Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/0YZBM5QLGk0Fkc1fVox28dq9SWo.roa
File: 0YZBM5QLGk0Fkc1fVox28dq9SWo.roa (raw, json)
Hash identifier: JcjKNSAl2WReEw1c53MT5pTVdj+zTw/EzGhfTpx3ZJ4=
Subject key identifier: D1:86:41:33:94:0B:1A:4D:05:91:CD:5F:56:8C:76:F1:DA:BD:49:6A
Certificate issuer: /CN=0039f741686da11e79ae7c5e486aa290808cb1b7
Certificate serial: 0185719E6D69A33680924CD02C56DD940F24
Authority key identifier: 00:39:F7:41:68:6D:A1:1E:79:AE:7C:5E:48:6A:A2:90:80:8C:B1:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADn3QWhtoR55rnxeSGqikICMsbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/0YZBM5QLGk0Fkc1fVox28dq9SWo.roa
Signing time: Mon 02 Jan 2023 08:34:46 +0000
ROA not before: Mon 02 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207874
IP address blocks: 194.31.12.0/24 maxlen: 24
194.31.13.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:6d:69:a3:36:80:92:4c:d0:2c:56:dd:94:0f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0039f741686da11e79ae7c5e486aa290808cb1b7
Validity
Not Before: Jan 2 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1864133940b1a4d0591cd5f568c76f1dabd496a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:25:dc:b9:47:6c:5a:ce:2d:96:f8:19:1f:a9:
cd:4a:a4:04:7b:75:65:04:92:b0:1c:1d:70:cc:30:
d6:74:18:7e:15:55:01:22:c1:d3:5c:3f:03:76:3e:
11:11:5f:b9:9d:68:b5:59:95:0d:ed:fa:c0:56:ae:
f4:fb:ca:16:d7:9f:d0:94:7b:e4:25:85:99:28:97:
60:d3:4d:b6:dc:93:aa:99:fd:35:89:08:8e:ac:87:
f5:9a:98:25:18:0b:a8:e7:8b:f2:75:e5:5d:4f:e1:
7d:24:4b:6b:ea:e7:c7:04:3a:ef:66:ed:47:03:28:
e1:07:bf:89:03:9f:6c:2a:07:6f:1b:53:d3:27:6c:
49:0e:03:b8:b8:ec:14:1b:ff:84:2d:bd:74:25:bd:
fe:75:79:6f:76:14:37:95:76:87:14:62:01:ff:ba:
90:f4:f5:62:a7:eb:51:5d:8a:42:f5:c6:17:3d:b7:
a7:90:ae:83:3b:2a:e1:81:63:91:1f:bc:eb:55:b7:
6d:87:4e:c9:ac:30:6b:6e:03:e1:58:ef:db:dc:76:
a3:80:1c:aa:ad:10:02:1e:6e:f0:8e:37:2c:57:74:
7d:64:63:d3:ed:10:c0:1e:92:8a:2e:ab:04:93:1e:
2b:44:8f:86:9e:d0:97:f2:1d:2c:6a:8f:eb:cf:a0:
14:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:86:41:33:94:0B:1A:4D:05:91:CD:5F:56:8C:76:F1:DA:BD:49:6A
X509v3 Authority Key Identifier:
keyid:00:39:F7:41:68:6D:A1:1E:79:AE:7C:5E:48:6A:A2:90:80:8C:B1:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADn3QWhtoR55rnxeSGqikICMsbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/0YZBM5QLGk0Fkc1fVox28dq9SWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/ADn3QWhtoR55rnxeSGqikICMsbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.12.0/23
