Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/ZnpXMbY6IZxc0QixJ_wWeTPeNeI.roa
File: ZnpXMbY6IZxc0QixJ_wWeTPeNeI.roa (raw, json)
Hash identifier: KUnw4zqNTbEal9tmyreJGyuCVLZ/f0xdTQ5MIn1zanE=
Subject key identifier: 66:7A:57:31:B6:3A:21:9C:5C:D1:08:B1:27:FC:16:79:33:DE:35:E2
Certificate issuer: /CN=2f8e5122569de52cd50aec793494bf1ce7c25fc8
Certificate serial: 01856D6636FB502456753DCD672AC0300AC4
Authority key identifier: 2F:8E:51:22:56:9D:E5:2C:D5:0A:EC:79:34:94:BF:1C:E7:C2:5F:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L45RIlad5SzVCux5NJS_HOfCX8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/ZnpXMbY6IZxc0QixJ_wWeTPeNeI.roa
Signing time: Sun 01 Jan 2023 12:54:53 +0000
ROA not before: Sun 01 Jan 2023 12:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49336
IP address blocks: 193.26.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:36:fb:50:24:56:75:3d:cd:67:2a:c0:30:0a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f8e5122569de52cd50aec793494bf1ce7c25fc8
Validity
Not Before: Jan 1 12:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=667a5731b63a219c5cd108b127fc167933de35e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:83:16:45:df:9b:0b:06:b6:9f:93:ff:51:4b:
11:05:6f:e6:58:e0:61:11:5e:39:9f:5a:4c:84:f0:
6d:ad:90:55:a4:4a:44:91:ea:ae:87:36:cd:98:ad:
00:d1:4f:21:a9:69:bc:b3:50:25:82:da:4c:2d:ba:
89:64:be:17:a8:65:7c:f1:96:83:a6:d3:49:f1:d3:
ca:95:c5:ac:00:d0:9a:90:64:06:52:a6:52:c0:97:
86:fb:f1:69:6d:de:68:06:3d:91:b9:1b:ab:44:34:
71:fa:42:59:2a:0c:7e:6f:04:45:ee:6c:a5:43:ee:
19:33:11:15:d1:c6:93:d4:ec:46:f0:ec:29:2d:ad:
d6:23:3f:ab:34:e5:70:3b:da:fb:82:a5:b6:92:93:
c5:f0:87:d0:d5:81:45:0f:43:45:09:a7:e1:f5:c0:
54:f4:7a:60:9d:07:cb:1a:9e:63:78:aa:01:80:a5:
b7:3a:c2:d2:54:4a:2e:0d:24:c2:aa:63:fc:dd:f8:
11:ab:dc:b0:7d:23:81:f1:10:fc:0a:1d:ce:6e:e2:
bb:1d:6a:95:87:97:6f:3b:74:45:99:d4:f1:b1:4e:
a1:a9:8b:6a:74:84:9e:40:39:d8:22:38:21:86:c2:
fa:07:75:63:bf:a4:62:14:30:c0:8e:1e:fb:8b:73:
08:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7A:57:31:B6:3A:21:9C:5C:D1:08:B1:27:FC:16:79:33:DE:35:E2
X509v3 Authority Key Identifier:
keyid:2F:8E:51:22:56:9D:E5:2C:D5:0A:EC:79:34:94:BF:1C:E7:C2:5F:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L45RIlad5SzVCux5NJS_HOfCX8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/ZnpXMbY6IZxc0QixJ_wWeTPeNeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/L45RIlad5SzVCux5NJS_HOfCX8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.16.0/24
