Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/cbd362-7694-4183-915d-8f4f291b23b6/1/ZBmsY9diFfEjUL0vP47Sc5Xuxmc.roa
File: ZBmsY9diFfEjUL0vP47Sc5Xuxmc.roa (raw, json)
Hash identifier: rfR76GlNkAVWtCMK43zfimRVUyBAXIipmSvyca5MrpI=
Subject key identifier: 64:19:AC:63:D7:62:15:F1:23:50:BD:2F:3F:8E:D2:73:95:EE:C6:67
Certificate issuer: /CN=3f296fe945a23180753f67f7748e6f299d2e672a
Certificate serial: 01857142DFDAB9A69940B00D447F4461A828
Authority key identifier: 3F:29:6F:E9:45:A2:31:80:75:3F:67:F7:74:8E:6F:29:9D:2E:67:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pylv6UWiMYB1P2f3dI5vKZ0uZyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/cbd362-7694-4183-915d-8f4f291b23b6/1/ZBmsY9diFfEjUL0vP47Sc5Xuxmc.roa
Signing time: Mon 02 Jan 2023 06:54:46 +0000
ROA not before: Mon 02 Jan 2023 06:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205826
IP address blocks: 193.19.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:df:da:b9:a6:99:40:b0:0d:44:7f:44:61:a8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f296fe945a23180753f67f7748e6f299d2e672a
Validity
Not Before: Jan 2 06:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6419ac63d76215f12350bd2f3f8ed27395eec667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:46:85:3b:f5:15:ea:51:a4:06:57:b0:e7:56:
a3:76:73:0c:20:64:d6:29:69:88:87:02:df:f5:71:
82:e6:a5:2b:2f:ea:6e:3b:7b:a7:27:66:b2:71:19:
d8:03:53:56:16:37:84:09:ce:df:7e:53:81:01:a6:
ca:52:d1:14:99:c4:32:e6:d4:b7:34:35:6c:a7:9d:
6a:9b:7e:06:a1:9c:98:a3:64:12:ef:2f:97:17:98:
ce:06:56:3d:73:4a:fa:4b:24:88:06:d4:f3:3f:14:
db:19:89:82:a3:8b:6e:69:e5:04:bf:5b:e1:cd:51:
f3:25:67:c6:61:0f:ea:0f:06:30:57:67:3f:22:b5:
8e:ff:e3:b8:a9:37:da:3f:fc:3c:8d:07:fb:e5:06:
d0:88:6c:32:c3:77:b3:cf:6a:9a:d2:33:cd:76:67:
d6:10:79:18:82:9d:da:0a:56:b6:0d:e3:6a:ce:77:
cb:60:18:6a:2e:c0:0b:a7:1e:6c:50:4a:d2:03:cb:
d0:9e:b2:e9:65:c6:b6:dd:91:a8:fd:d2:d2:22:40:
d2:7e:56:33:a0:5b:85:e9:f4:3f:b4:ba:ce:fa:f9:
cd:5e:e2:b1:9c:47:12:59:4b:f9:60:b2:85:1a:79:
a0:fe:65:c4:92:9a:c3:ba:c4:3f:d8:d1:ce:4d:51:
f9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:19:AC:63:D7:62:15:F1:23:50:BD:2F:3F:8E:D2:73:95:EE:C6:67
X509v3 Authority Key Identifier:
keyid:3F:29:6F:E9:45:A2:31:80:75:3F:67:F7:74:8E:6F:29:9D:2E:67:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pylv6UWiMYB1P2f3dI5vKZ0uZyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cbd362-7694-4183-915d-8f4f291b23b6/1/ZBmsY9diFfEjUL0vP47Sc5Xuxmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cbd362-7694-4183-915d-8f4f291b23b6/1/Pylv6UWiMYB1P2f3dI5vKZ0uZyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.188.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:1d:83:59:2a:4f:6a:09:ae:43:b7:f4:97:ed:8e:54:00:51:
