Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/5z93boWSWtuyhwf4NpOuo6y9rvk.roa
File: 5z93boWSWtuyhwf4NpOuo6y9rvk.roa (raw, json)
Hash identifier: GC9ROBRKzTwSy11nDOiVEJ4BjRS9fTqB4rQ1LtoJ/qY=
Subject key identifier: E7:3F:77:6E:85:92:5A:DB:B2:87:07:F8:36:93:AE:A3:AC:BD:AE:F9
Certificate issuer: /CN=4e3fe90f0fad6a25d46bd7c335b922da031b2c78
Certificate serial: 0187BCD8DDE1B770E51A70330F425D1C9217
Authority key identifier: 4E:3F:E9:0F:0F:AD:6A:25:D4:6B:D7:C3:35:B9:22:DA:03:1B:2C:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tj_pDw-taiXUa9fDNbki2gMbLHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/5z93boWSWtuyhwf4NpOuo6y9rvk.roa
Signing time: Wed 26 Apr 2023 09:15:41 +0000
ROA not before: Wed 26 Apr 2023 09:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60774
IP address blocks: 194.15.88.0/21 maxlen: 24
2a09:2800::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:d8:dd:e1:b7:70:e5:1a:70:33:0f:42:5d:1c:92:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e3fe90f0fad6a25d46bd7c335b922da031b2c78
Validity
Not Before: Apr 26 09:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e73f776e85925adbb28707f83693aea3acbdaef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:00:85:6d:30:47:08:8b:21:5c:42:2d:da:80:
52:4f:24:7b:a1:e3:2f:df:02:bb:e2:93:ff:12:50:
bd:f4:83:06:72:02:d5:91:a3:05:69:5a:ed:a0:6b:
87:3e:8c:f0:58:d2:43:e7:44:39:95:5d:0e:b1:91:
eb:c2:af:dd:cf:18:f2:76:64:42:7b:35:11:90:bf:
0c:03:76:d8:f5:36:dc:22:b4:65:14:5f:97:1b:80:
15:4f:70:78:9e:72:7e:4a:b8:a4:7c:7d:41:3c:96:
70:ca:99:c5:73:c8:d2:bb:9f:db:15:4d:1d:0b:1f:
93:a3:e6:6b:cb:11:de:97:03:42:7d:61:60:96:de:
90:38:40:05:8c:87:0b:40:4a:50:a2:f4:23:d2:29:
00:d9:8b:46:86:da:7b:b5:98:b0:d7:21:fb:e0:bc:
68:ca:45:c0:4c:86:7c:08:27:a9:dc:7e:66:0a:25:
fb:cf:10:ef:8d:30:2f:9b:2b:11:53:c9:e9:04:45:
05:23:74:85:5a:d5:f9:88:63:9a:c5:4a:cb:70:66:
34:a6:0c:73:ea:aa:d6:16:55:a0:c2:c0:b2:57:5b:
ba:59:4d:05:7b:95:ad:2f:1a:88:97:5a:da:9e:59:
4e:11:04:59:7b:4f:5a:0a:5f:9d:43:59:9d:3c:1e:
0d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3F:77:6E:85:92:5A:DB:B2:87:07:F8:36:93:AE:A3:AC:BD:AE:F9
X509v3 Authority Key Identifier:
keyid:4E:3F:E9:0F:0F:AD:6A:25:D4:6B:D7:C3:35:B9:22:DA:03:1B:2C:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tj_pDw-taiXUa9fDNbki2gMbLHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/5z93boWSWtuyhwf4NpOuo6y9rvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/Tj_pDw-taiXUa9fDNbki2gMbLHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.88.0/21
IPv6:
2a09:2800::/29
