Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/2FsBMck9e2uki1FaBuHuRWWY0lc.roa
File: 2FsBMck9e2uki1FaBuHuRWWY0lc.roa (raw, json)
Hash identifier: CNag8zmTvvhAjWC2qR8Des8kc9bVYUHH4lNetupqR5s=
Subject key identifier: D8:5B:01:31:C9:3D:7B:6B:A4:8B:51:5A:06:E1:EE:45:65:98:D2:57
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 01856DDD4F0FE3CD265940E994A3BB79BFD7
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/2FsBMck9e2uki1FaBuHuRWWY0lc.roa
Signing time: Sun 01 Jan 2023 15:04:58 +0000
ROA not before: Sun 01 Jan 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 193.58.222.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:4f:0f:e3:cd:26:59:40:e9:94:a3:bb:79:bf:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 1 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d85b0131c93d7b6ba48b515a06e1ee456598d257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7c:8f:ec:0a:a4:5b:e8:ac:4b:a5:12:ba:37:
2e:40:11:2a:e2:c8:1a:b5:6c:5d:2f:ae:47:08:80:
ec:94:35:a5:7f:6d:be:d5:6c:8f:82:9a:b9:54:3b:
28:9a:4e:41:94:e1:a8:27:53:32:76:9a:ee:52:90:
e9:7a:1b:69:1e:b0:68:2a:49:30:c6:eb:24:6a:3e:
9d:9e:0e:98:7b:7a:da:ff:89:41:4f:38:65:4d:cb:
79:4f:ca:38:79:5f:81:f9:ee:e2:b4:4c:9e:77:76:
dc:c9:14:b5:9d:03:38:40:98:53:af:c9:ae:fe:ad:
45:66:52:07:fd:69:01:86:a0:9d:90:c4:b3:7e:c7:
28:3a:76:32:ba:54:79:ef:a2:6d:b4:39:67:c8:b8:
50:46:0e:14:dd:0d:3e:c4:89:23:ca:14:9a:f1:8d:
e7:d9:a0:02:30:7a:d6:0a:1d:0c:c0:44:df:a2:8c:
17:a8:a3:75:69:ee:ed:f6:20:64:b8:73:20:8b:71:
17:ae:de:77:d6:1d:98:35:8f:b9:59:bc:4f:1a:a3:
e9:f7:e1:42:bd:45:d0:93:ca:08:a7:0d:c5:74:33:
5c:6a:7e:54:86:eb:07:27:66:b7:0e:e0:76:84:be:
b2:84:2e:48:a7:42:0f:44:00:ef:eb:f5:8f:36:45:
92:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5B:01:31:C9:3D:7B:6B:A4:8B:51:5A:06:E1:EE:45:65:98:D2:57
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/2FsBMck9e2uki1FaBuHuRWWY0lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.222.0/23
Signature Algorithm: sha256WithRSAEncryption
73:f6:20:8f:d4:fa:af:ed:19:35:47:34:03:48:1b:0e:4f:37:
a7:9f:70:4f:b1:08:9f:96:8f:48:95:8e:8a:95:34:fc:36:9d:
eb:b2:cb:8e:cb:d2:6e:c8:58:33:b3:72:14:ae:35:c8:fa:e1:
fe:06:a7:2b:0f:fe:98:1a:a0:e3:2d:3d:8e:b1:6c:11:57:e4:
ed:3b:ad:76:0e:9e:96:b7:09:c8:a1:f9:a8:90:c3:73:b3:74:
99:bd:8e:bd:90:b5:d3:6a:78:53:f3:94:56:da:6d:e0:da:0b:
89:63:b9:11:f6:48:6e:7f:80:2a:27:23:20:09:a7:af:cd:d2:
ea:29:ab:19:26:ed:74:8e:a9:a8:0d:fb:81:e7:b5:e1:37:4a:
c6:7b:28:40:cf:5d:2a:3e:64:c9:42:d8:84:bd:4f:4f:63:ad:
ac:6d:93:b2:90:00:7f:43:cf:d8:36:e5:f1:f9:d6:e4:96:ff:
bf:79:05:e1:79:65:08:27:f9:ea:31:79:5e:96:ab:57:2c:8e:
98:46:ce:e3:59:0f:d7:1c:3c:c5:32:89:5d:85:2b:9f:40:29:
e3:60:4b:be:81:ba:40:70:3e:fb:54:b5:12:99:55:7b:ff:8c:
c5:ba:82:9d:cc:88:17:7b:26:ac:94:8f:f5:cd:25:99:df:0e:
34:50:43:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3U8P480mWUDplKO7eb/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjMwMTAxMTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODViMDEzMWM5M2Q3YjZiYTQ4YjUxNWEwNmUxZWU0NTY1OThkMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHyP7AqkW+isS6USujcuQBEq4sga
tWxdL65HCIDslDWlf22+1WyPgpq5VDsomk5BlOGoJ1MydpruUpDpehtpHrBoKkkw
xuskaj6dng6Ye3ra/4lBTzhlTct5T8o4eV+B+e7itEyed3bcyRS1nQM4QJhTr8mu
/q1FZlIH/WkBhqCdkMSzfscoOnYyulR576JttDlnyLhQRg4U3Q0+xIkjyhSa8Y3n
2aACMHrWCh0MwETfoowXqKN1ae7t9iBkuHMgi3EXrt531h2YNY+5WbxPGqPp9+FC
vUXQk8oIpw3FdDNcan5UhusHJ2a3DuB2hL6yhC5Ip0IPRADv6/WPNkWSswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhbATHJPXtrpItRWgbh7kVlmNJXMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvMkZzQk1jazllMnVraTFGYUJ1SHVSV1dZMGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwTreMA0G
CSqGSIb3DQEBCwUAA4IBAQBz9iCP1Pqv7Rk1RzQDSBsOTzenn3BPsQiflo9IlY6K
lTT8Np3rssuOy9JuyFgzs3IUrjXI+uH+BqcrD/6YGqDjLT2OsWwRV+TtO612Dp6W
twnIofmokMNzs3SZvY69kLXTanhT85RW2m3g2guJY7kR9khuf4AqJyMgCaevzdLq
KasZJu10jqmoDfuB57XhN0rGeyhAz10qPmTJQtiEvU9PY62sbZOykAB/Q8/YNuXx
+dbklv+/eQXheWUIJ/nqMXlelqtXLI6YRs7jWQ/XHDzFMoldhSufQCnjYEu+gbpA
cD77VLUSmVV7/4zFuoKdzIgXeyaslI/1zSWZ3w40UENh
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:20:16 2025 by rpki-client