Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59afab-e0a8-42d0-873b-6005c0111f1e/1/mr2dQZdWMHt3rg5sdyNkfW08rpY.roa
File: mr2dQZdWMHt3rg5sdyNkfW08rpY.roa (raw, json)
Hash identifier: pAbZYheA+zwyxsuLVnsgL6boWEYiTyPcBFxX5RtANKw=
Subject key identifier: 9A:BD:9D:41:97:56:30:7B:77:AE:0E:6C:77:23:64:7D:6D:3C:AE:96
Certificate issuer: /CN=47a82e55779a1ea4ef9967f821d5cc05b7bd99e9
Certificate serial: 069584C2
Authority key identifier: 47:A8:2E:55:77:9A:1E:A4:EF:99:67:F8:21:D5:CC:05:B7:BD:99:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R6guVXeaHqTvmWf4IdXMBbe9mek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59afab-e0a8-42d0-873b-6005c0111f1e/1/mr2dQZdWMHt3rg5sdyNkfW08rpY.roa
Signing time: Sat 01 Jan 2022 00:50:37 +0000
ROA not before: Sat 01 Jan 2022 00:50:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 193.5.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110462146 (0x69584c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47a82e55779a1ea4ef9967f821d5cc05b7bd99e9
Validity
Not Before: Jan 1 00:50:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9abd9d419756307b77ae0e6c7723647d6d3cae96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:28:b0:9d:37:34:3f:d4:81:89:6e:53:cf:5a:
5e:07:0c:f0:cb:fb:39:58:f4:91:ce:96:9c:ca:da:
34:1e:b1:b3:87:cd:2b:72:d8:0e:da:c7:44:b4:88:
dc:5e:23:0d:c8:14:f1:d1:0c:05:f3:95:68:2b:db:
7c:72:3e:f9:1b:d2:e8:e2:60:a4:61:00:05:8e:8e:
36:4c:74:4d:2c:49:24:fd:9b:04:a5:2d:dc:ba:e1:
ee:e7:d9:fa:74:3e:bc:96:d1:43:79:a8:1f:5d:d9:
56:e6:87:4b:b7:b5:e4:e8:36:d3:c0:0e:1b:ce:7b:
dc:65:50:a3:e6:32:e9:6f:d3:a1:a0:a6:f8:44:77:
63:9c:13:66:ea:3b:2d:10:74:4e:e2:b4:70:0c:6c:
91:47:b3:5c:7e:25:3a:40:6f:5f:70:4a:d6:fb:43:
a5:8a:54:24:76:55:3a:1c:4f:c8:6e:3d:d2:f6:b5:
8e:a5:c8:60:74:74:bc:8e:ff:af:3a:7a:5b:f6:b9:
3d:ee:89:22:2f:2d:84:f9:1a:9a:60:38:b7:1b:19:
17:f3:ae:5b:fb:23:4e:88:3f:15:f8:91:8e:61:15:
d8:0a:0e:7a:92:c8:20:b0:f2:a5:57:46:ef:c3:b5:
33:04:7f:06:d3:05:13:9d:0a:fe:e5:13:fa:76:d9:
eb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BD:9D:41:97:56:30:7B:77:AE:0E:6C:77:23:64:7D:6D:3C:AE:96
X509v3 Authority Key Identifier:
keyid:47:A8:2E:55:77:9A:1E:A4:EF:99:67:F8:21:D5:CC:05:B7:BD:99:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R6guVXeaHqTvmWf4IdXMBbe9mek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59afab-e0a8-42d0-873b-6005c0111f1e/1/mr2dQZdWMHt3rg5sdyNkfW08rpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59afab-e0a8-42d0-873b-6005c0111f1e/1/R6guVXeaHqTvmWf4IdXMBbe9mek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.60.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:dd:ef:1f:bf:37:ec:fa:99:fe:96:93:b4:51:50:d4:6e:2e:
