Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/z80s76c3mjienCeXXe7ZkXbCmEM.roa
File: z80s76c3mjienCeXXe7ZkXbCmEM.roa (raw, json)
Hash identifier: HjiVBp7IHJScvekVZTm6GTwzezU1s9MpiL9pCo3Ys/4=
Subject key identifier: CF:CD:2C:EF:A7:37:9A:38:9E:9C:27:97:5D:EE:D9:91:76:C2:98:43
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 01833C471A2C8CCF8D175B5C8FC74F28C7FC
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/z80s76c3mjienCeXXe7ZkXbCmEM.roa
Signing time: Wed 14 Sep 2022 13:53:56 +0000
ROA not before: Wed 14 Sep 2022 13:53:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3c:47:1a:2c:8c:cf:8d:17:5b:5c:8f:c7:4f:28:c7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Sep 14 13:53:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfcd2cefa7379a389e9c27975deed99176c29843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8e:be:d2:82:08:dc:31:59:17:46:ad:8a:e8:
90:64:a7:8f:fc:84:b8:89:a4:ab:24:ae:52:b3:14:
ec:e3:5e:48:91:e1:ac:69:35:59:b1:0b:6b:f1:04:
bf:26:67:93:31:42:6b:28:f5:01:ab:0c:12:f0:5a:
57:26:6d:b2:6f:20:62:7d:d1:aa:b1:bf:dc:e2:f0:
d0:a4:37:b7:16:7c:92:e3:e9:09:3e:20:68:0c:11:
fd:90:59:59:1a:f3:fb:a7:24:c6:49:f7:f9:19:9c:
99:bf:e9:3f:c3:6d:bb:90:15:83:1a:34:c8:42:91:
92:a7:a6:67:c7:af:14:0d:94:87:57:5d:0a:1c:c1:
f2:22:1c:32:b9:5d:24:5b:3b:f4:e1:9f:4c:c1:78:
35:16:09:07:b1:e2:51:6f:4a:2c:cf:e3:b8:d1:b4:
1b:e6:f1:40:74:e8:60:8d:4a:a1:d5:47:d6:9e:6e:
1e:cc:0b:31:c2:24:0e:b1:3f:d2:f8:e4:02:e5:56:
f0:f5:72:36:b6:af:6c:4d:b0:2b:98:06:dd:35:7c:
06:50:40:bb:f5:57:6b:c9:c0:53:27:32:be:77:ce:
a5:a7:c3:4d:28:66:a1:5b:ae:bf:e6:0a:7b:61:dc:
e4:4d:49:c4:24:e2:ae:62:6c:02:79:5c:67:8e:13:
3b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CD:2C:EF:A7:37:9A:38:9E:9C:27:97:5D:EE:D9:91:76:C2:98:43
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/z80s76c3mjienCeXXe7ZkXbCmEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d5:e6:cb:1d:da:50:8d:39:e6:2b:a0:0a:2f:b2:34:88:d3:
48:da:f9:dc:cf:b1:c5:c3:98:3e:e2:9a:3a:78:78:d6:99:80:
2b:36:59:fc:78:2c:40:98:8e:1a:d2:b0:68:e7:7d:59:da:0d:
1b:3a:da:c8:62:a0:c2:06:d1:bd:16:e6:70:a3:41:f6:76:03:
d7:1d:0e:30:ed:10:89:fc:f5:2d:58:59:6d:31:cd:5d:27:7f:
d9:79:10:bf:ec:8e:8a:88:ed:82:e9:43:38:4a:59:25:98:3c:
5e:86:e8:8b:42:18:5c:d7:3e:06:b0:1e:7e:19:3c:70:67:c5:
c5:66:d7:5b:7e:78:0e:1d:c4:bc:fe:0c:cd:af:29:18:55:b5:
f2:da:fd:00:d8:cd:17:55:bc:69:63:6c:a0:cf:fa:8a:65:60:
ce:72:85:70:34:f3:ff:34:bb:77:c5:35:36:a9:f7:2c:7b:fd:
4b:d3:f8:89:b1:5c:31:15:1c:a5:aa:ad:03:b2:3a:c8:6f:87:
eb:3d:79:ab:4d:b3:e9:4d:4d:3e:9c:d2:08:34:4b:ec:a6:8c:
3e:e1:5b:16:af:de:54:d6:ec:ac:26:74:0b:61:12:ea:bc:3d:
d1:d6:5c:d8:75:dd:3a:9c:e4:77:7a:54:71:f3:3d:51:e1:32:
65:10:0f:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM8RxosjM+NF1tcj8dPKMf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjIwOTE0MTM1MzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNkMmNlZmE3Mzc5YTM4OWU5YzI3OTc1ZGVlZDk5MTc2YzI5ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn46+0oII3DFZF0atiuiQZKeP/IS4
iaSrJK5SsxTs415IkeGsaTVZsQtr8QS/JmeTMUJrKPUBqwwS8FpXJm2ybyBifdGq
sb/c4vDQpDe3FnyS4+kJPiBoDBH9kFlZGvP7pyTGSff5GZyZv+k/w227kBWDGjTI
QpGSp6Znx68UDZSHV10KHMHyIhwyuV0kWzv04Z9MwXg1FgkHseJRb0osz+O40bQb
5vFAdOhgjUqh1UfWnm4ezAsxwiQOsT/S+OQC5Vbw9XI2tq9sTbArmAbdNXwGUEC7
9VdrycBTJzK+d86lp8NNKGahW66/5gp7YdzkTUnEJOKuYmwCeVxnjhM7jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/NLO+nN5o4npwnl13u2ZF2wphDMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvejgwczc2YzNtamllbkNlWFhlN1prWGJDbUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQAw1ebLHdpQjTnmK6AKL7I0iNNI2vncz7HFw5g+4po6
eHjWmYArNln8eCxAmI4a0rBo531Z2g0bOtrIYqDCBtG9FuZwo0H2dgPXHQ4w7RCJ
/PUtWFltMc1dJ3/ZeRC/7I6KiO2C6UM4SlklmDxehuiLQhhc1z4GsB5+GTxwZ8XF
ZtdbfngOHcS8/gzNrykYVbXy2v0A2M0XVbxpY2ygz/qKZWDOcoVwNPP/NLt3xTU2
qfcse/1L0/iJsVwxFRylqq0DsjrIb4frPXmrTbPpTU0+nNIINEvspow+4VsWr95U
1uysJnQLYRLqvD3R1lzYdd06nOR3elRx8z1R4TJlEA/c
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:48:04 2025 by rpki-client