Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/zLq8ckjfKZ_3rKhG5nk5EC4p1PE.roa
File: zLq8ckjfKZ_3rKhG5nk5EC4p1PE.roa (raw, json)
Hash identifier: JYV3Ll9gjiK06gUiTK1wWKQLmpTlVTL1PihLsXkayWE=
Subject key identifier: CC:BA:BC:72:48:DF:29:9F:F7:AC:A8:46:E6:79:39:10:2E:29:D4:F1
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 01874BF2C7228E4073BC2024BE1714148E02
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/zLq8ckjfKZ_3rKhG5nk5EC4p1PE.roa
Signing time: Tue 04 Apr 2023 11:06:54 +0000
ROA not before: Tue 04 Apr 2023 11:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209778
IP address blocks: 217.113.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:f2:c7:22:8e:40:73:bc:20:24:be:17:14:14:8e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Apr 4 11:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccbabc7248df299ff7aca846e67939102e29d4f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a5:45:27:6e:30:47:30:c0:90:1c:b2:81:7e:
f3:58:92:5e:89:23:30:06:94:db:a2:c3:95:da:15:
a3:2a:5c:99:23:af:a8:d9:df:5c:b6:a0:53:3f:4f:
65:0f:6d:6e:0c:bd:da:72:dc:58:64:89:95:47:67:
3c:0c:d8:fe:59:69:c3:05:85:cf:c7:e5:fa:0f:80:
9f:b9:29:9d:81:af:23:2a:98:2d:66:08:d5:31:1d:
18:aa:cb:2c:4b:61:ee:96:0d:40:a6:db:08:00:c4:
2c:aa:12:5c:eb:3c:dd:74:5a:a1:ab:84:1a:9b:00:
5a:4f:31:27:1a:b9:8f:10:98:c3:e0:1b:d2:af:a7:
88:1e:10:a5:d4:76:0b:98:71:4f:ef:88:03:10:a8:
b5:ba:b6:07:a6:f1:e4:e4:0f:00:be:d3:2f:6b:ec:
68:57:e5:9f:93:9c:cd:13:70:bc:a2:69:7e:d6:32:
1a:4c:56:3e:fb:61:fc:d4:79:b3:1f:38:7d:f6:00:
63:56:11:f7:05:c1:5a:27:e3:22:1e:d7:60:98:54:
7d:83:c4:fc:16:82:ca:57:6e:0d:34:ec:22:97:a7:
40:fc:71:f1:e1:87:8f:94:2d:94:31:c8:c8:de:95:
b7:25:b2:cc:55:4b:0f:7b:76:10:e4:6e:e4:d4:44:
57:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BA:BC:72:48:DF:29:9F:F7:AC:A8:46:E6:79:39:10:2E:29:D4:F1
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/zLq8ckjfKZ_3rKhG5nk5EC4p1PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.24.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f1:64:55:4c:c3:f2:66:d1:39:1d:87:31:93:0a:f8:d5:65:
76:12:a7:a9:aa:5b:36:50:6c:af:a6:33:4d:41:5e:61:b7:61:
ab:44:0d:20:17:3e:84:ac:a3:c8:21:ee:77:5c:70:b7:62:7a:
3c:c4:83:8f:0a:8c:4d:e2:23:fe:26:ca:79:60:db:38:f0:22:
26:87:46:bd:f3:33:b7:33:13:11:97:74:bc:af:af:6b:73:0c:
ba:e6:80:93:1a:54:57:d2:40:c0:83:f1:38:ba:7f:73:09:ff:
36:60:07:37:63:ff:c0:03:16:ca:ae:6d:ab:b0:14:94:57:78:
3a:ba:04:93:5e:f7:41:cf:ad:39:60:0f:da:8f:3c:32:ba:59:
b3:40:19:59:3b:bd:96:a5:85:b8:b2:6e:05:b9:e1:51:bb:fa:
37:a6:4b:c7:56:6f:b9:31:1d:7f:d2:18:b7:e7:bf:d5:a1:48:
d0:14:ad:a6:92:45:b7:fd:44:c6:d5:95:09:2e:87:77:e5:74:
47:5e:b6:20:2f:1f:54:21:12:ea:d8:0a:2e:f5:9d:41:b1:64:
d4:75:59:f1:1c:00:a1:25:ab:df:f9:35:96:ae:3c:81:2b:34:
62:02:ff:13:fd:ca:89:4e:d4:6f:a2:f1:64:a8:f3:5b:ba:0e:
65:4a:cf:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdL8scijkBzvCAkvhcUFI4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjMwNDA0MTEwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JhYmM3MjQ4ZGYyOTlmZjdhY2E4NDZlNjc5MzkxMDJlMjlkNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6VFJ24wRzDAkByygX7zWJJeiSMw
BpTbosOV2hWjKlyZI6+o2d9ctqBTP09lD21uDL3actxYZImVR2c8DNj+WWnDBYXP
x+X6D4CfuSmdga8jKpgtZgjVMR0YqsssS2Hulg1AptsIAMQsqhJc6zzddFqhq4Qa
mwBaTzEnGrmPEJjD4BvSr6eIHhCl1HYLmHFP74gDEKi1urYHpvHk5A8AvtMva+xo
V+Wfk5zNE3C8oml+1jIaTFY++2H81HmzHzh99gBjVhH3BcFaJ+MiHtdgmFR9g8T8
FoLKV24NNOwil6dA/HHx4YePlC2UMcjI3pW3JbLMVUsPe3YQ5G7k1ERXKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMy6vHJI3ymf96yoRuZ5ORAuKdTxMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvekxxOGNramZLWl8zcktoRzVuazVFQzRwMVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XEYMA0G
CSqGSIb3DQEBCwUAA4IBAQAW8WRVTMPyZtE5HYcxkwr41WV2Eqepqls2UGyvpjNN
QV5ht2GrRA0gFz6ErKPIIe53XHC3Yno8xIOPCoxN4iP+Jsp5YNs48CImh0a98zO3
MxMRl3S8r69rcwy65oCTGlRX0kDAg/E4un9zCf82YAc3Y//AAxbKrm2rsBSUV3g6
ugSTXvdBz605YA/ajzwyulmzQBlZO72WpYW4sm4FueFRu/o3pkvHVm+5MR1/0hi3
57/VoUjQFK2mkkW3/UTG1ZUJLod35XRHXrYgLx9UIRLq2Aou9Z1BsWTUdVnxHACh
Javf+TWWrjyBKzRiAv8T/cqJTtRvovFkqPNbug5lSs83
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:33:54 2025 by rpki-client