Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/2FBa12tdLNTdBiwSNP-1fAMdBUY.roa
File: 2FBa12tdLNTdBiwSNP-1fAMdBUY.roa (raw, json)
Hash identifier: OImRorlJBd/6dX4YHvUpNd7GdSDit73rcNSBvHd2OoY=
Subject key identifier: D8:50:5A:D7:6B:5D:2C:D4:DD:06:2C:12:34:FF:B5:7C:03:1D:05:46
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018A7444FD41EC9395A08BD606AFE83ECA2B
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/2FBa12tdLNTdBiwSNP-1fAMdBUY.roa
Signing time: Fri 08 Sep 2023 10:09:52 +0000
ROA not before: Fri 08 Sep 2023 10:09:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202041
IP address blocks: 194.170.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:44:fd:41:ec:93:95:a0:8b:d6:06:af:e8:3e:ca:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Sep 8 10:09:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8505ad76b5d2cd4dd062c1234ffb57c031d0546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:e8:6d:d0:70:a2:0b:2e:20:f9:b6:10:40:
4b:81:f5:05:e8:a4:c3:f0:f2:e5:a7:f4:30:66:d6:
f4:de:45:47:75:0a:4a:ce:9d:ce:f2:b8:40:f5:0e:
1b:50:70:d3:19:b3:8b:f6:2d:89:59:df:ca:80:e3:
0e:e9:6f:1f:b3:54:ec:f9:75:01:69:e0:80:cd:a7:
34:a5:44:fb:d9:c9:73:07:8d:47:54:68:07:47:5f:
3c:ca:ea:7a:fb:1b:b8:0d:0b:ca:7c:7a:0b:94:8e:
50:a8:6d:b0:a1:bf:9d:5c:31:9b:74:47:b3:ad:19:
66:df:f7:e3:30:a5:f1:0d:10:16:c2:74:27:e8:af:
78:3c:b8:52:63:c0:b0:c8:21:72:ec:ee:23:e6:a6:
cf:6b:48:3f:9d:cc:df:38:1e:8f:ab:ab:d1:93:ae:
3b:76:c5:9f:d1:41:c0:45:49:c8:e1:76:ce:6c:ba:
1e:bd:8a:39:da:f6:64:13:ff:f7:f2:32:6a:34:cb:
3c:9b:cd:93:59:f7:b0:05:45:e7:f6:32:bd:12:c0:
2a:72:e6:1c:d9:46:1a:d3:5a:db:13:a1:24:49:f1:
99:78:a0:73:d1:d9:70:0a:69:ab:e3:f0:01:62:8c:
c6:52:02:0a:e5:ef:5e:c1:9c:27:66:f8:76:f7:f0:
d0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:50:5A:D7:6B:5D:2C:D4:DD:06:2C:12:34:FF:B5:7C:03:1D:05:46
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/2FBa12tdLNTdBiwSNP-1fAMdBUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.170.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:85:72:be:5c:40:a5:8f:a6:21:68:00:fe:80:0c:46:c6:7a:
73:ae:51:c4:04:e9:64:b4:b7:d7:c8:82:3f:08:f2:c1:cf:83:
c8:eb:40:ee:60:15:07:a9:c2:80:c5:b8:20:79:ce:72:a5:d2:
82:ad:4c:50:a9:ab:af:cb:04:54:cb:e8:9f:eb:6c:87:ca:3a:
50:0a:c8:00:3b:0b:45:4c:9c:4e:38:b7:19:ff:9e:68:ee:ef:
99:aa:8c:25:64:9c:52:56:61:c6:d8:f6:55:83:2a:2b:f4:df:
74:a1:78:75:44:2b:7a:8a:dd:57:48:8b:c8:67:22:1c:db:1f:
eb:78:6c:b1:f3:10:64:09:6c:45:92:ab:ee:ba:ac:42:63:ee:
71:a1:d2:20:e9:d9:8d:d5:a7:8d:8f:13:04:12:cc:00:bb:60:
1c:7f:85:54:9d:03:b8:2f:e4:85:4f:3b:a1:83:78:73:0a:c6:
b3:a3:08:c0:a8:19:89:37:31:e7:91:e0:a9:a2:44:df:ea:d2:
8c:be:37:7a:7c:f8:7f:bf:68:2e:c3:34:bd:55:a2:10:f5:bd:
2c:ea:b9:18:9c:25:28:b3:01:88:45:38:84:5a:2d:7a:81:48:
51:06:df:7d:ec:2c:12:b9:0a:6d:c9:46:f1:54:a1:40:47:a4:
23:15:6c:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYp0RP1B7JOVoIvWBq/oPsorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwOTA4MTAwOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODUwNWFkNzZiNWQyY2Q0ZGQwNjJjMTIzNGZmYjU3YzAzMWQwNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/PobdBwogsuIPm2EEBLgfUF6KTD
8PLlp/QwZtb03kVHdQpKzp3O8rhA9Q4bUHDTGbOL9i2JWd/KgOMO6W8fs1Ts+XUB
aeCAzac0pUT72clzB41HVGgHR188yup6+xu4DQvKfHoLlI5QqG2wob+dXDGbdEez
rRlm3/fjMKXxDRAWwnQn6K94PLhSY8CwyCFy7O4j5qbPa0g/nczfOB6Pq6vRk647
dsWf0UHARUnI4XbObLoevYo52vZkE//38jJqNMs8m82TWfewBUXn9jK9EsAqcuYc
2UYa01rbE6EkSfGZeKBz0dlwCmmr4/ABYozGUgIK5e9ewZwnZvh29/DQjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhQWtdrXSzU3QYsEjT/tXwDHQVGMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvMkZCYTEydGRMTlRkQml3U05QLTFmQU1kQlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqryMA0G
CSqGSIb3DQEBCwUAA4IBAQBfhXK+XEClj6YhaAD+gAxGxnpzrlHEBOlktLfXyII/
CPLBz4PI60DuYBUHqcKAxbggec5ypdKCrUxQqauvywRUy+if62yHyjpQCsgAOwtF
TJxOOLcZ/55o7u+ZqowlZJxSVmHG2PZVgyor9N90oXh1RCt6it1XSIvIZyIc2x/r
eGyx8xBkCWxFkqvuuqxCY+5xodIg6dmN1aeNjxMEEswAu2Acf4VUnQO4L+SFTzuh
g3hzCsazowjAqBmJNzHnkeCpokTf6tKMvjd6fPh/v2guwzS9VaIQ9b0s6rkYnCUo
swGIRTiEWi16gUhRBt997CwSuQptyUbxVKFAR6QjFWy0
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:32:22 2025 by rpki-client