Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/z-M1WGWuXRajou7-jnfhC1Rr7SE.roa
File: z-M1WGWuXRajou7-jnfhC1Rr7SE.roa (raw, json)
Hash identifier: 9SLUsRLgy/YI+hTU2DjqPKPSB/IfzvfUFHWLkXLZaxc=
Subject key identifier: CF:E3:35:58:65:AE:5D:16:A3:A2:EE:FE:8E:77:E1:0B:54:6B:ED:21
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAE7066DDB1459100960FDA2F38C6F
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/z-M1WGWuXRajou7-jnfhC1Rr7SE.roa
Signing time: Sun 01 Jan 2023 14:44:52 +0000
ROA not before: Sun 01 Jan 2023 14:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47911
IP address blocks: 188.186.128.0/21 maxlen: 24
2a02:2698:b000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e7:06:6d:db:14:59:10:09:60:fd:a2:f3:8c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfe3355865ae5d16a3a2eefe8e77e10b546bed21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b7:1f:c3:8a:3b:81:22:2c:ac:1d:5b:e6:75:
4f:74:32:62:17:30:da:68:98:6e:e5:d9:32:49:d5:
0b:17:d3:6b:ed:45:a0:52:85:63:eb:74:56:92:46:
e7:26:1f:b9:0b:3a:66:ac:25:ea:64:1f:bd:b6:fd:
39:5e:01:72:0a:cf:e9:c0:95:a6:9c:5a:3a:5a:92:
b3:ed:1c:b1:c5:15:71:22:09:43:2e:6e:6e:60:99:
1b:47:8f:02:dc:2d:ca:fc:53:f1:f7:c0:4d:eb:a6:
da:3b:5c:b0:9c:d8:37:0c:b7:12:25:4a:59:3b:1f:
6f:93:2a:f7:42:73:63:83:a8:57:62:26:66:fb:2b:
41:78:7d:0a:9b:85:5d:c4:28:1d:ee:2b:bd:79:6f:
fd:37:de:3f:e3:d7:1a:15:bf:fd:f4:31:52:86:08:
ca:fb:cf:06:6b:2b:7a:cb:7d:1a:88:d3:a6:8f:77:
68:18:8d:3f:68:f4:28:39:e5:d3:a4:57:65:4b:41:
27:0a:03:dd:f9:3c:6c:7e:65:5c:89:b7:8a:8b:39:
a0:c5:64:b5:d8:53:34:68:55:48:d9:3c:99:3a:29:
62:c1:38:ab:60:3a:2e:3f:63:eb:2e:7c:5f:23:e6:
d2:25:64:67:e3:19:59:2f:1d:ad:7f:5d:53:60:5a:
2e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E3:35:58:65:AE:5D:16:A3:A2:EE:FE:8E:77:E1:0B:54:6B:ED:21
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/z-M1WGWuXRajou7-jnfhC1Rr7SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.186.128.0/21
IPv6:
2a02:2698:b000::/36
Signature Algorithm: sha256WithRSAEncryption
2b:83:e7:7c:b4:53:51:be:b3:b5:6a:96:2b:8c:bd:e2:02:16:
bc:2e:3b:d3:ba:57:f3:73:69:96:0d:29:06:7b:86:7f:a8:09:
3c:11:09:9e:e2:77:11:ac:d8:33:cb:59:47:6b:f1:19:e7:ca:
6e:1f:23:3b:35:35:81:c2:90:5f:7c:8f:e3:df:ab:1d:52:6d:
d3:aa:ba:66:96:7a:95:7a:ff:eb:47:4d:83:12:a8:ef:7c:d1:
0e:83:bc:9c:c7:3f:c2:a3:25:76:fe:6a:ce:14:a7:cc:88:70:
68:c5:13:38:ae:85:31:a9:18:a9:e8:47:45:0a:66:c6:20:87:
86:bc:67:9a:37:7e:c3:67:74:d8:3d:26:ed:f4:c2:b5:4f:ff:
2c:d5:30:e6:0e:fa:54:19:26:88:99:21:dc:40:2f:1d:b4:52:
e7:70:d9:5a:1a:cf:10:37:fc:d0:d6:8d:61:eb:0d:48:01:07:
70:1c:61:dc:b0:57:4a:76:87:e2:91:bc:cf:6e:51:f1:ea:79:
2b:f9:c4:d9:27:b7:9e:11:e3:8c:52:13:39:08:88:66:8f:ac:
d0:19:59:3e:30:96:8b:47:c7:78:27:a8:44:76:ff:07:d8:04:
a6:21:63:c8:2b:92:e0:cd:ae:d4:e4:00:6b:53:7f:53:7d:57:
f6:3c:63:ca
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVtyucGbdsUWRAJYP2i84xvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmUzMzU1ODY1YWU1ZDE2YTNhMmVlZmU4ZTc3ZTEwYjU0NmJlZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7cfw4o7gSIsrB1b5nVPdDJiFzDa
aJhu5dkySdULF9Nr7UWgUoVj63RWkkbnJh+5CzpmrCXqZB+9tv05XgFyCs/pwJWm
nFo6WpKz7RyxxRVxIglDLm5uYJkbR48C3C3K/FPx98BN66baO1ywnNg3DLcSJUpZ
Ox9vkyr3QnNjg6hXYiZm+ytBeH0Km4VdxCgd7iu9eW/9N94/49caFb/99DFShgjK
+88Gayt6y30aiNOmj3doGI0/aPQoOeXTpFdlS0EnCgPd+TxsfmVcibeKizmgxWS1
2FM0aFVI2TyZOiliwTirYDouP2PrLnxfI+bSJWRn4xlZLx2tf11TYFouCQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFM/jNVhlrl0Wo6Lu/o534QtUa+0hMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvei1NMVdHV3VYUmFqb3U3LWpuZmhDMVJyN1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDvLqAMA4E
AgACMAgDBgQqAiaYsDANBgkqhkiG9w0BAQsFAAOCAQEAK4PnfLRTUb6ztWqWK4y9
4gIWvC4707pX83Nplg0pBnuGf6gJPBEJnuJ3EazYM8tZR2vxGefKbh8jOzU1gcKQ
X3yP49+rHVJt06q6ZpZ6lXr/60dNgxKo73zRDoO8nMc/wqMldv5qzhSnzIhwaMUT
OK6FMakYqehHRQpmxiCHhrxnmjd+w2d02D0m7fTCtU//LNUw5g76VBkmiJkh3EAv
HbRS53DZWhrPEDf80NaNYesNSAEHcBxh3LBXSnaH4pG8z25R8ep5K/nE2Se3nhHj
jFITOQiIZo+s0BlZPjCWi0fHeCeoRHb/B9gEpiFjyCuS4M2u1OQAa1N/U31X9jxj
yg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:59 2025 by rpki-client