6c:1a:5d:66:1c:eb:96:94:22:b8:84:11:d4:77:40:a4:0d:78:
49:ad:d5:b9:e9:53:0a:e4:ac:86:54:e0:5f:6f:eb:29:6d:0c:
bc:6f:f8:a7:1a:38:44:6c:c6:29:f6:25:0c:fa:b5:1e:4f:f9:
f3:95:bc:26:67:84:65:5d:7c:af:e8:be:35:e2:68:1a:cd:9f:
88:75:fe:3e:c0:d9:3e:6b:0b:8d:6d:8d:df:d2:86:84:d1:35:
dc:34:96:ef:08:28:ba:e6:73:a3:e8:10:11:d9:9a:5d:55:d7:
3c:a6:7c:76:a4:1f:81:8e:e1:19:ad:a2:9f:ec:84:70:f5:51:
ce:02:e0:3c:60:e8:10:20:e3:9a:01:2e:45:64:a9:fa:87:c4:
c2:ea:9b:82:5b:c0:98:53:fe:d2:19:f9:0b:1a:85:c3:31:a4:
cf:f6:a4:4e:02:5e:5a:6e:fc:54:b4:a5:90:60:4e:20:f1:82:
4c:35:69:ae:19:1c:8d:bb:ea:1e:9c:cf:fb:95:d0:5a:30:53:
d5:d9:67:1a:bf:55:59:3d:26:0b:e0:81:d4:7b:89:08:99:08:
90:94:f3:ad:b7:06:b9:8a:9a:e7:ca:75:13:92:62:a2:f0:bf:
6f:01:95:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxQt/auaaZQLANRH9EYagoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjk2ZmU5NDVhMjMxODA3NTNmNjdmNzc0OGU2ZjI5OWQy
ZTY3MmEwHhcNMjMwMTAyMDY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDE5YWM2M2Q3NjIxNWYxMjM1MGJkMmYzZjhlZDI3Mzk1ZWVjNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUaFO/UV6lGkBlew51ajdnMMIGTW
KWmIhwLf9XGC5qUrL+puO3unJ2aycRnYA1NWFjeECc7fflOBAabKUtEUmcQy5tS3
NDVsp51qm34GoZyYo2QS7y+XF5jOBlY9c0r6SySIBtTzPxTbGYmCo4tuaeUEv1vh
zVHzJWfGYQ/qDwYwV2c/IrWO/+O4qTfaP/w8jQf75QbQiGwyw3ezz2qa0jPNdmfW
EHkYgp3aCla2DeNqznfLYBhqLsALpx5sUErSA8vQnrLpZca23ZGo/dLSIkDSflYz
oFuF6fQ/tLrO+vnNXuKxnEcSWUv5YLKFGnmg/mXEkprDusQ/2NHOTVH57QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQZrGPXYhXxI1C9Lz+O0nOV7sZnMB8GA1UdIwQY
MBaAFD8pb+lFojGAdT9n93SObymdLmcqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlsdjZVV2lNWUIxUDJmM2RJNXZLWjB1WnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jYmQzNjItNzY5NC00MTgzLTkxNWQt
OGY0ZjI5MWIyM2I2LzEvWkJtc1k5ZGlGZkVqVUwwdlA0N1NjNVh1eG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jYmQzNjItNzY5NC00MTgzLTkxNWQtOGY0ZjI5MWIyM2I2
LzEvUHlsdjZVV2lNWUIxUDJmM2RJNXZLWjB1WnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRO8MA0G
CSqGSIb3DQEBCwUAA4IBAQAPHYNZKk9qCa5Dt/SX7Y5UAFFsGl1mHOuWlCK4hBHU
d0CkDXhJrdW56VMK5KyGVOBfb+spbQy8b/inGjhEbMYp9iUM+rUeT/nzlbwmZ4Rl
XXyv6L414mgazZ+Idf4+wNk+awuNbY3f0oaE0TXcNJbvCCi65nOj6BAR2ZpdVdc8
pnx2pB+BjuEZraKf7IRw9VHOAuA8YOgQIOOaAS5FZKn6h8TC6puCW8CYU/7SGfkL
GoXDMaTP9qROAl5abvxUtKWQYE4g8YJMNWmuGRyNu+oenM/7ldBaMFPV2Wcav1VZ
PSYL4IHUe4kImQiQlPOttwa5iprnynUTkmKi8L9vAZV3
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:24:16 2025 by rpki-client