Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/zjxokJUNqLx1xJZ629PFLGauAP4.roa
File: zjxokJUNqLx1xJZ629PFLGauAP4.roa (raw, json)
Hash identifier: FIBIqYRWWrgQ/eact2bOKjHP2On/rTwV2npeRadtx3g=
Subject key identifier: CE:3C:68:90:95:0D:A8:BC:75:C4:96:7A:DB:D3:C5:2C:66:AE:00:FE
Certificate issuer: /CN=d1bf176af8dba30fef325365ef3404812ce2d84a
Certificate serial: 01856C783922C374ED77559D50DB4A15A3AD
Authority key identifier: D1:BF:17:6A:F8:DB:A3:0F:EF:32:53:65:EF:34:04:81:2C:E2:D8:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0b8Xavjbow_vMlNl7zQEgSzi2Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/zjxokJUNqLx1xJZ629PFLGauAP4.roa
Signing time: Sun 01 Jan 2023 08:34:56 +0000
ROA not before: Sun 01 Jan 2023 08:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197016
IP address blocks: 194.8.236.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:39:22:c3:74:ed:77:55:9d:50:db:4a:15:a3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1bf176af8dba30fef325365ef3404812ce2d84a
Validity
Not Before: Jan 1 08:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce3c6890950da8bc75c4967adbd3c52c66ae00fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:0b:9a:17:e9:02:2c:37:37:f4:ca:98:29:
6a:c5:bd:8b:1f:eb:3e:83:ce:22:f7:10:73:1f:85:
46:c4:ca:03:6d:a8:df:b9:0c:0b:30:ca:92:99:6c:
0b:9d:9f:b9:cc:1a:05:e7:20:fd:fc:05:40:8f:43:
1e:33:89:a3:4e:ec:71:5a:0c:f8:87:9f:c0:41:3e:
f4:65:97:42:79:7a:de:5e:7d:5d:e3:a1:4f:46:fd:
2d:53:7f:ab:b4:b5:04:4c:eb:a0:d4:87:ac:24:56:
0c:37:b7:6a:da:80:12:ea:be:f0:9a:e7:b6:63:da:
4a:53:3a:9d:22:56:c4:08:95:b4:0b:ee:84:41:54:
c3:5b:bd:2d:ad:b6:66:fa:1f:48:fa:4d:a4:93:bc:
bf:0a:6e:a3:8b:95:ca:19:f0:53:f4:9d:40:b1:6b:
d7:ef:65:7b:01:eb:3a:b0:69:35:ea:c0:29:6c:ab:
17:38:2d:d4:50:f5:ad:0a:b3:e0:43:38:3f:03:ac:
bf:df:a1:c9:85:a7:cd:9c:8b:27:38:cc:a5:f2:13:
b3:88:e2:e1:c5:d3:81:47:4f:b3:14:a0:a9:37:77:
3f:76:fe:d6:56:68:2d:95:c2:c1:8f:22:5f:84:fb:
c5:b4:b7:8e:e3:b4:f7:db:81:f5:e9:7f:f4:ad:b9:
ef:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3C:68:90:95:0D:A8:BC:75:C4:96:7A:DB:D3:C5:2C:66:AE:00:FE
X509v3 Authority Key Identifier:
keyid:D1:BF:17:6A:F8:DB:A3:0F:EF:32:53:65:EF:34:04:81:2C:E2:D8:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b8Xavjbow_vMlNl7zQEgSzi2Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/zjxokJUNqLx1xJZ629PFLGauAP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/0b8Xavjbow_vMlNl7zQEgSzi2Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.236.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:90:94:10:b5:77:c4:28:4a:3f:15:6c:c0:c2:87:0e:cf:c9:
c6:9d:dd:5a:8c:e1:2c:91:ea:c2:1f:43:57:04:4f:54:65:e8:
f2:7f:1b:dd:f0:7d:ee:24:e8:29:93:26:bd:23:d3:a2:5c:c3:
a9:ee:5c:12:f3:66:95:46:7c:19:3c:84:ed:d2:1e:ef:66:34:
2a:d2:14:a2:9c:8c:0a:22:c0:4d:fe:4b:93:f2:2d:cd:5f:0e:
cf:a9:38:ff:6b:82:89:61:06:fb:61:f6:41:18:8f:85:77:1c:
fd:88:29:58:a7:49:8d:4c:6b:4b:5a:96:59:32:71:bb:5b:7d:
df:66:fc:e8:1b:5c:3e:94:35:63:9b:6d:f1:d6:08:19:2c:bc:
1d:5b:81:6f:e3:69:6a:fa:f9:c5:8c:38:df:d7:e2:8f:5f:76:
22:b8:6d:d3:0a:42:bc:f9:9f:02:83:36:0e:28:30:c9:6c:3c:
62:8d:3d:07:c2:84:17:d2:35:04:8b:ea:e3:58:d4:25:87:80:
0d:fc:fb:8d:9a:ab:42:52:84:bb:47:76:bb:6a:9f:f9:f6:b5:
55:81:8e:f2:86:e0:fe:1c:b5:c9:b6:5d:ce:13:9e:52:8e:fd:
5f:ad:4d:28:79:65:36:35:d0:3c:37:05:6b:a1:b8:05:62:8c:
3e:e4:10:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseDkiw3Ttd1WdUNtKFaOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYmYxNzZhZjhkYmEzMGZlZjMyNTM2NWVmMzQwNDgxMmNl
MmQ4NGEwHhcNMjMwMTAxMDgzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTNjNjg5MDk1MGRhOGJjNzVjNDk2N2FkYmQzYzUyYzY2YWUwMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/QLmhfpAiw3N/TKmClqxb2LH+s+
g84i9xBzH4VGxMoDbajfuQwLMMqSmWwLnZ+5zBoF5yD9/AVAj0MeM4mjTuxxWgz4
h5/AQT70ZZdCeXreXn1d46FPRv0tU3+rtLUETOug1IesJFYMN7dq2oAS6r7wmue2
Y9pKUzqdIlbECJW0C+6EQVTDW70trbZm+h9I+k2kk7y/Cm6ji5XKGfBT9J1AsWvX
72V7Aes6sGk16sApbKsXOC3UUPWtCrPgQzg/A6y/36HJhafNnIsnOMyl8hOziOLh
xdOBR0+zFKCpN3c/dv7WVmgtlcLBjyJfhPvFtLeO47T324H16X/0rbnvNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM48aJCVDai8dcSWetvTxSxmrgD+MB8GA1UdIwQY
MBaAFNG/F2r426MP7zJTZe80BIEs4thKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGI4WGF2amJvd192TWxObDd6UUVnU3ppMkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9hYmNkOGUtYjA0Yi00OGU4LThkYWMt
ZmQ1NTkyNDJkNDcxLzEvemp4b2tKVU5xTHgxeEpaNjI5UEZMR2F1QVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9hYmNkOGUtYjA0Yi00OGU4LThkYWMtZmQ1NTkyNDJkNDcx
LzEvMGI4WGF2amJvd192TWxObDd6UUVnU3ppMkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgjsMA0G
CSqGSIb3DQEBCwUAA4IBAQCLkJQQtXfEKEo/FWzAwocOz8nGnd1ajOEskerCH0NX
BE9UZejyfxvd8H3uJOgpkya9I9OiXMOp7lwS82aVRnwZPITt0h7vZjQq0hSinIwK
IsBN/kuT8i3NXw7PqTj/a4KJYQb7YfZBGI+Fdxz9iClYp0mNTGtLWpZZMnG7W33f
ZvzoG1w+lDVjm23x1ggZLLwdW4Fv42lq+vnFjDjf1+KPX3YiuG3TCkK8+Z8CgzYO
KDDJbDxijT0HwoQX0jUEi+rjWNQlh4AN/PuNmqtCUoS7R3a7ap/59rVVgY7yhuD+
HLXJtl3OE55Sjv1frU0oeWU2NdA8NwVrobgFYow+5BBw
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:03:22 2025 by rpki-client