Signature Algorithm: sha256WithRSAEncryption
22:ef:48:3e:b3:9a:28:85:3f:73:d4:15:c0:58:03:76:45:cd:
2a:9f:3c:e4:9b:4f:f7:64:79:e5:b1:4b:c5:83:61:18:df:e0:
75:c0:40:f2:08:76:62:03:e5:3c:7c:9a:73:90:1b:64:74:a8:
a1:06:4f:14:fb:b8:56:a6:0a:e8:bc:1e:29:cf:62:65:24:7c:
e4:6c:e7:41:b7:b1:8a:cc:34:54:9a:0b:48:33:af:1d:73:d2:
ca:58:fd:63:1f:3f:52:8b:46:61:f9:bc:a7:52:4c:75:1e:e9:
81:22:f9:0d:3e:69:39:1d:8e:01:a8:34:6d:24:56:a5:90:32:
6b:d7:b6:12:be:b7:31:ea:b9:12:30:e6:0b:69:0d:f4:a0:df:
fc:ab:dd:e4:05:d4:78:be:3d:bd:a7:f3:75:1e:1d:dc:53:8d:
73:bc:a0:b6:14:09:ee:36:1e:aa:5a:e5:be:3e:21:3e:e4:14:
9a:0b:77:03:bd:41:20:ff:b8:44:f1:df:93:7a:52:41:bd:97:
28:6e:a5:0e:bd:56:61:60:32:1c:05:7b:3a:c0:3a:cd:4b:5f:
ca:ce:0c:88:c3:08:12:ec:ee:b4:e5:6d:4a:8c:1a:7f:ca:82:
a7:e2:9b:ce:be:4a:13:4f:df:de:1a:03:28:51:3b:f8:7d:1a:
8b:4b:ae:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYe82N3ht3DlGnAzD0JdHJIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlM2ZlOTBmMGZhZDZhMjVkNDZiZDdjMzM1YjkyMmRhMDMx
YjJjNzgwHhcNMjMwNDI2MDkxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNmNzc2ZTg1OTI1YWRiYjI4NzA3ZjgzNjkzYWVhM2FjYmRhZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgCFbTBHCIshXEIt2oBSTyR7oeMv
3wK74pP/ElC99IMGcgLVkaMFaVrtoGuHPozwWNJD50Q5lV0OsZHrwq/dzxjydmRC
ezURkL8MA3bY9TbcIrRlFF+XG4AVT3B4nnJ+SrikfH1BPJZwypnFc8jSu5/bFU0d
Cx+To+ZryxHelwNCfWFglt6QOEAFjIcLQEpQovQj0ikA2YtGhtp7tZiw1yH74Lxo
ykXATIZ8CCep3H5mCiX7zxDvjTAvmysRU8npBEUFI3SFWtX5iGOaxUrLcGY0pgxz
6qrWFlWgwsCyV1u6WU0Fe5WtLxqIl1ranllOEQRZe09aCl+dQ1mdPB4NYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOc/d26FklrbsocH+DaTrqOsva75MB8GA1UdIwQY
MBaAFE4/6Q8PrWol1GvXwzW5ItoDGyx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGpfcER3LXRhaVhVYTlmRE5ia2kyZ01iTEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80Zjk0M2YtZDE2YS00OGRhLWI5M2Et
MTQ4N2M2MDIwYzQ2LzEvNXo5M2JvV1NXdHV5aHdmNE5wT3VvNnk5cnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80Zjk0M2YtZDE2YS00OGRhLWI5M2EtMTQ4N2M2MDIwYzQ2
LzEvVGpfcER3LXRhaVhVYTlmRE5ia2kyZ01iTEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwg9YMA0E
AgACMAcDBQMqCSgAMA0GCSqGSIb3DQEBCwUAA4IBAQAi70g+s5oohT9z1BXAWAN2
Rc0qnzzkm0/3ZHnlsUvFg2EY3+B1wEDyCHZiA+U8fJpzkBtkdKihBk8U+7hWpgro
vB4pz2JlJHzkbOdBt7GKzDRUmgtIM68dc9LKWP1jHz9Si0Zh+bynUkx1HumBIvkN
Pmk5HY4BqDRtJFalkDJr17YSvrcx6rkSMOYLaQ30oN/8q93kBdR4vj29p/N1Hh3c
U41zvKC2FAnuNh6qWuW+PiE+5BSaC3cDvUEg/7hE8d+TelJBvZcobqUOvVZhYDIc
BXs6wDrNS1/KzgyIwwgS7O605W1KjBp/yoKn4pvOvkoTT9/eGgMoUTv4fRqLS65K
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:52 2025 by rpki-client