d9:41:18:75:54:6a:4e:91:80:3e:b5:ff:75:7b:73:0b:d5:f7:
a6:a7:9d:ed:c3:63:50:20:f7:21:4a:82:bb:f0:7c:f8:7d:c8:
9f:6c:00:13:ac:23:f3:ba:be:e3:3a:d6:6d:36:39:65:d2:be:
8e:77:0f:e6:c8:08:70:d4:4a:f9:2d:9b:da:80:3b:c8:32:70:
a2:0a:e6:74:7d:e3:f2:a7:2d:6f:29:e7:ca:db:7f:24:16:4a:
76:94:b4:24:bb:b5:6c:b0:5e:3a:8e:78:d8:40:00:d8:db:af:
c3:7c:c5:91:0e:1e:2e:15:50:6e:da:d2:45:6a:18:86:81:d9:
5d:86:87:66:00:6c:f9:7c:dc:ac:eb:ef:ad:c6:aa:50:e6:43:
be:98:0b:dd:fe:87:63:31:ae:e8:85:93:6d:84:80:d6:b9:44:
15:10:70:3a:8e:72:96:47:7d:9f:1a:a5:9e:23:be:d4:28:5a:
5f:f3:e4:a0:7b:6b:c3:dc:5f:bc:77:ee:69:bd:e4:c0:31:ee:
72:91:89:64:56:f5:b9:ba:95:b9:78:5e:59:03:9b:73:45:c2:
e1:ec:9f:50:47:3a:5b:7b:2c:c6:41:76:a6:be:70:73:c2:dc:
25:21:d7:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBpWEwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2E4MmU1NTc3OWExZWE0ZWY5OTY3ZjgyMWQ1Y2MwNWI3YmQ5OWU5MB4XDTIyMDEw
MTAwNTAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFiZDlkNDE5NzU2
MzA3Yjc3YWUwZTZjNzcyMzY0N2Q2ZDNjYWU5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwosJ03ND/UgYluU89aXgcM8Mv7OVj0kc6WnMraNB6xs4fN
K3LYDtrHRLSI3F4jDcgU8dEMBfOVaCvbfHI++RvS6OJgpGEABY6ONkx0TSxJJP2b
BKUt3Lrh7ufZ+nQ+vJbRQ3moH13ZVuaHS7e15Og208AOG8573GVQo+Yy6W/ToaCm
+ER3Y5wTZuo7LRB0TuK0cAxskUezXH4lOkBvX3BK1vtDpYpUJHZVOhxPyG490va1
jqXIYHR0vI7/rzp6W/a5Pe6JIi8thPkammA4txsZF/OuW/sjTog/FfiRjmEV2AoO
epLIILDypVdG78O1MwR/BtMFE50K/uUT+nbZ66ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSavZ1Bl1Ywe3euDmx3I2R9bTyuljAfBgNVHSMEGDAWgBRHqC5Vd5oepO+Z
Z/gh1cwFt72Z6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1I2Z3VWWGVhSHFUdm1XZjRJZFhNQmJlOW1lay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvNTlhZmFiLWUwYTgtNDJkMC04NzNiLTYwMDVjMDExMWYxZS8x
L21yMmRRWmRXTUh0M3JnNXNkeU5rZlcwOHJwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
NTlhZmFiLWUwYTgtNDJkMC04NzNiLTYwMDVjMDExMWYxZS8xL1I2Z3VWWGVhSHFU
dm1XZjRJZFhNQmJlOW1lay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEFPDANBgkqhkiG9w0BAQsFAAOC
AQEALN3vH7837PqZ/paTtFFQ1G4u2UEYdVRqTpGAPrX/dXtzC9X3pqed7cNjUCD3
IUqCu/B8+H3In2wAE6wj87q+4zrWbTY5ZdK+jncP5sgIcNRK+S2b2oA7yDJwogrm
dH3j8qctbynnytt/JBZKdpS0JLu1bLBeOo542EAA2Nuvw3zFkQ4eLhVQbtrSRWoY
hoHZXYaHZgBs+XzcrOvvrcaqUOZDvpgL3f6HYzGu6IWTbYSA1rlEFRBwOo5ylkd9
nxqlniO+1ChaX/PkoHtrw9xfvHfuab3kwDHucpGJZFb1ubqVuXheWQObc0XC4eyf
UEc6W3ssxkF2pr5wc8LcJSHXJA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:31:29 2025 by rpki-client