Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/0v_2VoBHe-3SbV1eButqYBh6WzY.roa
File: 0v_2VoBHe-3SbV1eButqYBh6WzY.roa (raw, json)
Hash identifier: /3npcdqpxJ+o9yo+UgZKCIU2rKVj4M42ttUy2W+/ygU=
Subject key identifier: D2:FF:F6:56:80:47:7B:ED:D2:6D:5D:5E:06:EB:6A:60:18:7A:5B:36
Certificate issuer: /CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Certificate serial: 0188AD177C07823F5FEE2B498FBD37DC13AB
Authority key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/0v_2VoBHe-3SbV1eButqYBh6WzY.roa
Signing time: Mon 12 Jun 2023 00:52:57 +0000
ROA not before: Mon 12 Jun 2023 00:52:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198287
IP address blocks: 194.126.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ad:17:7c:07:82:3f:5f:ee:2b:49:8f:bd:37:dc:13:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Validity
Not Before: Jun 12 00:52:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2fff65680477bedd26d5d5e06eb6a60187a5b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c0:11:6b:5e:cc:97:83:df:da:5f:1d:b5:65:
da:54:5f:19:47:ad:0e:56:5a:f4:9d:53:a0:1b:b3:
f1:a5:3b:17:d4:cc:23:52:37:12:87:98:e5:ad:49:
d0:aa:c7:88:0c:96:0a:6a:fd:23:58:95:1f:73:34:
78:ec:e8:03:8f:a2:d1:d6:e8:0c:26:a0:aa:3c:c7:
72:d7:79:66:42:d1:24:d6:c9:f7:a5:df:96:65:5a:
6c:65:72:ce:de:70:ae:ff:93:d2:dc:2c:f9:c8:4d:
53:3c:66:da:06:00:36:19:ec:a0:e9:3a:60:bf:6e:
60:77:2f:48:4c:1f:65:a7:5c:ef:f1:77:c9:d6:bc:
61:6c:cb:99:78:9a:fa:6d:52:ed:c1:47:21:42:05:
c4:c8:31:e3:7f:f3:99:16:54:43:54:62:bb:0c:81:
de:43:83:41:0f:66:89:06:42:30:a1:65:5d:ec:5e:
80:79:64:6f:8d:51:51:ed:d5:34:a5:54:0b:6a:7a:
a4:f3:fa:e6:76:c5:8e:e6:a7:b7:67:3f:82:de:bb:
9d:9d:0d:09:c0:5b:31:2f:05:77:d2:85:1d:01:6f:
22:36:ea:4e:fb:0e:9c:2b:c8:10:1c:d7:41:b7:cd:
bc:07:da:74:b9:7d:3d:34:b8:95:aa:77:92:72:1e:
ab:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FF:F6:56:80:47:7B:ED:D2:6D:5D:5E:06:EB:6A:60:18:7A:5B:36
X509v3 Authority Key Identifier:
keyid:67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/0v_2VoBHe-3SbV1eButqYBh6WzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.129.0/24
Signature Algorithm: sha256WithRSAEncryption
30:e2:3c:11:fa:dd:22:41:47:f2:5d:b1:29:ba:4b:59:9d:91:
d0:a8:9c:12:5a:fd:13:c6:bc:1c:c0:3b:64:e3:c8:f5:0a:f6:
32:41:43:fa:28:5d:74:48:b2:4f:46:fa:15:11:5a:59:6c:84:
10:7f:84:8c:34:a4:ef:38:18:00:4b:44:8e:7a:a9:f4:15:87:
34:c3:25:af:6c:a6:6f:81:6c:9e:2d:0a:e4:bc:57:43:38:05:
0e:2f:d3:d4:a6:26:35:39:14:3a:57:ee:b1:32:85:bb:9e:61:
98:c3:8a:4e:17:53:14:8d:41:cf:fd:f6:c7:ae:7b:e1:06:f9:
e5:04:a8:5f:e8:65:b1:67:bc:ad:77:5e:a0:f8:91:89:06:a7:
46:91:48:d5:6b:d6:ba:74:df:bf:de:a9:0b:17:42:05:e0:89:
55:08:9d:20:76:fe:4d:ee:f6:bc:30:aa:44:a9:ae:3f:62:1b:
b2:bf:c3:ff:7a:15:82:8a:af:94:6f:bd:ed:dd:8e:41:77:35:
e1:dd:12:e5:01:0a:8a:ba:36:06:3a:f4:68:34:20:71:c6:5e:
d5:24:a6:2d:92:0a:38:d5:74:e9:43:d3:0b:9d:38:2b:a8:90:
7b:63:fd:d6:6a:79:42:70:eb:7d:28:b6:72:67:db:78:d4:bb:
f3:99:d4:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYitF3wHgj9f7itJj7033BOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTFjZWRmZTA4MjZmMGY5Nzc1YmRmYThlOTQyNTMwMGJk
ZTlmMTMwHhcNMjMwNjEyMDA1MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZmZjY1NjgwNDc3YmVkZDI2ZDVkNWUwNmViNmE2MDE4N2E1YjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMARa17Ml4Pf2l8dtWXaVF8ZR60O
Vlr0nVOgG7PxpTsX1MwjUjcSh5jlrUnQqseIDJYKav0jWJUfczR47OgDj6LR1ugM
JqCqPMdy13lmQtEk1sn3pd+WZVpsZXLO3nCu/5PS3Cz5yE1TPGbaBgA2Geyg6Tpg
v25gdy9ITB9lp1zv8XfJ1rxhbMuZeJr6bVLtwUchQgXEyDHjf/OZFlRDVGK7DIHe
Q4NBD2aJBkIwoWVd7F6AeWRvjVFR7dU0pVQLanqk8/rmdsWO5qe3Zz+C3rudnQ0J
wFsxLwV30oUdAW8iNupO+w6cK8gQHNdBt828B9p0uX09NLiVqneSch6riwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL/9laAR3vt0m1dXgbramAYels2MB8GA1UdIwQY
MBaAFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEt
ZWM5Yjc1NTIxMjk3LzEvMHZfMlZvQkhlLTNTYlYxZUJ1dHFZQmg2V3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEtZWM5Yjc1NTIxMjk3
LzEvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn6BMA0G
CSqGSIb3DQEBCwUAA4IBAQAw4jwR+t0iQUfyXbEpuktZnZHQqJwSWv0TxrwcwDtk
48j1CvYyQUP6KF10SLJPRvoVEVpZbIQQf4SMNKTvOBgAS0SOeqn0FYc0wyWvbKZv
gWyeLQrkvFdDOAUOL9PUpiY1ORQ6V+6xMoW7nmGYw4pOF1MUjUHP/fbHrnvhBvnl
BKhf6GWxZ7ytd16g+JGJBqdGkUjVa9a6dN+/3qkLF0IF4IlVCJ0gdv5N7va8MKpE
qa4/Yhuyv8P/ehWCiq+Ub73t3Y5BdzXh3RLlAQqKujYGOvRoNCBxxl7VJKYtkgo4
1XTpQ9MLnTgrqJB7Y/3WanlCcOt9KLZyZ9t41LvzmdQ3
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:05 2025 by rpki-client