Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/z2-ugdWabkKczPvUi0mPGNX6JEE.roa
File: z2-ugdWabkKczPvUi0mPGNX6JEE.roa (raw, json)
Hash identifier: hPIGrdtF0uB/iIqAEB4NTmd2kzIPhrk2ESBRE8TrxTo=
Subject key identifier: CF:6F:AE:81:D5:9A:6E:42:9C:CC:FB:D4:8B:49:8F:18:D5:FA:24:41
Certificate issuer: /CN=6311a9d4c10252fbf73b7165f35acc1dce9f0a93
Certificate serial: 0185727126DE878405C8E5D5E3A39A3BF72F
Authority key identifier: 63:11:A9:D4:C1:02:52:FB:F7:3B:71:65:F3:5A:CC:1D:CE:9F:0A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxGp1MECUvv3O3Fl81rMHc6fCpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/z2-ugdWabkKczPvUi0mPGNX6JEE.roa
Signing time: Mon 02 Jan 2023 12:24:56 +0000
ROA not before: Mon 02 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42
IP address blocks: 194.0.17.0/24 maxlen: 24
2001:678:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:26:de:87:84:05:c8:e5:d5:e3:a3:9a:3b:f7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6311a9d4c10252fbf73b7165f35acc1dce9f0a93
Validity
Not Before: Jan 2 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf6fae81d59a6e429cccfbd48b498f18d5fa2441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ed:de:e1:a3:62:05:fa:74:d7:67:39:1e:f6:
49:ad:55:4b:62:f9:54:68:c9:50:e8:07:b0:ab:ca:
6c:53:28:5d:12:7c:74:8d:28:6e:d1:6e:2e:7c:87:
78:98:57:e1:4d:3c:f8:e4:af:6f:5f:e7:9f:01:c6:
46:13:4e:80:20:f9:9f:cd:87:4c:e5:da:e0:53:7c:
eb:84:75:6e:15:4d:8c:3a:34:b8:6d:01:d0:85:d0:
7b:d3:b6:d5:ce:f7:13:7c:b4:b9:fe:41:04:cc:bd:
fd:66:e1:11:c5:15:19:bf:7c:ba:18:2c:99:2c:a4:
f6:71:af:8d:2c:eb:d4:71:ce:32:46:07:a7:f6:ac:
1f:77:d1:85:fb:84:01:ab:19:5b:f2:e8:e9:4d:a1:
32:38:99:6a:59:a8:1c:2d:34:0b:82:8a:d4:a1:0e:
b2:c7:e3:c7:bf:d2:89:49:3f:44:4a:cd:b9:9b:fc:
1e:94:1c:7f:7d:e6:c7:a8:99:24:4a:cb:11:b9:33:
25:23:0f:74:86:d3:04:ce:91:42:9e:1d:35:a6:aa:
d0:03:6f:7d:9a:fa:d0:73:d7:c6:79:ef:00:dd:e9:
25:ee:af:d6:49:c9:4b:aa:7d:ac:15:0d:5b:bc:cd:
0f:59:9d:0f:8d:32:f7:3b:17:c6:8b:66:1d:5c:62:
39:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:6F:AE:81:D5:9A:6E:42:9C:CC:FB:D4:8B:49:8F:18:D5:FA:24:41
X509v3 Authority Key Identifier:
keyid:63:11:A9:D4:C1:02:52:FB:F7:3B:71:65:F3:5A:CC:1D:CE:9F:0A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxGp1MECUvv3O3Fl81rMHc6fCpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/z2-ugdWabkKczPvUi0mPGNX6JEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/YxGp1MECUvv3O3Fl81rMHc6fCpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.17.0/24
IPv6:
2001:678:3::/48
