Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/93e20f-8878-4058-8e01-ad01e30a61b2/1/2Z7t-mkpcEHDJR5lfR4rHLx2acU.roa
File: 2Z7t-mkpcEHDJR5lfR4rHLx2acU.roa (raw, json)
Hash identifier: p90Z/scceMlmyktUMVc6iZUA1n7jh66n6lVXd1ew1ls=
Subject key identifier: D9:9E:ED:FA:69:29:70:41:C3:25:1E:65:7D:1E:2B:1C:BC:76:69:C5
Certificate issuer: /CN=15f215ad274f35b24ac6a060b2f09399711bc17f
Certificate serial: 0185368B6514279461A800D4DD0E59297AA0
Authority key identifier: 15:F2:15:AD:27:4F:35:B2:4A:C6:A0:60:B2:F0:93:99:71:1B:C1:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfIVrSdPNbJKxqBgsvCTmXEbwX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/93e20f-8878-4058-8e01-ad01e30a61b2/1/2Z7t-mkpcEHDJR5lfR4rHLx2acU.roa
Signing time: Wed 21 Dec 2022 21:16:23 +0000
ROA not before: Wed 21 Dec 2022 21:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205393
IP address blocks: 194.147.160.0/22 maxlen: 22
194.147.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:36:8b:65:14:27:94:61:a8:00:d4:dd:0e:59:29:7a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f215ad274f35b24ac6a060b2f09399711bc17f
Validity
Not Before: Dec 21 21:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d99eedfa69297041c3251e657d1e2b1cbc7669c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1f:d4:40:7e:45:c3:3f:02:20:cf:2d:34:84:
66:6e:7e:41:b2:6a:37:f3:e2:3b:09:b3:9f:28:63:
49:b3:30:b4:b2:d2:6c:12:b4:55:cd:78:9d:15:df:
83:8d:dc:06:25:d7:d8:a4:1f:f9:21:80:c6:73:bf:
28:3d:9a:2d:8d:26:77:98:45:78:34:82:a7:8f:0e:
e1:1a:d0:2c:82:00:99:ac:01:c5:b2:c1:24:cb:65:
b6:45:fb:95:08:1f:ea:9e:b5:56:6b:fb:e4:10:40:
d5:82:b3:a5:04:66:e0:03:a3:13:14:8a:4c:01:d2:
6a:af:8f:92:c0:1f:55:09:ea:76:9c:e4:32:bc:23:
39:e1:51:7a:79:ff:08:9f:38:70:65:2e:62:23:73:
e3:89:0b:02:16:20:f5:d0:60:6c:0e:72:a5:81:4c:
33:83:0a:d7:03:4e:22:dd:42:3b:88:5e:be:c3:f4:
30:1b:e3:9e:21:0e:99:e6:fe:cd:9d:c4:4c:36:fb:
16:29:aa:dd:ad:e7:0d:24:bd:22:f0:7a:49:12:16:
e4:c8:59:d4:74:0b:ba:30:b8:64:b9:f0:3b:1b:76:
74:2f:aa:45:29:e8:18:79:ae:f4:27:ef:05:85:81:
87:e8:d4:2f:01:26:ba:38:6b:0e:e0:4f:6f:47:3c:
e9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9E:ED:FA:69:29:70:41:C3:25:1E:65:7D:1E:2B:1C:BC:76:69:C5
X509v3 Authority Key Identifier:
keyid:15:F2:15:AD:27:4F:35:B2:4A:C6:A0:60:B2:F0:93:99:71:1B:C1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfIVrSdPNbJKxqBgsvCTmXEbwX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/93e20f-8878-4058-8e01-ad01e30a61b2/1/2Z7t-mkpcEHDJR5lfR4rHLx2acU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/93e20f-8878-4058-8e01-ad01e30a61b2/1/FfIVrSdPNbJKxqBgsvCTmXEbwX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.160.0/22
