Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/4bWLpFtx2SqbKG0ySCGRF9NYwpU.roa
File: 4bWLpFtx2SqbKG0ySCGRF9NYwpU.roa (raw, json)
Hash identifier: cpPVdYXHUEftIE3ClcopKITuYEcRpMAtWcquEIQhEQo=
Subject key identifier: E1:B5:8B:A4:5B:71:D9:2A:9B:28:6D:32:48:21:91:17:D3:58:C2:95
Certificate issuer: /CN=80d67a84409cedba022eeb035bd8ad620d683ea7
Certificate serial: 137C4308
Authority key identifier: 80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/4bWLpFtx2SqbKG0ySCGRF9NYwpU.roa
Signing time: Sat 01 Jan 2022 11:02:14 +0000
ROA not before: Sat 01 Jan 2022 11:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39686
IP address blocks: 193.242.97.0/24 maxlen: 24
2001:67c:18a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326910728 (0x137c4308)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80d67a84409cedba022eeb035bd8ad620d683ea7
Validity
Not Before: Jan 1 11:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1b58ba45b71d92a9b286d3248219117d358c295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:64:74:ff:70:6b:67:c8:a2:c3:5b:d9:6f:31:
9e:04:05:9b:a3:ee:12:e5:b7:29:9c:a7:c1:ab:3f:
33:77:b1:33:47:31:f2:4a:cf:d5:f9:39:48:2a:ec:
35:31:9a:45:c6:73:ff:62:43:e8:bf:8c:3a:22:2b:
3c:00:0b:3f:47:fb:26:97:68:6d:7f:0c:06:2c:8e:
f7:c7:b6:39:33:7b:a6:de:0c:d9:58:1c:14:e3:c6:
f3:1c:07:74:94:6f:33:67:bb:90:a3:54:87:9c:f2:
89:c0:2f:ac:06:5a:6e:12:35:44:3d:46:82:18:90:
a9:70:42:a0:e3:90:30:ca:f9:f1:39:e5:39:a9:74:
b1:bc:60:ad:f4:73:01:bd:15:a9:63:2c:f1:d1:5a:
77:f4:93:a1:6f:6f:58:cd:eb:19:76:8f:f2:d6:9a:
91:79:27:af:c4:3e:93:35:7b:5a:b9:16:f0:79:d1:
8b:ca:cf:1e:59:5a:ca:e1:eb:62:15:bb:68:5f:2c:
5d:03:8f:11:6f:8c:fb:9e:e1:50:83:42:11:6b:67:
75:74:55:0e:5d:6f:32:76:bb:bd:f8:ca:2b:4b:6a:
43:1b:91:03:f3:68:61:2a:4b:67:f6:df:b2:ed:02:
22:7a:62:01:32:2e:d1:32:24:e3:05:3c:38:b9:df:
b5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B5:8B:A4:5B:71:D9:2A:9B:28:6D:32:48:21:91:17:D3:58:C2:95
X509v3 Authority Key Identifier:
keyid:80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/4bWLpFtx2SqbKG0ySCGRF9NYwpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.97.0/24
IPv6:
2001:67c:18a0::/48
Signature Algorithm: sha256WithRSAEncryption
bf:bf:c4:1c:a7:47:15:2f:18:59:cf:11:ce:33:bf:49:64:d1:
2f:c6:c9:8d:5a:5d:cd:70:43:c9:2d:d5:ff:b4:2e:fc:1b:54:
0b:ac:e3:19:db:d5:6c:0f:5b:3a:47:c3:4b:60:fd:80:96:c7:
c4:09:79:4c:95:87:1b:c2:73:d7:7d:79:68:65:30:1c:1b:22:
c7:80:a2:29:bf:69:41:25:e3:91:52:46:8c:da:9c:be:92:74:
7e:94:25:57:05:76:35:cd:a5:36:57:51:9c:99:f3:bb:17:9b:
28:a1:de:d8:e6:7b:e3:d4:4c:24:0b:da:5e:bc:b6:56:86:19:
36:b0:8d:01:e4:3b:0d:a2:fa:1a:6d:31:49:7b:1c:fa:f6:fa:
f3:e5:77:3e:18:47:a5:73:a1:4f:79:3b:ba:8a:fe:36:51:71:
67:7f:c3:50:3a:a3:4f:9e:4b:76:6f:1d:a6:91:24:0a:65:d3:
43:d3:ce:0b:ff:f3:64:d5:d9:95:8d:30:90:ea:5b:6a:7b:b9:
99:29:17:21:63:b3:3c:b7:62:36:36:d3:1e:17:cf:ef:0d:10:
c6:0e:4a:aa:f2:1f:80:02:68:9f:95:bb:fc:09:9c:33:9b:74:
f0:ce:d2:c0:d7:a6:7b:f3:ea:df:f5:9b:2d:5f:27:d8:3c:22:
e3:a6:f4:14
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEE3xDCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGQ2N2E4NDQwOWNlZGJhMDIyZWViMDM1YmQ4YWQ2MjBkNjgzZWE3MB4XDTIyMDEw
MTExMDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFiNThiYTQ1Yjcx
ZDkyYTliMjg2ZDMyNDgyMTkxMTdkMzU4YzI5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxkdP9wa2fIosNb2W8xngQFm6PuEuW3KZynwas/M3exM0cx
8krP1fk5SCrsNTGaRcZz/2JD6L+MOiIrPAALP0f7JpdobX8MBiyO98e2OTN7pt4M
2VgcFOPG8xwHdJRvM2e7kKNUh5zyicAvrAZabhI1RD1GghiQqXBCoOOQMMr58Tnl
Oal0sbxgrfRzAb0VqWMs8dFad/SToW9vWM3rGXaP8taakXknr8Q+kzV7WrkW8HnR
i8rPHllayuHrYhW7aF8sXQOPEW+M+57hUINCEWtndXRVDl1vMna7vfjKK0tqQxuR
A/NoYSpLZ/bfsu0CInpiATIu0TIk4wU8OLnftVsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBThtYukW3HZKpsobTJIIZEX01jClTAfBgNVHSMEGDAWgBSA1nqEQJztugIu
6wNb2K1iDWg+pzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dOWjZoRUNjN2JvQ0x1c0RXOWl0WWcxb1BxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvMTNkNTBiLTdkYjMtNGQxMC04YTRlLTZlYjNhYTZhMjFhZi8x
LzRiV0xwRnR4MlNxYktHMHlTQ0dSRjlOWXdwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
MTNkNTBiLTdkYjMtNGQxMC04YTRlLTZlYjNhYTZhMjFhZi8xL2dOWjZoRUNjN2Jv
Q0x1c0RXOWl0WWcxb1BxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMHyYTAPBAIAAjAJAwcAIAEGfBig
MA0GCSqGSIb3DQEBCwUAA4IBAQC/v8Qcp0cVLxhZzxHOM79JZNEvxsmNWl3NcEPJ
LdX/tC78G1QLrOMZ29VsD1s6R8NLYP2AlsfECXlMlYcbwnPXfXloZTAcGyLHgKIp
v2lBJeORUkaM2py+knR+lCVXBXY1zaU2V1GcmfO7F5sood7Y5nvj1EwkC9pevLZW
hhk2sI0B5DsNovoabTFJexz69vrz5Xc+GEelc6FPeTu6iv42UXFnf8NQOqNPnkt2
bx2mkSQKZdND084L//Nk1dmVjTCQ6ltqe7mZKRchY7M8t2I2NtMeF8/vDRDGDkqq
8h+AAmiflbv8CZwzm3TwztLA16Z78+rf9ZstXyfYPCLjpvQU
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:12:00 2025 by rpki-client