Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d5d690-fe16-449c-a6de-69df81f2d83d/1/ZCvit5MRV3jZENTPtvxCTc5zDbE.roa
File: ZCvit5MRV3jZENTPtvxCTc5zDbE.roa (raw, json)
Hash identifier: iJXlczpNsNfGzvc5FlMQ02WJdn6aPhdiRslyWmKFG+4=
Subject key identifier: 64:2B:E2:B7:93:11:57:78:D9:10:D4:CF:B6:FC:42:4D:CE:73:0D:B1
Certificate issuer: /CN=9b08f4e76150309bbd224b01f89ec203c1fc56db
Certificate serial: 01856E2685BB7CEB32C6BA80F7675DFBC854
Authority key identifier: 9B:08:F4:E7:61:50:30:9B:BD:22:4B:01:F8:9E:C2:03:C1:FC:56:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwj052FQMJu9IksB-J7CA8H8Vts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d5d690-fe16-449c-a6de-69df81f2d83d/1/ZCvit5MRV3jZENTPtvxCTc5zDbE.roa
Signing time: Sun 01 Jan 2023 16:24:56 +0000
ROA not before: Sun 01 Jan 2023 16:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 141.13.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:85:bb:7c:eb:32:c6:ba:80:f7:67:5d:fb:c8:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b08f4e76150309bbd224b01f89ec203c1fc56db
Validity
Not Before: Jan 1 16:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=642be2b793115778d910d4cfb6fc424dce730db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:d0:ea:8c:52:55:be:a7:b2:9d:a5:25:27:
8d:df:35:c4:ea:d5:61:60:6b:48:a5:ad:6a:f9:89:
16:38:53:d8:f5:77:fb:d9:af:e9:cc:39:ce:48:b2:
7b:84:0a:6f:5e:bf:0d:b5:73:e7:92:1c:3d:37:30:
8b:22:94:5b:a4:67:bd:ee:98:5d:6c:c4:e5:fb:a8:
90:58:3f:bf:0f:f4:5f:71:fc:6c:00:80:9d:b9:ba:
4e:0b:ed:79:fe:0d:4b:d0:6f:33:de:d7:b6:ef:58:
1b:35:05:6b:81:e3:83:61:f2:cd:0e:cd:94:d4:70:
a0:82:ba:8e:ae:e7:ca:2a:a5:dc:77:4b:9f:ca:33:
8d:7d:49:7b:70:cf:02:59:1c:fa:cb:86:ea:05:c6:
9e:3d:81:63:b9:b1:84:e6:27:4f:f4:ad:d2:d5:11:
81:91:a4:31:c7:00:7a:0d:6f:15:20:69:b3:09:26:
2a:3e:fa:0e:9e:3e:13:bb:05:59:ad:e9:23:10:3b:
a2:ea:50:65:39:52:c5:65:d1:c1:25:a0:f6:0e:37:
d7:65:60:f6:41:50:6f:3f:6a:79:bc:b2:59:a3:8c:
bd:a5:e4:eb:13:33:ac:2e:2d:68:c6:a8:2c:97:52:
bc:8f:9a:5f:82:24:fe:55:44:d1:4b:e8:7d:17:3b:
d0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2B:E2:B7:93:11:57:78:D9:10:D4:CF:B6:FC:42:4D:CE:73:0D:B1
X509v3 Authority Key Identifier:
keyid:9B:08:F4:E7:61:50:30:9B:BD:22:4B:01:F8:9E:C2:03:C1:FC:56:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwj052FQMJu9IksB-J7CA8H8Vts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d5d690-fe16-449c-a6de-69df81f2d83d/1/ZCvit5MRV3jZENTPtvxCTc5zDbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d5d690-fe16-449c-a6de-69df81f2d83d/1/mwj052FQMJu9IksB-J7CA8H8Vts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.13.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:16:05:08:14:10:d3:85:6b:2c:fc:ba:a2:27:35:34:ee:4c:
