Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/usaVzkHc2ISBVGSw6oO-5udR49s.roa
File: usaVzkHc2ISBVGSw6oO-5udR49s.roa (raw, json)
Hash identifier: cIilxUgHG48msQSCXkJs1/Zyt/hmRhqPRgTDZdgeMxw=
Subject key identifier: BA:C6:95:CE:41:DC:D8:84:81:54:64:B0:EA:83:BE:E6:E7:51:E3:DB
Certificate issuer: /CN=c58afa22f98a37f6d8d0293a9b319416ec94d386
Certificate serial: 018C81AC0FDAF2824D665DEC29A05CFD0594
Authority key identifier: C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/usaVzkHc2ISBVGSw6oO-5udR49s.roa
Signing time: Tue 19 Dec 2023 10:43:06 +0000
ROA not before: Tue 19 Dec 2023 10:43:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15435
IP address blocks: 194.13.240.0/20 maxlen: 24
2001:67c:2b0c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:ac:0f:da:f2:82:4d:66:5d:ec:29:a0:5c:fd:05:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c58afa22f98a37f6d8d0293a9b319416ec94d386
Validity
Not Before: Dec 19 10:43:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bac695ce41dcd884815464b0ea83bee6e751e3db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:64:e9:e0:2c:ac:22:7b:05:37:e7:7a:13:
13:73:fe:36:af:1c:54:61:f6:30:3c:68:c2:36:ac:
c3:de:eb:ea:26:b9:f5:45:d5:1f:30:3e:23:cb:62:
8c:f2:ef:67:91:a7:56:ab:11:bb:61:51:84:d5:10:
a1:0a:3e:36:7b:2f:93:25:94:73:12:fd:9b:14:00:
b0:ca:71:52:68:ae:fc:47:1b:dc:3a:a6:77:ce:ed:
80:f6:ba:01:44:56:2e:29:f9:4e:95:e4:23:83:d4:
3d:7c:46:d7:56:6a:88:e8:6a:70:8b:c2:d6:2c:b3:
10:3e:69:a8:9f:ab:9a:00:12:f2:43:95:57:de:6c:
b6:a0:8a:e8:21:49:8b:39:f2:f7:f2:54:82:8c:7d:
6b:33:3a:0b:fa:94:eb:d7:d9:4a:4b:60:90:e6:98:
16:0e:72:d2:7a:3c:75:5c:7f:15:df:64:d5:3c:c5:
76:07:91:8d:5b:aa:dc:d4:7b:0c:13:8e:12:9a:56:
f7:65:19:6f:dd:c9:d2:89:4c:56:9c:a9:98:37:0e:
f5:49:8b:d4:d1:bd:8a:d7:b0:d6:5c:1b:53:43:46:
a3:1b:d7:bc:1b:69:0b:64:03:64:5d:41:27:d8:5e:
74:b6:a4:39:b9:ee:ce:92:00:2f:20:c8:6b:b8:08:
12:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C6:95:CE:41:DC:D8:84:81:54:64:B0:EA:83:BE:E6:E7:51:E3:DB
X509v3 Authority Key Identifier:
keyid:C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/usaVzkHc2ISBVGSw6oO-5udR49s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.240.0/20
IPv6:
2001:67c:2b0c::/48
Signature Algorithm: sha256WithRSAEncryption
c8:7b:35:95:2a:12:5c:1c:0e:a0:12:ee:69:03:d5:fa:32:09:
62:76:1c:8d:4d:6b:2a:bd:c1:fa:97:6a:d8:a2:d4:30:bf:0f:
b1:9f:06:c1:c0:60:57:09:0d:32:26:79:cd:3a:b8:69:7e:90:
91:3e:50:0b:11:83:67:9b:6f:e1:b9:fa:c6:ca:cd:91:e0:87:
13:31:47:4e:0c:e9:a5:a6:de:76:10:5f:38:64:52:ee:0b:63:
20:4c:0c:aa:92:0f:56:3c:ee:d9:bd:51:d2:55:23:84:60:3a:
dc:c3:a3:b9:f7:f6:cb:91:40:5b:63:08:48:f7:fc:ab:15:ed:
ab:2d:41:f6:21:a6:c0:35:96:63:40:f7:c0:56:97:98:59:2b:
76:4e:a3:3d:9b:39:46:86:6f:dc:be:68:e3:f3:f1:a7:f5:b9:
14:72:83:d7:6b:82:87:75:3c:4c:cf:9b:c2:f8:fc:31:95:3c:
c7:9a:48:79:26:a2:7d:d6:2b:0a:73:77:25:2e:aa:3c:6d:3f:
56:52:7e:d2:52:86:ff:e2:f9:38:cb:a4:a1:ad:54:4a:92:f8:
69:69:0f:bf:17:06:e4:9c:3b:2d:3b:39:a9:73:42:e0:b2:de:
e7:b0:43:f1:7e:b4:f6:07:93:3b:82:e8:58:4e:fc:b3:12:a5:
f4:38:ac:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyBrA/a8oJNZl3sKaBc/QWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OGFmYTIyZjk4YTM3ZjZkOGQwMjkzYTliMzE5NDE2ZWM5
NGQzODYwHhcNMjMxMjE5MTA0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM2OTVjZTQxZGNkODg0ODE1NDY0YjBlYTgzYmVlNmU3NTFlM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTdk6eAsrCJ7BTfnehMTc/42rxxU
YfYwPGjCNqzD3uvqJrn1RdUfMD4jy2KM8u9nkadWqxG7YVGE1RChCj42ey+TJZRz
Ev2bFACwynFSaK78RxvcOqZ3zu2A9roBRFYuKflOleQjg9Q9fEbXVmqI6Gpwi8LW
LLMQPmmon6uaABLyQ5VX3my2oIroIUmLOfL38lSCjH1rMzoL+pTr19lKS2CQ5pgW
DnLSejx1XH8V32TVPMV2B5GNW6rc1HsME44Smlb3ZRlv3cnSiUxWnKmYNw71SYvU
0b2K17DWXBtTQ0ajG9e8G2kLZANkXUEn2F50tqQ5ue7OkgAvIMhruAgSKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLrGlc5B3NiEgVRksOqDvubnUePbMB8GA1UdIwQY
MBaAFMWK+iL5ijf22NApOpsxlBbslNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEt
OTEyMjg2MjA1NzBlLzEvdXNhVnprSGMySVNCVkdTdzZvTy01dWRSNDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEtOTEyMjg2MjA1NzBl
LzEveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEwg3wMA8E
AgACMAkDBwAgAQZ8KwwwDQYJKoZIhvcNAQELBQADggEBAMh7NZUqElwcDqAS7mkD
1foyCWJ2HI1Nayq9wfqXatii1DC/D7GfBsHAYFcJDTImec06uGl+kJE+UAsRg2eb
b+G5+sbKzZHghxMxR04M6aWm3nYQXzhkUu4LYyBMDKqSD1Y87tm9UdJVI4RgOtzD
o7n39suRQFtjCEj3/KsV7astQfYhpsA1lmNA98BWl5hZK3ZOoz2bOUaGb9y+aOPz
8af1uRRyg9drgod1PEzPm8L4/DGVPMeaSHkmon3WKwpzdyUuqjxtP1ZSftJShv/i
+TjLpKGtVEqS+GlpD78XBuScOy07OalzQuCy3uewQ/F+tPYHkzuC6FhO/LMSpfQ4
rMA=
-----END CERTIFICATE-----
Generated at Tue Apr 15 17:49:43 2025 by rpki-client