Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/8ZP2be4wQgyyrV0ABAPmKkjh1C0.roa
File: 8ZP2be4wQgyyrV0ABAPmKkjh1C0.roa (raw, json)
Hash identifier: qX0bBVQ3/gF2/xOMxoQ72yY3cRM+/j/iF9tUMdHEDIE=
Subject key identifier: F1:93:F6:6D:EE:30:42:0C:B2:AD:5D:00:04:03:E6:2A:48:E1:D4:2D
Certificate issuer: /CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Certificate serial: 018B46F02AA58FB296AC0488FAF903705CA1
Authority key identifier: 42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/8ZP2be4wQgyyrV0ABAPmKkjh1C0.roa
Signing time: Thu 19 Oct 2023 07:57:06 +0000
ROA not before: Thu 19 Oct 2023 07:57:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 193.8.58.0/23 maxlen: 23
193.8.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:f0:2a:a5:8f:b2:96:ac:04:88:fa:f9:03:70:5c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Validity
Not Before: Oct 19 07:57:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f193f66dee30420cb2ad5d000403e62a48e1d42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:b1:0a:33:bc:08:91:0b:2a:68:09:99:42:
ae:3e:ff:d0:cf:77:c3:8e:70:4b:11:04:f1:ab:9f:
d6:41:74:b7:ed:a9:11:eb:8a:41:44:65:ef:39:26:
ad:c3:d2:a8:22:17:75:4b:6d:95:b6:68:5b:73:b0:
2f:cc:c6:33:9a:6e:c0:34:75:39:a9:7a:ae:4b:f7:
fa:1c:a2:05:d3:e4:af:5b:0a:00:5b:91:a5:84:1a:
76:e9:48:ea:d5:d7:79:30:fa:c9:6b:01:24:29:44:
bc:57:ec:b4:a7:9a:40:ac:e4:29:03:c8:96:7f:fe:
ba:44:9f:37:95:d9:a2:35:4e:54:e8:60:fa:0f:16:
0d:81:ac:e9:44:79:8e:07:6c:e4:03:3a:25:be:41:
f8:71:7d:28:58:fc:b5:2b:89:45:b3:97:b7:4a:5a:
9e:cb:1a:79:04:73:cf:d4:3a:b7:f2:5e:ba:55:ce:
51:ab:e1:3d:bb:a4:ef:d2:69:84:c2:9e:a2:29:d8:
04:fd:7b:06:48:60:e1:06:0d:1f:22:47:09:68:ce:
b7:66:78:13:f4:f0:44:b5:f4:2d:36:fd:d7:63:54:
ef:ed:4e:89:7b:a0:96:b4:a2:e6:8d:7e:7c:3e:5e:
35:97:dd:68:fb:ed:59:62:de:19:06:b8:16:41:a4:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:93:F6:6D:EE:30:42:0C:B2:AD:5D:00:04:03:E6:2A:48:E1:D4:2D
X509v3 Authority Key Identifier:
keyid:42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/8ZP2be4wQgyyrV0ABAPmKkjh1C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.58.0-193.8.60.255
Signature Algorithm: sha256WithRSAEncryption
9c:82:1a:01:fe:31:a3:b0:bf:9d:33:d3:b0:83:98:0f:42:2c:
d7:d3:7d:6b:54:e5:3d:22:a3:71:9c:9f:11:bf:e2:c1:ae:da:
49:11:7d:6e:42:ea:59:47:15:a3:ca:19:b8:14:ea:4e:95:06:
3d:e1:a3:84:0a:9f:f3:f4:dd:e4:43:1c:41:0d:ee:73:d4:d2:
d1:71:04:68:89:84:42:db:d6:85:fc:d8:8c:38:00:2a:b9:43:
74:d1:0a:f4:40:e6:e3:15:f0:77:f5:05:32:db:90:e4:6b:b5:
ed:d2:0c:12:18:e3:eb:57:4b:49:1c:9b:ca:29:0e:97:66:60:
54:6f:b8:b9:74:84:91:c6:48:8b:f4:8c:11:7e:17:65:d5:62:
f1:7b:62:32:9e:4f:44:e9:68:9a:f4:d9:77:7a:0e:70:c6:1d:
dd:12:c4:22:78:06:a7:94:4c:8a:da:aa:32:3d:bf:e3:36:fb:
4b:14:d8:cc:c0:8c:03:8f:71:86:a5:67:3b:7d:ef:92:e5:f9:
01:6b:eb:53:10:63:76:3e:49:3c:14:16:2a:d8:bc:0f:5f:9b:
d2:b5:8c:c7:ec:0f:ad:98:03:68:c3:ea:33:08:bc:3d:66:75:
d1:4e:43:24:04:05:a5:b6:23:99:b4:60:4d:5e:c7:12:e1:c2:
f7:4a:07:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtG8Cqlj7KWrASI+vkDcFyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjY3ZjVhNmNmNDliYzQzZjIzMDRkZTAwZjc3MDVlYzVi
NzlmY2EwHhcNMjMxMDE5MDc1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTkzZjY2ZGVlMzA0MjBjYjJhZDVkMDAwNDAzZTYyYTQ4ZTFkNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl52xCjO8CJELKmgJmUKuPv/Qz3fD
jnBLEQTxq5/WQXS37akR64pBRGXvOSatw9KoIhd1S22Vtmhbc7AvzMYzmm7ANHU5
qXquS/f6HKIF0+SvWwoAW5GlhBp26Ujq1dd5MPrJawEkKUS8V+y0p5pArOQpA8iW
f/66RJ83ldmiNU5U6GD6DxYNgazpRHmOB2zkAzolvkH4cX0oWPy1K4lFs5e3Slqe
yxp5BHPP1Dq38l66Vc5Rq+E9u6Tv0mmEwp6iKdgE/XsGSGDhBg0fIkcJaM63ZngT
9PBEtfQtNv3XY1Tv7U6Je6CWtKLmjX58Pl41l91o++1ZYt4ZBrgWQaTBEQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPGT9m3uMEIMsq1dAAQD5ipI4dQtMB8GA1UdIwQY
MBaAFEImf1ps9JvEPyME3gD3cF7Ft5/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYt
YjIyNjk1YzcwM2E5LzEvOFpQMmJlNHdRZ3l5clYwQUJBUG1La2poMUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYtYjIyNjk1YzcwM2E5
LzEvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHBCDoD
BADBCDwwDQYJKoZIhvcNAQELBQADggEBAJyCGgH+MaOwv50z07CDmA9CLNfTfWtU
5T0io3GcnxG/4sGu2kkRfW5C6llHFaPKGbgU6k6VBj3ho4QKn/P03eRDHEEN7nPU
0tFxBGiJhELb1oX82Iw4ACq5Q3TRCvRA5uMV8Hf1BTLbkORrte3SDBIY4+tXS0kc
m8opDpdmYFRvuLl0hJHGSIv0jBF+F2XVYvF7YjKeT0TpaJr02Xd6DnDGHd0SxCJ4
BqeUTIraqjI9v+M2+0sU2MzAjAOPcYalZzt975Ll+QFr61MQY3Y+STwUFirYvA9f
m9K1jMfsD62YA2jD6jMIvD1mddFOQyQEBaW2I5m0YE1exxLhwvdKB/A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:45 2025 by rpki-client