Signature Algorithm: sha256WithRSAEncryption
43:df:28:f7:66:3a:c6:4c:6f:c1:43:aa:34:d5:7b:2e:60:cd:
96:58:03:87:f9:69:86:86:63:8e:26:78:3f:a2:09:47:d4:7f:
df:ca:b7:20:97:a5:70:33:0e:18:32:47:82:41:c9:a4:51:36:
40:0b:56:79:10:4d:e1:23:a0:db:fe:9c:0e:26:ee:04:de:79:
42:ce:20:b8:4f:59:ba:bf:99:12:19:bb:47:55:02:8c:2a:c7:
0d:e1:26:a6:1d:1c:38:9d:b2:41:7c:6f:29:80:26:3b:d4:71:
3a:b8:8a:96:18:2d:88:bd:7d:a4:6d:84:37:2d:82:2b:39:d4:
75:01:24:ec:68:c8:ea:c3:c7:33:42:5f:7a:94:c7:60:9a:ee:
36:08:55:a9:f2:d7:0b:50:9f:4d:43:f3:86:c6:ed:73:97:c6:
57:f3:1d:35:23:06:49:30:4c:09:4d:6a:82:ee:6d:77:8b:f6:
ba:a7:b4:a5:0a:bd:2a:4a:1b:1c:d8:8c:70:e2:b4:aa:df:8c:
1a:0b:9e:47:7b:d0:1f:3a:e8:92:71:06:cc:b4:95:9a:31:c4:
82:fe:c6:07:34:2c:7e:5a:a6:69:3d:3e:63:01:36:f0:e7:cc:
72:f7:a1:8e:0c:bd:cd:90:d2:b7:81:ef:2e:92:c6:47:66:02:
8e:57:b7:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVycSbeh4QFyOXV46OaO/cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTFhOWQ0YzEwMjUyZmJmNzNiNzE2NWYzNWFjYzFkY2U5
ZjBhOTMwHhcNMjMwMTAyMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjZmYWU4MWQ1OWE2ZTQyOWNjY2ZiZDQ4YjQ5OGYxOGQ1ZmEyNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+3e4aNiBfp012c5HvZJrVVLYvlU
aMlQ6Aewq8psUyhdEnx0jShu0W4ufId4mFfhTTz45K9vX+efAcZGE06AIPmfzYdM
5drgU3zrhHVuFU2MOjS4bQHQhdB707bVzvcTfLS5/kEEzL39ZuERxRUZv3y6GCyZ
LKT2ca+NLOvUcc4yRgen9qwfd9GF+4QBqxlb8ujpTaEyOJlqWagcLTQLgorUoQ6y
x+PHv9KJST9ESs25m/welBx/febHqJkkSssRuTMlIw90htMEzpFCnh01pqrQA299
mvrQc9fGee8A3ekl7q/WSclLqn2sFQ1bvM0PWZ0PjTL3OxfGi2YdXGI5sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM9vroHVmm5CnMz71ItJjxjV+iRBMB8GA1UdIwQY
MBaAFGMRqdTBAlL79ztxZfNazB3OnwqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhHcDFNRUNVdnYzTzNGbDgxck1IYzZmQ3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZWQ1ZDMtYjk5Yy00ODZiLWFmOWMt
N2NmZDk1N2YwOGZmLzEvejItdWdkV2Fia0tjelB2VWkwbVBHTlg2SkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZWQ1ZDMtYjk5Yy00ODZiLWFmOWMtN2NmZDk1N2YwOGZm
LzEvWXhHcDFNRUNVdnYzTzNGbDgxck1IYzZmQ3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgARMA8E
AgACMAkDBwAgAQZ4AAMwDQYJKoZIhvcNAQELBQADggEBAEPfKPdmOsZMb8FDqjTV
ey5gzZZYA4f5aYaGY44meD+iCUfUf9/KtyCXpXAzDhgyR4JByaRRNkALVnkQTeEj
oNv+nA4m7gTeeULOILhPWbq/mRIZu0dVAowqxw3hJqYdHDidskF8bymAJjvUcTq4
ipYYLYi9faRthDctgis51HUBJOxoyOrDxzNCX3qUx2Ca7jYIVany1wtQn01D84bG
7XOXxlfzHTUjBkkwTAlNaoLubXeL9rqntKUKvSpKGxzYjHDitKrfjBoLnkd70B86
6JJxBsy0lZoxxIL+xgc0LH5apmk9PmMBNvDnzHL3oY4Mvc2Q0reB7y6SxkdmAo5X
tyg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:04:20 2025 by rpki-client