194.147.168.0/23
Signature Algorithm: sha256WithRSAEncryption
32:11:a2:e1:a4:2e:34:a1:bf:94:04:1a:ff:6d:db:ac:5d:ec:
5b:84:83:34:8a:26:08:5e:1f:94:c6:61:bc:6d:7a:31:9c:c1:
dd:49:2d:98:5c:76:fd:32:20:00:3d:1d:71:ff:6b:62:66:35:
8a:5d:ae:5d:1e:32:a7:28:c9:79:75:ca:5e:8b:4d:95:29:1c:
93:d2:64:e5:e8:a7:c6:dc:88:d0:15:39:6b:27:ba:bb:02:e4:
ae:9c:71:e4:4e:90:eb:9b:f4:c5:ba:56:67:5d:51:4c:51:da:
c2:14:ee:2b:fd:3e:a4:1c:f8:39:92:34:e4:b1:65:a5:a3:75:
ee:c7:18:fe:38:be:a4:a1:24:b6:b8:7d:0c:60:c4:8c:8c:c8:
0f:16:cd:65:1a:e0:7c:70:32:f9:3e:98:3c:f8:77:30:45:8d:
5a:51:9c:ef:a2:90:5e:c5:71:f6:15:f2:bd:04:6d:49:95:08:
86:0e:f7:ca:e5:2c:27:47:15:57:f3:5f:e5:55:d1:fd:b3:ec:
59:2b:fc:02:e1:a2:40:d8:73:67:85:80:76:fb:79:55:e3:5b:
9d:03:ee:c4:c8:68:14:0a:ed:3f:71:a6:98:dc:f0:95:11:e1:
92:ee:3a:58:88:5b:55:67:13:5a:ec:06:35:09:96:4a:99:6b:
09:36:6e:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU2i2UUJ5RhqADU3Q5ZKXqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjIxNWFkMjc0ZjM1YjI0YWM2YTA2MGIyZjA5Mzk5NzEx
YmMxN2YwHhcNMjIxMjIxMjExNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTllZWRmYTY5Mjk3MDQxYzMyNTFlNjU3ZDFlMmIxY2JjNzY2OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh/UQH5Fwz8CIM8tNIRmbn5Bsmo3
8+I7CbOfKGNJszC0stJsErRVzXidFd+DjdwGJdfYpB/5IYDGc78oPZotjSZ3mEV4
NIKnjw7hGtAsggCZrAHFssEky2W2RfuVCB/qnrVWa/vkEEDVgrOlBGbgA6MTFIpM
AdJqr4+SwB9VCep2nOQyvCM54VF6ef8InzhwZS5iI3PjiQsCFiD10GBsDnKlgUwz
gwrXA04i3UI7iF6+w/QwG+OeIQ6Z5v7NncRMNvsWKardrecNJL0i8HpJEhbkyFnU
dAu6MLhkufA7G3Z0L6pFKegYea70J+8FhYGH6NQvASa6OGsO4E9vRzzpbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNme7fppKXBBwyUeZX0eKxy8dmnFMB8GA1UdIwQY
MBaAFBXyFa0nTzWySsagYLLwk5lxG8F/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZJVnJTZFBOYkpLeHFCZ3N2Q1RtWEVid1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS85M2UyMGYtODg3OC00MDU4LThlMDEt
YWQwMWUzMGE2MWIyLzEvMlo3dC1ta3BjRUhESlI1bGZSNHJITHgyYWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS85M2UyMGYtODg3OC00MDU4LThlMDEtYWQwMWUzMGE2MWIy
LzEvRmZJVnJTZFBOYkpLeHFCZ3N2Q1RtWEVid1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwpOgAwQB
wpOoMA0GCSqGSIb3DQEBCwUAA4IBAQAyEaLhpC40ob+UBBr/bdusXexbhIM0iiYI
Xh+UxmG8bXoxnMHdSS2YXHb9MiAAPR1x/2tiZjWKXa5dHjKnKMl5dcpei02VKRyT
0mTl6KfG3IjQFTlrJ7q7AuSunHHkTpDrm/TFulZnXVFMUdrCFO4r/T6kHPg5kjTk
sWWlo3Xuxxj+OL6koSS2uH0MYMSMjMgPFs1lGuB8cDL5Ppg8+HcwRY1aUZzvopBe
xXH2FfK9BG1JlQiGDvfK5SwnRxVX81/lVdH9s+xZK/wC4aJA2HNnhYB2+3lV41ud
A+7EyGgUCu0/caaY3PCVEeGS7jpYiFtVZxNa7AY1CZZKmWsJNm7C
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:03:48 2025 by rpki-client