ee:6a:fb:fa:5d:ff:cd:30:87:81:15:15:31:0f:bf:9a:fb:a9:
eb:33:01:d7:97:58:7c:80:70:dc:b8:5f:6c:17:c9:04:b0:18:
7a:d7:f0:65:c5:8b:b7:52:a7:1c:0f:6d:7d:d9:cd:be:8c:b4:
71:da:87:ac:f6:46:b0:06:84:b8:aa:2c:9a:93:90:c4:27:d6:
06:f3:70:3b:37:9f:44:9c:a8:63:a6:9a:b1:ab:7b:49:df:68:
86:8e:0b:a5:13:e3:aa:dd:ec:e2:9f:29:cc:be:ea:2c:d7:98:
8a:d3:3a:c1:bc:d0:17:00:c6:da:e4:55:4f:72:e1:aa:07:cc:
58:73:48:b7:bf:0e:8b:c2:5e:5c:f1:4d:31:23:f5:be:cd:d5:
fe:d5:9b:e8:a0:c3:dd:4f:09:ed:92:fb:ce:d3:02:3a:b4:8c:
98:a4:2d:9a:64:7b:46:8e:14:b4:46:4b:9d:84:24:7e:23:0a:
63:4e:e9:b8:b4:02:be:bb:fc:b3:3e:45:1b:00:ea:ed:b9:06:
e6:0a:6c:a4:b5:f9:30:09:95:fb:4e:08:36:54:b5:93:a1:14:
9e:fa:4d:27:31:46:bc:2a:d4:60:36:88:a9:b4:a4:17:d1:68:
69:3d:a4:03
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVuJoW7fOsyxrqA92dd+8hUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMDhmNGU3NjE1MDMwOWJiZDIyNGIwMWY4OWVjMjAzYzFm
YzU2ZGIwHhcNMjMwMTAxMTYyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJiZTJiNzkzMTE1Nzc4ZDkxMGQ0Y2ZiNmZjNDI0ZGNlNzMwZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss3Q6oxSVb6nsp2lJSeN3zXE6tVh
YGtIpa1q+YkWOFPY9Xf72a/pzDnOSLJ7hApvXr8NtXPnkhw9NzCLIpRbpGe97phd
bMTl+6iQWD+/D/RfcfxsAICdubpOC+15/g1L0G8z3te271gbNQVrgeODYfLNDs2U
1HCggrqOrufKKqXcd0ufyjONfUl7cM8CWRz6y4bqBcaePYFjubGE5idP9K3S1RGB
kaQxxwB6DW8VIGmzCSYqPvoOnj4TuwVZrekjEDui6lBlOVLFZdHBJaD2DjfXZWD2
QVBvP2p5vLJZo4y9peTrEzOsLi1oxqgsl1K8j5pfgiT+VUTRS+h9FzvQVwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGQr4reTEVd42RDUz7b8Qk3Ocw2xMB8GA1UdIwQY
MBaAFJsI9OdhUDCbvSJLAfiewgPB/FbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXdqMDUyRlFNSnU5SWtzQi1KN0NBOEg4VnRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNWQ2OTAtZmUxNi00NDljLWE2ZGUt
NjlkZjgxZjJkODNkLzEvWkN2aXQ1TVJWM2paRU5UUHR2eENUYzV6RGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNWQ2OTAtZmUxNi00NDljLWE2ZGUtNjlkZjgxZjJkODNk
LzEvbXdqMDUyRlFNSnU5SWtzQi1KN0NBOEg4VnRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjQ0wDQYJ
KoZIhvcNAQELBQADggEBAF4WBQgUENOFayz8uqInNTTuTO5q+/pd/80wh4EVFTEP
v5r7qeszAdeXWHyAcNy4X2wXyQSwGHrX8GXFi7dSpxwPbX3Zzb6MtHHah6z2RrAG
hLiqLJqTkMQn1gbzcDs3n0ScqGOmmrGre0nfaIaOC6UT46rd7OKfKcy+6izXmIrT
OsG80BcAxtrkVU9y4aoHzFhzSLe/DovCXlzxTTEj9b7N1f7Vm+igw91PCe2S+87T
Ajq0jJikLZpke0aOFLRGS52EJH4jCmNO6bi0Ar67/LM+RRsA6u25BuYKbKS1+TAJ
lftOCDZUtZOhFJ76TScxRrwq1GA2iKm0pBfRaGk9pAM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:53:29 2025 by rpki-client