Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/zyKgtkyCAI1L0QrFr550tVey8mg.roa
File: zyKgtkyCAI1L0QrFr550tVey8mg.roa (raw, json)
Hash identifier: aGxPhTDLRaL22pGjT0f12rdlI4IOmxrV5wQU6I2l78o=
Subject key identifier: CF:22:A0:B6:4C:82:00:8D:4B:D1:0A:C5:AF:9E:74:B5:57:B2:F2:68
Certificate issuer: /CN=5c0273657ec5a1384d536f1bd99d916507fe7b29
Certificate serial: 01CA2536
Authority key identifier: 5C:02:73:65:7E:C5:A1:38:4D:53:6F:1B:D9:9D:91:65:07:FE:7B:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XAJzZX7FoThNU28b2Z2RZQf-eyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/zyKgtkyCAI1L0QrFr550tVey8mg.roa
Signing time: Sat 01 Jan 2022 15:05:07 +0000
ROA not before: Sat 01 Jan 2022 15:05:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211178
IP address blocks: 193.3.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30025014 (0x1ca2536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c0273657ec5a1384d536f1bd99d916507fe7b29
Validity
Not Before: Jan 1 15:05:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf22a0b64c82008d4bd10ac5af9e74b557b2f268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:21:cd:96:bf:22:53:56:dd:d2:3c:e5:18:1c:
84:c0:a4:09:62:6a:8a:43:bb:84:56:4c:b9:b6:45:
f8:7a:03:86:ee:94:42:95:25:d2:13:9c:6a:23:ca:
0a:c8:ac:03:db:89:c7:b4:33:cf:82:53:67:6d:11:
79:14:68:82:5c:7b:19:87:04:d1:55:84:03:bd:d1:
ac:4e:d2:18:c1:b5:cf:e3:b0:5a:cc:cb:8c:b9:22:
ab:10:90:0c:3c:c6:d4:e1:b4:e8:9b:fe:2e:c3:6b:
01:bd:f6:75:7d:88:c9:51:31:41:e0:42:10:b0:83:
67:10:3b:6d:eb:b5:fb:76:1e:d4:47:0f:22:51:c8:
ea:ab:ec:43:41:cd:86:12:b3:a4:bf:a7:14:06:68:
4f:2c:c0:72:58:11:70:10:21:e3:17:4b:00:0a:60:
7b:1f:04:c3:e9:40:fd:be:55:35:17:fb:b7:c6:f6:
b3:37:5f:b5:d9:91:e5:20:fa:c4:b2:4f:5d:c9:77:
8d:b2:1d:93:7e:f3:f6:5c:d0:58:03:e6:52:7d:7e:
d7:f4:5c:3b:d4:89:35:bf:bd:e7:c4:a3:22:a5:c1:
4b:c3:f2:38:ee:fc:7d:fb:cd:d5:69:e5:48:21:df:
b0:71:18:77:d0:36:15:f8:1a:32:08:00:dd:83:8b:
06:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:22:A0:B6:4C:82:00:8D:4B:D1:0A:C5:AF:9E:74:B5:57:B2:F2:68
X509v3 Authority Key Identifier:
keyid:5C:02:73:65:7E:C5:A1:38:4D:53:6F:1B:D9:9D:91:65:07:FE:7B:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAJzZX7FoThNU28b2Z2RZQf-eyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/zyKgtkyCAI1L0QrFr550tVey8mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/XAJzZX7FoThNU28b2Z2RZQf-eyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.34.0/24
Signature Algorithm: sha256WithRSAEncryption
