Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Aq3Z60aHUN6amUvub5RKeRiU3Ug.roa
File: Aq3Z60aHUN6amUvub5RKeRiU3Ug.roa (raw, json)
Hash identifier: rBrKx4L/DxE7hAIdv7/VaHCRGwGEE7V2N+76GIR8FL8=
Subject key identifier: 02:AD:D9:EB:46:87:50:DE:9A:99:4B:EE:6F:94:4A:79:18:94:DD:48
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50C2CB5B
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Aq3Z60aHUN6amUvub5RKeRiU3Ug.roa
Signing time: Sat 01 Jan 2022 16:01:38 +0000
ROA not before: Sat 01 Jan 2022 16:01:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8300
IP address blocks: 193.134.248.0/23 maxlen: 23
194.209.74.0/24 maxlen: 24
193.5.30.0/24 maxlen: 24
193.5.252.0/24 maxlen: 24
193.5.158.0/23 maxlen: 24
2001:918:ffb7::/48 maxlen: 48
2001:918:ff70::/44 maxlen: 48
2001:918:f00::/40 maxlen: 40
2001:918:1ab::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1354943323 (0x50c2cb5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02add9eb468750de9a994bee6f944a791894dd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:76:d9:d8:b8:00:d1:4b:ad:4d:d6:c3:98:43:
c2:9a:6a:5f:c7:24:80:b7:15:18:fc:c3:c0:2b:32:
9a:12:37:ff:00:76:ba:64:57:3e:3a:45:3e:a2:72:
d8:fd:58:78:6a:57:82:23:49:81:25:dd:77:3c:9b:
cd:38:9f:b0:e3:94:74:48:93:25:d8:bb:04:87:d7:
ed:0a:54:bf:5d:a6:a5:09:42:89:04:c5:6e:a2:91:
44:d4:79:2d:5f:ca:55:d6:a5:69:09:b9:c8:b3:ed:
d2:59:42:32:ab:89:24:95:24:4b:3c:3e:5d:c7:14:
03:f9:a4:29:19:43:89:00:0b:c0:89:79:29:ff:60:
91:d3:2a:81:62:49:dd:1e:87:19:8f:e2:55:7d:fb:
7b:3e:db:a6:11:33:f2:a1:4a:02:93:49:cf:49:77:
49:2a:67:49:60:a9:15:1f:15:63:3b:bd:f2:6b:6f:
7b:b8:2e:44:ae:75:d8:ec:13:3f:56:ab:23:36:b1:
89:30:5a:1b:24:44:27:6c:ff:eb:31:54:ec:5b:59:
29:4f:7c:bf:4a:00:2f:cb:40:d6:48:b7:d6:4f:0d:
91:e6:f1:c8:d7:5d:aa:6e:b1:af:bc:06:58:ee:29:
9a:21:6d:3a:1d:4c:60:e8:55:e8:82:9f:d3:c3:f2:
a3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AD:D9:EB:46:87:50:DE:9A:99:4B:EE:6F:94:4A:79:18:94:DD:48
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Aq3Z60aHUN6amUvub5RKeRiU3Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.30.0/24
193.5.158.0/23
193.5.252.0/24
193.134.248.0/23
194.209.74.0/24
IPv6:
2001:918:1ab::/48
2001:918:f00::/40
2001:918:ff70::/44
2001:918:ffb7::/48
Signature Algorithm: sha256WithRSAEncryption
5c:be:b4:30:e3:2b:f3:08:e3:43:11:9e:47:45:69:09:fe:a6:
5e:79:77:13:0d:2f:b7:4b:13:b9:e5:06:62:a9:85:82:05:15:
21:c9:81:49:4b:52:73:92:8c:b2:97:9a:f1:40:75:53:87:a7:
8a:7a:20:35:2c:14:c9:75:c3:6d:da:3e:c8:31:fa:0b:48:16:
27:6c:05:ca:e4:51:0a:bd:bc:0e:48:a2:84:6b:0e:d4:bf:e0:
4e:07:ef:ac:55:6e:b9:05:99:b5:eb:96:b1:ea:3f:4d:c7:3d:
d3:c5:26:01:ce:9b:1f:35:2b:f4:83:cb:17:95:81:e2:44:cd:
5a:1d:63:8d:c2:c3:29:ca:cd:77:e9:42:78:46:58:fb:48:fb:
83:87:2e:5e:8a:74:58:50:a7:fd:16:69:56:8a:2b:6f:25:27:
8b:52:17:9d:5a:96:48:3a:a3:7f:54:54:86:76:e0:79:89:7c:
6c:6e:ab:5c:5d:6e:84:d4:55:d8:e9:91:1f:1e:f7:a8:ff:1e:
5d:f2:e9:2d:a4:5a:74:d7:7d:78:bd:f4:bf:95:b6:1f:32:9e:
99:be:f6:66:08:a6:30:78:1d:98:10:81:54:2f:c0:fd:76:5e:
e9:91:74:7d:55:81:74:c2:93:cd:14:d0:c2:47:d4:59:1e:2f:
1c:ab:7f:9e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIEUMLLWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJhZGQ5ZWI0Njg3
NTBkZTlhOTk0YmVlNmY5NDRhNzkxODk0ZGQ0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALF22di4ANFLrU3Ww5hDwppqX8ckgLcVGPzDwCsymhI3/wB2
umRXPjpFPqJy2P1YeGpXgiNJgSXddzybzTifsOOUdEiTJdi7BIfX7QpUv12mpQlC
iQTFbqKRRNR5LV/KVdalaQm5yLPt0llCMquJJJUkSzw+XccUA/mkKRlDiQALwIl5
Kf9gkdMqgWJJ3R6HGY/iVX37ez7bphEz8qFKApNJz0l3SSpnSWCpFR8VYzu98mtv
e7guRK512OwTP1arIzaxiTBaGyREJ2z/6zFU7FtZKU98v0oAL8tA1ki31k8Nkebx
yNddqm6xr7wGWO4pmiFtOh1MYOhV6IKf08Pyo4UCAwEAAaOCAkwwggJIMB0GA1Ud
DgQWBBQCrdnrRodQ3pqZS+5vlEp5GJTdSDAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L0FxM1o2MGFIVU42YW1VdnViNVJLZVJpVTNVZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBi
BggrBgEFBQcBBwEB/wRTMFEwJAQCAAEwHgMEAMEFHgMEAcEFngMEAMEF/AMEAcGG
+AMEAMLRSjApBAIAAjAjAwcAIAEJGAGrAwYAIAEJGA8DBwQgAQkY/3ADBwAgAQkY
/7cwDQYJKoZIhvcNAQELBQADggEBAFy+tDDjK/MI40MRnkdFaQn+pl55dxMNL7dL
E7nlBmKphYIFFSHJgUlLUnOSjLKXmvFAdVOHp4p6IDUsFMl1w23aPsgx+gtIFids
BcrkUQq9vA5IooRrDtS/4E4H76xVbrkFmbXrlrHqP03HPdPFJgHOmx81K/SDyxeV
geJEzVodY43CwynKzXfpQnhGWPtI+4OHLl6KdFhQp/0WaVaKK28lJ4tSF51alkg6
o39UVIZ24HmJfGxuq1xdboTUVdjpkR8e96j/Hl3y6S2kWnTXfXi99L+Vth8ynpm+
9mYIpjB4HZgQgVQvwP12XumRdH1VgXTCk80U0MJH1FkeLxyrf54=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:32:38 2025 by rpki-client