Signature Algorithm: sha256WithRSAEncryption
86:d0:2b:54:86:62:16:29:be:0a:bd:f2:9e:12:72:f3:25:65:
a7:7c:19:18:90:7d:0d:8e:82:70:fd:3e:43:a8:d0:fb:f3:93:
56:fe:36:1f:76:f2:62:bd:e5:93:41:4e:ea:b7:19:d8:ad:a0:
2d:f7:e5:33:f1:e1:20:0b:b8:98:b5:59:d9:47:bf:8f:2d:9c:
d9:8e:d7:9f:e5:a7:3e:99:ac:6b:00:1f:23:38:3d:4f:23:b4:
61:12:74:d9:cc:82:49:4b:84:73:78:e0:22:06:8a:a0:23:ff:
df:b1:f4:7d:ea:bd:2f:13:83:e7:ab:55:a8:9e:d6:c7:16:9a:
38:7a:80:f6:6e:b8:23:c8:4f:dd:5b:34:0f:37:f3:c6:a5:f5:
d8:03:9c:b4:b8:8b:8d:53:45:32:59:78:2c:bc:47:40:0b:bf:
6c:f9:b5:93:5e:d2:37:39:c2:f9:6c:15:32:1a:e9:00:48:3e:
6e:1f:1b:82:9b:2b:72:11:a1:7e:37:dd:db:81:50:cb:74:24:
40:b7:22:3c:36:c2:05:9b:25:38:22:1b:d9:d0:35:7d:08:53:
a8:44:3b:82:f0:38:d0:14:7a:33:6b:6c:7c:58:46:61:02:6a:
8f:ec:ef:a3:b0:f7:13:67:71:53:2d:8d:ad:60:29:ba:ab:22:
b5:b8:b8:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnm1pozaAkkzQLFbdlA8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMzlmNzQxNjg2ZGExMWU3OWFlN2M1ZTQ4NmFhMjkwODA4
Y2IxYjcwHhcNMjMwMTAyMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg2NDEzMzk0MGIxYTRkMDU5MWNkNWY1NjhjNzZmMWRhYmQ0OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSXcuUdsWs4tlvgZH6nNSqQEe3Vl
BJKwHB1wzDDWdBh+FVUBIsHTXD8Ddj4REV+5nWi1WZUN7frAVq70+8oW15/QlHvk
JYWZKJdg00223JOqmf01iQiOrIf1mpglGAuo54vydeVdT+F9JEtr6ufHBDrvZu1H
AyjhB7+JA59sKgdvG1PTJ2xJDgO4uOwUG/+ELb10Jb3+dXlvdhQ3lXaHFGIB/7qQ
9PVip+tRXYpC9cYXPbenkK6DOyrhgWORH7zrVbdth07JrDBrbgPhWO/b3HajgByq
rRACHm7wjjcsV3R9ZGPT7RDAHpKKLqsEkx4rRI+GntCX8h0sao/rz6AUgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGGQTOUCxpNBZHNX1aMdvHavUlqMB8GA1UdIwQY
MBaAFAA590FobaEeea58XkhqopCAjLG3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURuM1FXaHRvUjU1cm54ZVNHcWlrSUNNc2JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8zYzYxNmYtMDEzOC00ZmZiLWFmMTct
NTVmNDFmZGYwZTYzLzEvMFlaQk01UUxHazBGa2MxZlZveDI4ZHE5U1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8zYzYxNmYtMDEzOC00ZmZiLWFmMTctNTVmNDFmZGYwZTYz
LzEvQURuM1FXaHRvUjU1cm54ZVNHcWlrSUNNc2JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwh8MMA0G
CSqGSIb3DQEBCwUAA4IBAQCG0CtUhmIWKb4KvfKeEnLzJWWnfBkYkH0NjoJw/T5D
qND785NW/jYfdvJiveWTQU7qtxnYraAt9+Uz8eEgC7iYtVnZR7+PLZzZjtef5ac+
maxrAB8jOD1PI7RhEnTZzIJJS4RzeOAiBoqgI//fsfR96r0vE4Pnq1WontbHFpo4
eoD2brgjyE/dWzQPN/PGpfXYA5y0uIuNU0UyWXgsvEdAC79s+bWTXtI3OcL5bBUy
GukASD5uHxuCmytyEaF+N93bgVDLdCRAtyI8NsIFmyU4IhvZ0DV9CFOoRDuC8DjQ
FHoza2x8WEZhAmqP7O+jsPcTZ3FTLY2tYCm6qyK1uLi0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:43 2025 by rpki-client