Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/GZnJfVJUgI2nhKkTJaU9-UrbKAM.roa
File: GZnJfVJUgI2nhKkTJaU9-UrbKAM.roa (raw, json)
Hash identifier: a0XOarLsVlfKx3PJZhCcRUe8+Y7G/Ws61bMDyiIQOPc=
Subject key identifier: 19:99:C9:7D:52:54:80:8D:A7:84:A9:13:25:A5:3D:F9:4A:DB:28:03
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 0187EABFCA64C398EF0ACCC4BAB803771573
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/GZnJfVJUgI2nhKkTJaU9-UrbKAM.roa
Signing time: Fri 05 May 2023 07:10:50 +0000
ROA not before: Fri 05 May 2023 07:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35577
IP address blocks: 193.33.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ea:bf:ca:64:c3:98:ef:0a:cc:c4:ba:b8:03:77:15:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: May 5 07:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1999c97d5254808da784a91325a53df94adb2803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d5:d9:00:9d:e2:97:7f:eb:b0:b3:16:82:15:
d1:37:9e:6b:23:06:44:fe:b1:e3:87:18:73:97:be:
c8:62:97:fd:cb:ed:9f:55:7d:ba:c3:26:14:91:8c:
88:80:af:34:15:13:61:38:d5:50:2b:23:c1:f4:4e:
ae:81:1a:97:1c:d8:74:81:8a:fa:90:49:24:92:b7:
1a:98:a1:1e:67:da:2b:65:10:dd:ac:b7:96:0e:62:
4a:6e:64:8f:1f:ac:a4:19:9f:28:e9:1a:c8:18:37:
ff:54:7f:2c:d9:37:35:26:6c:de:e3:8a:76:b4:65:
b9:ff:46:38:72:72:1e:49:42:89:14:95:d3:fa:26:
da:ab:cc:87:88:23:0d:11:a9:fd:4f:5c:4a:b3:8a:
92:99:10:9c:17:74:3c:62:74:c7:f3:f5:73:15:a0:
4c:2e:a9:48:3d:b1:c9:76:66:35:9e:18:9e:21:7a:
27:e2:62:fa:ad:ee:91:93:74:21:55:06:90:07:4e:
6f:6d:3e:06:4a:79:b2:71:34:7e:54:61:4c:da:b8:
22:ce:52:b2:77:4a:4c:9e:06:e0:25:02:fa:f8:4a:
b9:01:a4:38:55:9c:24:47:1c:d5:5a:89:51:ac:10:
0b:bc:11:d5:4c:ac:92:55:75:57:7d:f2:4a:42:24:
b7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:99:C9:7D:52:54:80:8D:A7:84:A9:13:25:A5:3D:F9:4A:DB:28:03
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/GZnJfVJUgI2nhKkTJaU9-UrbKAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.33.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:37:e8:65:e2:f2:ef:22:40:e3:20:71:c5:bd:b3:fa:77:a6:
06:68:a9:d6:20:94:64:35:ea:77:ba:a1:70:e4:b6:26:26:bb:
ec:1e:9e:f3:37:14:56:6f:4d:39:9e:26:37:eb:e1:8e:67:a5:
1f:f6:ce:b4:7e:62:c6:f4:65:13:5a:6d:4d:3e:ed:58:54:e1:
58:03:a6:8f:74:90:4d:68:1b:15:4b:4e:a4:83:63:c0:f3:65:
fa:c8:dc:9a:b9:6f:6b:f1:b3:48:99:c2:5f:1f:6f:ad:21:0d:
1d:c2:4b:bb:6f:a1:3a:33:e9:95:42:6d:5a:12:c9:7a:e8:b4:
88:42:52:91:5e:d9:41:2f:5f:e7:bc:81:fa:97:a3:9c:c4:a6:
cf:cf:d5:2a:47:40:e4:90:29:bf:1a:f8:ce:57:ba:a3:69:58:
15:ec:b6:ed:06:ef:7a:7a:96:c1:65:27:10:ac:8a:57:dc:64:
78:31:0e:5f:90:23:14:30:56:27:37:ed:10:c1:e3:e9:d6:de:
be:20:2b:13:42:29:47:9b:34:08:34:54:f7:a0:54:02:e2:bb:
66:ff:42:0e:ff:a6:57:01:d0:55:a2:67:56:2a:e3:1f:f8:7c:
a3:3a:06:64:3c:65:8e:54:1f:0b:36:eb:39:fc:66:cb:22:79:
13:ea:96:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfqv8pkw5jvCszEurgDdxVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjMwNTA1MDcxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk5Yzk3ZDUyNTQ4MDhkYTc4NGE5MTMyNWE1M2RmOTRhZGIyODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtXZAJ3il3/rsLMWghXRN55rIwZE
/rHjhxhzl77IYpf9y+2fVX26wyYUkYyIgK80FRNhONVQKyPB9E6ugRqXHNh0gYr6
kEkkkrcamKEeZ9orZRDdrLeWDmJKbmSPH6ykGZ8o6RrIGDf/VH8s2Tc1Jmze44p2
tGW5/0Y4cnIeSUKJFJXT+ibaq8yHiCMNEan9T1xKs4qSmRCcF3Q8YnTH8/VzFaBM
LqlIPbHJdmY1nhieIXon4mL6re6Rk3QhVQaQB05vbT4GSnmycTR+VGFM2rgizlKy
d0pMngbgJQL6+Eq5AaQ4VZwkRxzVWolRrBALvBHVTKySVXVXffJKQiS3KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmZyX1SVICNp4SpEyWlPflK2ygDMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvR1puSmZWSlVnSTJuaEtrVEphVTktVXJiS0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSEhMA0G
CSqGSIb3DQEBCwUAA4IBAQCON+hl4vLvIkDjIHHFvbP6d6YGaKnWIJRkNep3uqFw
5LYmJrvsHp7zNxRWb005niY36+GOZ6Uf9s60fmLG9GUTWm1NPu1YVOFYA6aPdJBN
aBsVS06kg2PA82X6yNyauW9r8bNImcJfH2+tIQ0dwku7b6E6M+mVQm1aEsl66LSI
QlKRXtlBL1/nvIH6l6OcxKbPz9UqR0DkkCm/GvjOV7qjaVgV7LbtBu96epbBZScQ
rIpX3GR4MQ5fkCMUMFYnN+0QwePp1t6+ICsTQilHmzQINFT3oFQC4rtm/0IO/6ZX
AdBVomdWKuMf+HyjOgZkPGWOVB8LNus5/GbLInkT6pYE
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:17 2025 by rpki-client