Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/zfF4rDrzsFU5_iyED7DR9OW9uOU.roa
File: zfF4rDrzsFU5_iyED7DR9OW9uOU.roa (raw, json)
Hash identifier: hfGsqOfYFgJ79UAXjIkQRrqm0XM5TZUFEkuazAP5UzE=
Subject key identifier: CD:F1:78:AC:3A:F3:B0:55:39:FE:2C:84:0F:B0:D1:F4:E5:BD:B8:E5
Certificate issuer: /CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Certificate serial: 018774A9A95B4E89BB0447BCD7A7686AA25E
Authority key identifier: FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/zfF4rDrzsFU5_iyED7DR9OW9uOU.roa
Signing time: Wed 12 Apr 2023 08:51:28 +0000
ROA not before: Wed 12 Apr 2023 08:51:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207203
IP address blocks: 193.228.80.0/22 maxlen: 22
2a04:7700::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:a9:a9:5b:4e:89:bb:04:47:bc:d7:a7:68:6a:a2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Validity
Not Before: Apr 12 08:51:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdf178ac3af3b05539fe2c840fb0d1f4e5bdb8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:ea:b9:cf:fc:e9:f7:05:6e:fb:2c:1e:ee:
c1:a3:77:b2:03:31:da:56:97:6e:98:f3:16:ba:28:
60:fe:29:19:3a:95:0b:8d:0c:f3:df:38:ce:61:22:
50:6e:4d:66:65:de:6e:06:79:a5:33:7b:fa:bc:90:
d9:89:56:72:74:da:ee:cc:9d:dc:25:5f:f2:82:4b:
7c:05:81:81:5d:b5:3a:51:cc:c5:3d:54:13:f9:98:
ea:68:63:d7:71:bd:d9:1c:73:56:7b:8b:cb:ea:8f:
82:8d:d8:e6:82:08:1f:f7:0d:04:47:03:40:15:bd:
9e:ca:8c:18:c1:b5:4e:b2:89:37:c9:b7:cf:49:22:
8b:11:d6:31:b2:cf:c6:40:66:7c:b3:93:6e:12:0b:
9e:f1:aa:ea:f5:06:7e:7d:66:51:7d:84:a4:1f:1e:
3b:f4:d2:56:6c:43:ae:0d:0a:22:22:3d:3e:55:13:
4e:d7:11:a4:e7:a8:e2:ff:83:d4:5c:b6:a5:d5:49:
a0:e2:05:13:1f:04:eb:ca:40:84:c8:35:6b:c2:b1:
bb:8c:0b:31:36:da:6b:47:5a:95:a4:1d:25:6d:34:
c1:4b:ae:e0:c9:d4:64:25:75:6f:56:99:c3:0c:e6:
d8:d8:4b:63:25:b6:7f:51:ba:8d:70:f7:04:65:d0:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:78:AC:3A:F3:B0:55:39:FE:2C:84:0F:B0:D1:F4:E5:BD:B8:E5
X509v3 Authority Key Identifier:
keyid:FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/zfF4rDrzsFU5_iyED7DR9OW9uOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.80.0/22
IPv6:
2a04:7700::/29
Signature Algorithm: sha256WithRSAEncryption
ab:3e:9b:13:57:f9:a6:32:4e:99:1a:87:b8:d9:19:8a:43:20:
4b:37:8f:b2:fb:5a:35:0c:ad:9f:c7:05:1b:07:ab:f3:d7:34:
f9:92:d1:02:0d:ec:63:92:62:ee:38:a0:c7:3a:a9:ab:10:f0:
a6:b5:9c:b7:5c:75:6a:26:bc:ce:78:4d:e1:cf:77:1c:16:74:
c9:e1:1d:fb:2a:cc:43:7a:f4:24:67:f3:dc:b8:c7:1e:7f:e8:
76:4b:95:bb:d4:d3:26:4e:d8:e8:df:ee:e2:92:73:5e:4b:2e:
de:8b:f0:41:ea:ff:41:96:d2:f5:c1:cd:bc:c6:69:b8:06:08:
6a:f0:59:89:d2:ef:76:25:03:33:27:83:bb:22:d8:9e:7e:be:
83:7c:9f:ff:ba:e6:c8:75:46:c3:d4:38:93:07:4d:f1:4f:e4:
af:71:b2:f4:cb:85:4f:ce:c9:e5:a0:2e:0e:28:03:28:39:7c:
87:e8:5f:b3:b8:f7:46:90:20:e8:8a:53:cf:33:47:e5:fc:bd:
79:6e:91:b4:16:49:d1:f0:62:a2:a3:3f:b5:3c:4c:55:6b:7f:
7d:0f:d4:ed:66:60:4e:5d:4c:ed:39:5b:48:68:6f:2b:58:63:
25:01:52:4c:58:0a:22:a1:53:bd:15:6e:5d:d4:92:d9:f2:f1:
f7:d3:a4:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYd0qalbTom7BEe816doaqJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2QwMjMzODA4NTcwZTMxZmZiMmZjZGUxYjg3NzA3MWNi
YzY2MDMwHhcNMjMwNDEyMDg1MTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGYxNzhhYzNhZjNiMDU1MzlmZTJjODQwZmIwZDFmNGU1YmRiOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhTquc/86fcFbvssHu7Bo3eyAzHa
VpdumPMWuihg/ikZOpULjQzz3zjOYSJQbk1mZd5uBnmlM3v6vJDZiVZydNruzJ3c
JV/ygkt8BYGBXbU6UczFPVQT+ZjqaGPXcb3ZHHNWe4vL6o+Cjdjmgggf9w0ERwNA
Fb2eyowYwbVOsok3ybfPSSKLEdYxss/GQGZ8s5NuEgue8arq9QZ+fWZRfYSkHx47
9NJWbEOuDQoiIj0+VRNO1xGk56ji/4PUXLal1Umg4gUTHwTrykCEyDVrwrG7jAsx
NtprR1qVpB0lbTTBS67gydRkJXVvVpnDDObY2EtjJbZ/UbqNcPcEZdBU8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM3xeKw687BVOf4shA+w0fTlvbjlMB8GA1UdIwQY
MBaAFPvNAjOAhXDjH/svzeG4dwccvGYDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04MENNNENGY09NZi15X040YmgzQnh5OFpnTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3
LTYxZDczMzNmODU3MC8xL3pmRjRyRHJ6c0ZVNV9peUVEN0RSOU9XOXVPVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3LTYxZDczMzNmODU3
MC8xLzEtODBDTTRDRmNPTWYteV9ONGJoM0J4eThaZ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBALB5FAw
DQQCAAIwBwMFAyoEdwAwDQYJKoZIhvcNAQELBQADggEBAKs+mxNX+aYyTpkah7jZ
GYpDIEs3j7L7WjUMrZ/HBRsHq/PXNPmS0QIN7GOSYu44oMc6qasQ8Ka1nLdcdWom
vM54TeHPdxwWdMnhHfsqzEN69CRn89y4xx5/6HZLlbvU0yZO2Ojf7uKSc15LLt6L
8EHq/0GW0vXBzbzGabgGCGrwWYnS73YlAzMng7si2J5+voN8n/+65sh1RsPUOJMH
TfFP5K9xsvTLhU/OyeWgLg4oAyg5fIfoX7O490aQIOiKU88zR+X8vXlukbQWSdHw
YqKjP7U8TFVrf30P1O1mYE5dTO05W0hobytYYyUBUkxYCiKhU70Vbl3Uktny8ffT
pPA=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:31:40 2025 by rpki-client