa-98db4d5cdb33/1/2eH2wknrwkAPuV63I8odqj4xFDo.roa
Signing time: Thu 27 Apr 2023 07:15:41 +0000
ROA not before: Thu 27 Apr 2023 07:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213072
IP address blocks: 194.60.80.0/24 maxlen: 24
2001:67c:c5c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:91:5b:65:b6:63:03:20:d3:a9:3c:75:25:3d:74:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a712593732dffe385e676e90568772306cdaeb72
Validity
Not Before: Apr 27 07:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9e1f6c249ebc2400fb95eb723ca1daa3e31143a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:71:94:b3:33:91:17:a8:df:61:f5:c7:6e:d7:
bb:fa:40:ef:c0:6b:f4:97:05:19:37:96:16:32:15:
87:ce:8f:a8:d9:81:51:24:22:e8:a8:ca:f8:d3:32:
71:2f:a3:be:a6:70:64:25:ea:71:44:0f:0e:66:a7:
6e:27:1e:57:b1:e8:c7:01:19:bf:cf:c4:5e:36:4d:
65:f1:47:da:1a:e6:c4:f5:e9:1f:77:c6:4b:f4:41:
5a:1c:37:48:b5:1b:56:81:d4:30:49:81:bc:0d:07:
cd:81:4f:95:f1:2e:e5:44:1f:27:45:1e:c7:fc:7d:
9c:e8:de:aa:f7:5c:43:98:50:6e:40:e4:db:eb:1b:
37:01:ba:52:bc:bd:9d:7c:84:31:ba:b7:67:6b:63:
44:34:f1:d1:28:d5:2d:ed:35:76:b0:1e:4a:ba:fd:
f2:91:46:01:99:4d:39:ce:ca:5f:5c:63:3f:5b:fb:
ee:38:28:af:3c:df:36:8b:e3:23:d1:b1:e8:87:db:
c2:2f:b2:bd:27:13:49:e8:50:9b:db:28:e2:58:93:
ad:c1:a3:7c:50:0f:cf:fb:b2:d4:a1:f1:96:0e:85:
8a:c6:83:c7:87:81:df:85:1e:1d:bf:11:cf:3e:a0:
bc:be:5f:6c:66:aa:8c:df:b2:3d:57:52:7a:86:82:
3d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E1:F6:C2:49:EB:C2:40:0F:B9:5E:B7:23:CA:1D:AA:3E:31:14:3A
X509v3 Authority Key Identifier:
keyid:A7:12:59:37:32:DF:FE:38:5E:67:6E:90:56:87:72:30:6C:DA:EB:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxJZNzLf_jheZ26QVodyMGza63I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2119ab-2f0a-451e-b3fa-98db4d5cdb33/1/2eH2wknrwkAPuV63I8odqj4xFDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2119ab-2f0a-451e-b3fa-98db4d5cdb33/1/pxJZNzLf_jheZ26QVodyMGza63I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.80.0/24
IPv6:
2001:67c:c5c::/48
Signature Algorithm: sha256WithRSAEncryption
91:a1:f7:e9:29:a4:85:e0:83:8e:59:17:31:db:4a:be:f3:73:
2d:3d:91:2e:cc:02:5e:5e:ae:70:8d:dc:2f:31:db:f1:85:af:
74:df:5c:5b:e5:21:f5:1a:98:f6:3e:1c:81:b4:9d:3f:59:ab:
0c:1a:67:7d:f8:12:74:92:af:1c:ba:a6:dc:e3:5e:fc:44:9e:
f2:3a:1a:4f:16:2f:c4:d3:a3:7b:8e:8d:62:b2:c5:4d:bc:da:
b2:a5:7d:cc:4a:ba:3e:1b:25:4e:1c:e7:6e:91:8b:66:8f:21:
f0:6e:40:0d:2b:b9:6d:48:94:fb:f9:02:c3:23:50:bb:61:d2:
65:39:18:c1:02:03:12:35:83:f9:a3:28:39:d0:28:45:53:84:
c3:81:71:f3:a9:b8:b2:14:39:c5:ad:1f:62:0f:10:f8:2d:5c:
04:c2:46:7e:97:25:c5:ab:74:df:91:2d:de:47:b5:93:42:dc:
54:03:48:c8:84:5d:88:9c:18:c0:9c:13:f2:ed:8c:e1:33:d5:
f5:8b:59:1d:45:3a:75:72:24:f7:db:ef:13:10:a5:30:7a:c9:
56:54:bd:39:b8:cb:98:c4:81:d9:4d:d8:cf:9f:47:b2:48:a3:
47:7f:6f:e9:3d:26:2b:b4:72:08:e9:0c:4f:5a:f7:a2:1d:5c:
a4:48:ca:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfBkVtltmMDINOpPHUlPXRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTI1OTM3MzJkZmZlMzg1ZTY3NmU5MDU2ODc3MjMwNmNk
YWViNzIwHhcNMjMwNDI3MDcxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWUxZjZjMjQ5ZWJjMjQwMGZiOTVlYjcyM2NhMWRhYTNlMzExNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHGUszORF6jfYfXHbte7+kDvwGv0
lwUZN5YWMhWHzo+o2YFRJCLoqMr40zJxL6O+pnBkJepxRA8OZqduJx5XsejHARm/
z8ReNk1l8UfaGubE9ekfd8ZL9EFaHDdItRtWgdQwSYG8DQfNgU+V8S7lRB8nRR7H
/H2c6N6q91xDmFBuQOTb6xs3AbpSvL2dfIQxurdna2NENPHRKNUt7TV2sB5Kuv3y
kUYBmU05zspfXGM/W/vuOCivPN82i+Mj0bHoh9vCL7K9JxNJ6FCb2yjiWJOtwaN8
UA/P+7LUofGWDoWKxoPHh4HfhR4dvxHPPqC8vl9sZqqM37I9V1J6hoI9tQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNnh9sJJ68JAD7letyPKHao+MRQ6MB8GA1UdIwQY
MBaAFKcSWTcy3/44XmdukFaHcjBs2utyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhKWk56TGZfamhlWjI2UVZvZHlNR3phNjNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMTE5YWItMmYwYS00NTFlLWIzZmEt
OThkYjRkNWNkYjMzLzEvMmVIMndrbnJ3a0FQdVY2M0k4b2RxajR4RkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMTE5YWItMmYwYS00NTFlLWIzZmEtOThkYjRkNWNkYjMz
LzEvcHhKWk56TGZfamhlWjI2UVZvZHlNR3phNjNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwjxQMA8E
AgACMAkDBwAgAQZ8DFwwDQYJKoZIhvcNAQELBQADggEBAJGh9+kppIXgg45ZFzHb
Sr7zcy09kS7MAl5ernCN3C8x2/GFr3TfXFvlIfUamPY+HIG0nT9ZqwwaZ334EnSS
rxy6ptzjXvxEnvI6Gk8WL8TTo3uOjWKyxU282rKlfcxKuj4bJU4c526Ri2aPIfBu
QA0ruW1IlPv5AsMjULth0mU5GMECAxI1g/mjKDnQKEVThMOBcfOpuLIUOcWtH2IP
EPgtXATCRn6XJcWrdN+RLd5HtZNC3FQDSMiEXYicGMCcE/LtjOEz1fWLWR1FOnVy
JPfb7xMQpTB6yVZUvTm4y5jEgdlN2M+fR7JIo0d/b+k9Jiu0cgjpDE9a96IdXKRI
yvE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:02:11 2025 by rpki-client