75:7a:0f:51:a9:72:8d:66:70:ad:9f:ed:5f:85:41:d4:fe:75:
15:f7:5f:d1:b6:7c:51:a3:5b:ab:ed:ca:da:4b:b9:09:7b:f6:
07:aa:b0:59:ed:48:ae:56:e4:20:1c:98:4f:41:5f:a6:04:3f:
66:70:a1:32:03:2a:4d:54:0c:d5:11:d7:5f:20:b7:68:57:6f:
de:23:81:46:45:51:40:a4:2e:4c:71:c2:6c:60:b3:ed:87:02:
7c:fd:e4:03:b4:2b:e0:06:49:08:93:f8:2f:20:7d:6f:1d:30:
e6:36:f4:59:c6:ed:71:0f:eb:0a:35:e4:c0:19:ab:77:f8:56:
26:d5:6e:c0:6f:25:58:5b:ed:fb:30:5f:b4:be:19:ff:61:8b:
59:5e:41:ab:79:bf:d2:03:4d:03:5a:b4:7a:70:cc:38:d8:b3:
0e:77:c5:be:58:e7:db:54:72:d3:dc:2f:0c:3b:e3:e4:aa:4a:
18:c5:7c:e4:68:83:79:66:57:c5:3f:57:fe:c7:52:3d:6e:75:
ab:fc:0a:cf:6f:aa:9c:cb:3e:0b:69:e3:2c:0a:f5:ce:c4:43:
aa:49:4b:b6:5f:ec:20:8f:57:9d:1e:70:e1:ff:16:7a:82:d0:
61:94:59:a7:5d:69:82:74:20:ee:fa:1a:ef:21:16:db:98:0f:
a1:d7:ec:c4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAcolNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzAyNzM2NTdlYzVhMTM4NGQ1MzZmMWJkOTlkOTE2NTA3ZmU3YjI5MB4XDTIyMDEw
MTE1MDUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YyMmEwYjY0Yzgy
MDA4ZDRiZDEwYWM1YWY5ZTc0YjU1N2IyZjI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJshzZa/IlNW3dI85RgchMCkCWJqikO7hFZMubZF+HoDhu6U
QpUl0hOcaiPKCsisA9uJx7Qzz4JTZ20ReRRoglx7GYcE0VWEA73RrE7SGMG1z+Ow
WszLjLkiqxCQDDzG1OG06Jv+LsNrAb32dX2IyVExQeBCELCDZxA7beu1+3Ye1EcP
IlHI6qvsQ0HNhhKzpL+nFAZoTyzAclgRcBAh4xdLAApgex8Ew+lA/b5VNRf7t8b2
szdftdmR5SD6xLJPXcl3jbIdk37z9lzQWAPmUn1+1/RcO9SJNb+958SjIqXBS8Py
OO78ffvN1WnlSCHfsHEYd9A2FfgaMggA3YOLBp8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTPIqC2TIIAjUvRCsWvnnS1V7LyaDAfBgNVHSMEGDAWgBRcAnNlfsWhOE1T
bxvZnZFlB/57KTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hBSnpaWDdGb1RoTlUyOGIyWjJSWlFmLWV5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvZWEwODYzLTJkYjgtNDZmZi05OTUwLWQxMjgzMGIzYjFlMC8x
L3p5S2d0a3lDQUkxTDBRckZyNTUwdFZleThtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
ZWEwODYzLTJkYjgtNDZmZi05OTUwLWQxMjgzMGIzYjFlMC8xL1hBSnpaWDdGb1Ro
TlUyOGIyWjJSWlFmLWV5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDIjANBgkqhkiG9w0BAQsFAAOC
AQEAdXoPUalyjWZwrZ/tX4VB1P51Ffdf0bZ8UaNbq+3K2ku5CXv2B6qwWe1Irlbk
IByYT0FfpgQ/ZnChMgMqTVQM1RHXXyC3aFdv3iOBRkVRQKQuTHHCbGCz7YcCfP3k
A7Qr4AZJCJP4LyB9bx0w5jb0WcbtcQ/rCjXkwBmrd/hWJtVuwG8lWFvt+zBftL4Z
/2GLWV5Bq3m/0gNNA1q0enDMONizDnfFvljn21Ry09wvDDvj5KpKGMV85GiDeWZX
xT9X/sdSPW51q/wKz2+qnMs+C2njLAr1zsRDqklLtl/sII9XnR5w4f8WeoLQYZRZ
p11pgnQg7voa7yEW25gPodfsxA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:51 2025 by rpki-client