Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4j2oM6H2CpaxCXeYIxQxaI-CbAs.roa
File: 4j2oM6H2CpaxCXeYIxQxaI-CbAs.roa (raw, json)
Hash identifier: 7mYjHSx3qwjc9x9rUhTc3/ynW25fY2kGeO/ehoBATBM=
Subject key identifier: E2:3D:A8:33:A1:F6:0A:96:B1:09:77:98:23:14:31:68:8F:82:6C:0B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BEC3ED11F46F8B0EBCF2278B8026BBD0F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4j2oM6H2CpaxCXeYIxQxaI-CbAs.roa
Signing time: Mon 20 Nov 2023 10:20:21 +0000
ROA not before: Mon 20 Nov 2023 10:20:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 194.33.32.0/24 maxlen: 24
2a0f:7f00::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:3e:d1:1f:46:f8:b0:eb:cf:22:78:b8:02:6b:bd:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 20 10:20:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e23da833a1f60a96b1097798231431688f826c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b5:41:9c:bb:50:df:a9:bf:21:b5:75:4a:ea:
c5:cf:38:c7:dc:76:ba:72:cf:7d:a5:eb:d3:77:39:
19:ad:58:35:bc:f9:99:d5:92:64:8b:32:54:3f:8a:
41:64:eb:95:7d:cd:45:34:02:5c:f6:74:13:e5:b0:
7d:c9:99:d6:be:37:ea:e9:67:43:76:9c:67:e5:ac:
36:aa:5e:2a:8a:2c:62:18:a5:8a:7f:b9:56:16:6d:
99:23:aa:8f:28:96:50:57:1d:36:fc:59:e3:7a:9e:
71:4f:0c:50:25:48:95:5e:b1:7e:cf:d9:70:ba:71:
bc:97:1f:3d:f0:40:c2:4f:10:2e:ad:ff:4b:84:f5:
04:11:7a:44:27:35:cb:db:8b:a8:3e:9d:5b:d0:13:
49:64:58:fa:ab:03:f5:b2:36:f5:43:f4:f5:47:98:
36:b3:e3:ac:49:43:5f:4b:4f:08:48:a9:4d:f7:54:
ab:f4:51:29:48:f8:3b:8e:46:0a:71:9f:9c:94:b0:
fd:b8:08:1e:d2:05:d9:93:7f:b6:48:81:d1:68:c7:
72:29:0f:7e:78:e3:10:a9:3b:87:0d:f3:81:45:e8:
ef:cb:be:fd:dc:75:8b:14:04:48:e0:f6:e7:0f:e6:
f2:40:4b:04:ec:13:35:ec:0e:27:74:30:4d:70:51:
25:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3D:A8:33:A1:F6:0A:96:B1:09:77:98:23:14:31:68:8F:82:6C:0B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4j2oM6H2CpaxCXeYIxQxaI-CbAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.32.0/24
IPv6:
2a06:dfc0::/29
2a0e:5a80::/29
2a0f:7f00::/29
2a12:d540::/29
2a13:200::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
b2:66:bd:0d:02:b1:1f:5d:df:77:bc:15:13:d2:15:a0:10:50:
fe:4f:08:bf:7d:ad:2c:ee:76:08:87:f0:70:8c:3a:67:a0:8f:
f4:85:4a:fa:7e:38:b1:82:53:35:bb:21:f1:53:8e:c7:eb:87:
cd:28:82:13:25:24:d6:b8:52:43:10:25:ac:7d:72:cc:22:c1:
78:7f:c0:5d:89:3f:25:3c:c2:28:a2:13:71:23:0f:74:58:96:
6f:13:c0:77:a3:61:9f:9a:2b:f7:a3:a6:85:a7:50:8b:f2:a7:
78:dd:85:e6:7c:cf:15:1c:a6:c8:c5:6b:a1:cb:b8:af:23:fe:
b9:e3:4a:bd:c1:7e:68:db:9b:49:07:db:bc:16:cc:29:58:2f:
e5:fa:86:5a:07:c1:34:1c:3e:5c:c3:c1:62:8d:21:a7:9f:da:
9f:6d:8a:ac:2f:86:c7:3e:67:de:6a:9f:cf:d1:f3:99:87:cf:
3e:63:04:98:78:6c:88:15:2b:f3:83:31:13:57:80:1a:4c:c1:
bf:bf:f2:83:a8:87:00:3d:e6:60:f7:18:87:6f:9a:ff:80:47:
d4:e4:93:40:32:b5:bd:1e:88:c7:4e:fa:8d:ff:b7:33:69:46:
a2:b2:05:65:4a:25:e8:9b:e2:49:40:e6:07:fd:0f:a6:69:eb:
1e:43:b8:e2
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYvsPtEfRviw688ieLgCa70PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTIwMTAyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjNkYTgzM2ExZjYwYTk2YjEwOTc3OTgyMzE0MzE2ODhmODI2YzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLVBnLtQ36m/IbV1SurFzzjH3Ha6
cs99pevTdzkZrVg1vPmZ1ZJkizJUP4pBZOuVfc1FNAJc9nQT5bB9yZnWvjfq6WdD
dpxn5aw2ql4qiixiGKWKf7lWFm2ZI6qPKJZQVx02/Fnjep5xTwxQJUiVXrF+z9lw
unG8lx898EDCTxAurf9LhPUEEXpEJzXL24uoPp1b0BNJZFj6qwP1sjb1Q/T1R5g2
s+OsSUNfS08ISKlN91Sr9FEpSPg7jkYKcZ+clLD9uAge0gXZk3+2SIHRaMdyKQ9+
eOMQqTuHDfOBRejvy7793HWLFARI4PbnD+byQEsE7BM17A4ndDBNcFElvQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOI9qDOh9gqWsQl3mCMUMWiPgmwLMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNGoyb002SDJDcGF4Q1hlWUl4UXhhSS1DYkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAMBAIAATAGAwQAwiEgMDAE
AgACMCoDBQMqBt/AAwUDKg5agAMFAyoPfwADBQMqEtVAAwUDKhMCAAMFAyoT0wAw
DQYJKoZIhvcNAQELBQADggEBALJmvQ0CsR9d33e8FRPSFaAQUP5PCL99rSzudgiH
8HCMOmegj/SFSvp+OLGCUzW7IfFTjsfrh80oghMlJNa4UkMQJax9cswiwXh/wF2J
PyU8wiiiE3EjD3RYlm8TwHejYZ+aK/ejpoWnUIvyp3jdheZ8zxUcpsjFa6HLuK8j
/rnjSr3Bfmjbm0kH27wWzClYL+X6hloHwTQcPlzDwWKNIaef2p9tiqwvhsc+Z95q
n8/R85mHzz5jBJh4bIgVK/ODMRNXgBpMwb+/8oOohwA95mD3GIdvmv+AR9Tkk0Ay
tb0eiMdO+o3/tzNpRqKyBWVKJeib4klA5gf9D6Zp6x5DuOI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:14 2025 by rpki-client