Signature Algorithm: sha256WithRSAEncryption
41:68:d7:8b:2c:c1:b7:ee:73:e5:9b:d4:57:46:9b:00:be:e0:
c4:c1:7b:a0:ec:79:2a:b4:50:24:51:38:7b:c3:65:e5:cf:f6:
fa:b5:57:eb:3f:d7:bb:6a:26:45:c7:72:bb:42:82:f5:df:67:
4d:9b:0a:d1:c9:96:5b:87:59:fc:78:f1:fb:24:33:3b:c7:9b:
27:59:8f:f7:73:d7:9f:a5:4e:79:17:24:b8:67:48:e2:f1:56:
f1:d9:21:31:1a:47:ff:02:d3:11:e7:65:0a:68:54:66:06:03:
3d:1a:c2:ce:5c:52:e8:2d:5d:b5:ad:af:c6:d8:24:3d:cd:50:
73:96:1f:74:0c:ed:d8:ba:e9:17:3e:cd:f4:57:53:6e:4c:18:
ea:d9:41:93:87:5a:c9:8f:cf:6d:06:22:84:c4:8e:95:2c:fc:
47:79:e3:57:b7:84:ec:8f:2c:eb:e9:25:a0:d6:8a:ae:c8:4c:
43:c9:4c:6f:68:da:6f:0f:6d:a1:31:62:d5:46:0e:d1:97:df:
f1:fc:bc:cf:cb:62:e9:79:2a:26:ab:24:db:c3:53:04:8e:33:
96:f3:61:cf:72:0e:6c:72:6d:c6:35:ce:26:f0:56:23:c3:de:
0f:cd:43:4c:17:e1:5c:01:c8:2a:1c:b5:41:1b:55:4c:98:2a:
95:e7:3d:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZjb7UCRWdT3NZyrAMArEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOGU1MTIyNTY5ZGU1MmNkNTBhZWM3OTM0OTRiZjFjZTdj
MjVmYzgwHhcNMjMwMTAxMTI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjdhNTczMWI2M2EyMTljNWNkMTA4YjEyN2ZjMTY3OTMzZGUzNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YMWRd+bCwa2n5P/UUsRBW/mWOBh
EV45n1pMhPBtrZBVpEpEkequhzbNmK0A0U8hqWm8s1AlgtpMLbqJZL4XqGV88ZaD
ptNJ8dPKlcWsANCakGQGUqZSwJeG+/Fpbd5oBj2RuRurRDRx+kJZKgx+bwRF7myl
Q+4ZMxEV0caT1OxG8OwpLa3WIz+rNOVwO9r7gqW2kpPF8IfQ1YFFD0NFCafh9cBU
9HpgnQfLGp5jeKoBgKW3OsLSVEouDSTCqmP83fgRq9ywfSOB8RD8Ch3ObuK7HWqV
h5dvO3RFmdTxsU6hqYtqdISeQDnYIjghhsL6B3Vjv6RiFDDAjh77i3MIkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZ6VzG2OiGcXNEIsSf8Fnkz3jXiMB8GA1UdIwQY
MBaAFC+OUSJWneUs1QrseTSUvxznwl/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDQ1UklsYWQ1U3pWQ3V4NU5KU19IT2ZDWDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNTZlNzgtZGNmOC00NjI1LTg3Y2Et
ODY4OGIxZTUzNTcxLzEvWm5wWE1iWTZJWnhjMFFpeEpfd1dlVFBlTmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNTZlNzgtZGNmOC00NjI1LTg3Y2EtODY4OGIxZTUzNTcx
LzEvTDQ1UklsYWQ1U3pWQ3V4NU5KU19IT2ZDWDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRoQMA0G
CSqGSIb3DQEBCwUAA4IBAQBBaNeLLMG37nPlm9RXRpsAvuDEwXug7HkqtFAkUTh7
w2Xlz/b6tVfrP9e7aiZFx3K7QoL132dNmwrRyZZbh1n8ePH7JDM7x5snWY/3c9ef
pU55FyS4Z0ji8Vbx2SExGkf/AtMR52UKaFRmBgM9GsLOXFLoLV21ra/G2CQ9zVBz
lh90DO3YuukXPs30V1NuTBjq2UGTh1rJj89tBiKExI6VLPxHeeNXt4Tsjyzr6SWg
1oquyExDyUxvaNpvD22hMWLVRg7Rl9/x/LzPy2LpeSomqyTbw1MEjjOW82HPcg5s
cm3GNc4m8FYjw94PzUNMF+FcAcgqHLVBG1VMmCqV5z2Y
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:52:18 2025 by rpki-client