Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/U8Zn403pWHrNYizz8weDZLkFbA4.roa
File: U8Zn403pWHrNYizz8weDZLkFbA4.roa (raw, json)
Hash identifier: f26Tu0KmTbhW1CsnnqSmC4cxVDtvgLAdzoW6H+GbdqI=
Subject key identifier: 53:C6:67:E3:4D:E9:58:7A:CD:62:2C:F3:F3:07:83:64:B9:05:6C:0E
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 01877C1A27BAE2D81E6BBA844E9BCC7F0738
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/U8Zn403pWHrNYizz8weDZLkFbA4.roa
Signing time: Thu 13 Apr 2023 19:31:41 +0000
ROA not before: Thu 13 Apr 2023 19:31:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59645
IP address blocks: 193.104.168.0/24 maxlen: 24
195.191.196.0/23 maxlen: 24
2a06:d1c1:e::/48 maxlen: 48
2a06:d1c0:dead::/48 maxlen: 48
2a06:d1c0:deae::/48 maxlen: 48
2a06:d1c0:f761::/48 maxlen: 48
2a06:d1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7c:1a:27:ba:e2:d8:1e:6b:ba:84:4e:9b:cc:7f:07:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Apr 13 19:31:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53c667e34de9587acd622cf3f3078364b9056c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:ee:44:fd:c4:a3:e3:80:f6:44:0d:f8:5e:
99:95:3a:27:de:62:b1:97:e3:e2:40:17:35:c4:1f:
68:a9:e5:a5:a3:1b:4c:6c:66:54:30:7f:e8:c3:7b:
0a:02:c5:75:d8:6a:ec:bc:43:c7:ec:fe:a1:65:0f:
b6:85:eb:5f:21:d4:3b:5d:e1:b0:6b:81:bb:3d:da:
12:c1:6a:0b:51:34:55:91:2d:30:03:d9:a1:5d:f4:
8e:9d:02:bb:42:70:32:27:09:3c:81:33:ca:8f:af:
e4:70:be:32:47:6d:28:f3:9a:1b:9a:33:63:b4:70:
db:99:5f:b7:37:d7:d2:83:af:66:f3:52:e9:81:ad:
f0:82:fc:e6:b3:7b:5f:0b:c6:37:71:46:80:37:59:
4e:aa:15:50:ed:e6:9c:48:bf:c0:2e:b3:b2:82:23:
5d:1c:86:50:f4:ba:b0:a0:cc:fc:c4:04:9b:28:39:
36:5f:8f:88:e9:25:7d:2a:48:2a:dc:68:02:7b:d0:
e9:be:56:0c:ab:12:af:90:7a:87:8a:ca:0a:3d:dd:
1a:9a:fc:fd:5a:6a:61:e0:d5:45:3f:c4:36:36:91:
5a:5d:f2:11:4e:54:89:b7:31:97:8e:88:55:a7:8f:
df:ce:74:ef:78:14:7a:a4:bb:29:ad:67:53:f0:3d:
9f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C6:67:E3:4D:E9:58:7A:CD:62:2C:F3:F3:07:83:64:B9:05:6C:0E
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/U8Zn403pWHrNYizz8weDZLkFbA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.168.0/24
195.191.196.0/23
IPv6:
2a06:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:5c:ae:01:df:c2:ee:80:50:0b:17:36:31:76:db:67:12:95:
7f:df:10:7c:06:09:ee:d8:46:29:79:55:7b:f5:df:76:94:d2:
66:8b:10:77:16:4b:6d:0d:0e:3a:f3:a0:e8:a0:9e:38:cd:b7:
2a:17:b5:e0:47:4e:f6:ef:b5:72:a2:34:8d:d8:5c:e5:2c:b0:
bd:01:bf:d1:0a:f7:dc:45:a8:e1:0c:bb:c6:db:a4:fb:a0:5c:
fe:12:09:e3:44:fe:d8:2b:a3:4f:b9:e2:5a:21:9d:dd:72:5d:
f6:0b:ab:21:ad:70:dc:07:ba:6a:ad:04:45:6d:69:72:dc:be:
69:15:28:b3:10:8f:ac:ea:8b:2b:dc:26:49:1d:14:92:ad:0e:
fb:a2:f0:e3:5f:1f:c5:51:72:37:49:bc:b9:7e:d6:1c:8e:48:
b2:a5:9d:3d:9e:60:48:d9:fc:84:c2:2e:ad:ea:7f:24:c7:2f:
56:8b:01:28:d7:9f:78:0e:05:56:28:c2:b8:51:af:65:c7:a5:
46:c5:ed:76:68:24:8b:72:b2:77:67:22:ab:70:9b:83:64:7f:
63:22:dd:78:de:95:0f:d9:7e:cb:f1:3d:4f:0c:68:7f:a3:b8:
4c:25:87:a7:40:99:0a:6f:2a:b1:ca:c6:d6:98:4c:a0:c1:c7:
91:01:c4:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYd8Gie64tgea7qETpvMfwc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjMwNDEzMTkzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2M2NjdlMzRkZTk1ODdhY2Q2MjJjZjNmMzA3ODM2NGI5MDU2YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhruRP3Eo+OA9kQN+F6ZlTon3mKx
l+PiQBc1xB9oqeWloxtMbGZUMH/ow3sKAsV12GrsvEPH7P6hZQ+2hetfIdQ7XeGw
a4G7PdoSwWoLUTRVkS0wA9mhXfSOnQK7QnAyJwk8gTPKj6/kcL4yR20o85obmjNj
tHDbmV+3N9fSg69m81Lpga3wgvzms3tfC8Y3cUaAN1lOqhVQ7eacSL/ALrOygiNd
HIZQ9LqwoMz8xASbKDk2X4+I6SV9Kkgq3GgCe9DpvlYMqxKvkHqHisoKPd0amvz9
Wmph4NVFP8Q2NpFaXfIRTlSJtzGXjohVp4/fznTveBR6pLsprWdT8D2fmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFPGZ+NN6Vh6zWIs8/MHg2S5BWwOMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvVThabjQwM3BXSHJOWWl6ejh3ZURaTGtGYkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwWioAwQB
w7/EMA0EAgACMAcDBQMqBtHAMA0GCSqGSIb3DQEBCwUAA4IBAQCHXK4B38LugFAL
FzYxdttnEpV/3xB8Bgnu2EYpeVV79d92lNJmixB3FkttDQ4686DooJ44zbcqF7Xg
R07277VyojSN2FzlLLC9Ab/RCvfcRajhDLvG26T7oFz+EgnjRP7YK6NPueJaIZ3d
cl32C6shrXDcB7pqrQRFbWly3L5pFSizEI+s6osr3CZJHRSSrQ77ovDjXx/FUXI3
Sby5ftYcjkiypZ09nmBI2fyEwi6t6n8kxy9WiwEo1594DgVWKMK4Ua9lx6VGxe12
aCSLcrJ3ZyKrcJuDZH9jIt143pUP2X7L8T1PDGh/o7hMJYenQJkKbyqxysbWmEyg
wceRAcQU
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:11:26 2025 by rpki-client