Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/zX2I9L3-6ApNI8dtTa5xX2qZVtQ.roa
File: zX2I9L3-6ApNI8dtTa5xX2qZVtQ.roa (raw, json)
Hash identifier: 3KgM73l+BzgROPIBKu6MibfY2ODWjg7QFJKf6E5vTvs=
Subject key identifier: CD:7D:88:F4:BD:FE:E8:0A:4D:23:C7:6D:4D:AE:71:5F:6A:99:56:D4
Certificate issuer: /CN=74c7f8e91b81fe6487307c5226eb044f92396cea
Certificate serial: 018570303CEB775198B748C3ACF9DE982B66
Authority key identifier: 74:C7:F8:E9:1B:81:FE:64:87:30:7C:52:26:EB:04:4F:92:39:6C:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dMf46RuB_mSHMHxSJusET5I5bOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/zX2I9L3-6ApNI8dtTa5xX2qZVtQ.roa
Signing time: Mon 02 Jan 2023 01:54:47 +0000
ROA not before: Mon 02 Jan 2023 01:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12315
IP address blocks: 193.176.136.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:3c:eb:77:51:98:b7:48:c3:ac:f9:de:98:2b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74c7f8e91b81fe6487307c5226eb044f92396cea
Validity
Not Before: Jan 2 01:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd7d88f4bdfee80a4d23c76d4dae715f6a9956d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3e:82:7a:05:b4:75:3b:5a:de:9a:f9:52:8b:
12:fd:82:50:8c:e0:35:10:91:38:d6:95:25:65:4a:
b5:52:30:b4:f8:fe:30:89:10:90:6b:c6:83:41:2e:
8f:32:44:f9:05:32:8b:15:07:95:a3:9e:f6:e3:35:
2a:7f:cc:bb:45:9d:17:13:7a:c3:6b:7f:46:f3:2d:
52:7a:3a:48:69:f0:a7:34:41:4a:74:64:77:55:4e:
5a:ad:51:07:73:c7:ca:dd:bc:c8:61:a7:f3:37:60:
60:5e:d9:dc:2f:ce:54:2f:ed:86:9b:f7:41:f6:77:
3c:1f:77:f7:e3:03:8e:74:4d:9b:60:c0:46:df:de:
b9:83:a6:ed:4d:f9:b8:dd:d8:f8:41:ea:50:a9:e8:
fa:a5:11:cf:4d:91:db:d9:8d:50:17:22:e3:4f:19:
b1:f1:7e:da:60:af:00:3a:2c:48:a4:69:8d:a4:2a:
7a:4c:35:06:55:63:50:f0:14:4c:e9:b9:03:38:c4:
18:72:59:e7:35:c5:a8:fb:8b:e3:79:6b:b5:25:5a:
3d:8b:ac:b7:6c:58:1f:92:8e:20:b6:2f:10:f6:f1:
73:86:8f:92:d9:e6:37:f2:d3:66:cc:6c:fd:8f:2b:
79:07:03:3d:04:6f:52:e2:f5:b4:25:89:0c:7f:44:
e7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7D:88:F4:BD:FE:E8:0A:4D:23:C7:6D:4D:AE:71:5F:6A:99:56:D4
X509v3 Authority Key Identifier:
keyid:74:C7:F8:E9:1B:81:FE:64:87:30:7C:52:26:EB:04:4F:92:39:6C:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dMf46RuB_mSHMHxSJusET5I5bOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/zX2I9L3-6ApNI8dtTa5xX2qZVtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/dMf46RuB_mSHMHxSJusET5I5bOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.136.0/21
Signature Algorithm: sha256WithRSAEncryption
b3:0a:a6:61:19:55:27:0a:0c:3c:3b:e5:c4:a1:ce:38:ac:15:
1c:60:2a:02:77:05:93:c1:33:c3:2c:31:c2:29:c1:4c:6e:64:
d9:80:5f:b2:78:16:8c:a1:11:c9:19:9f:24:dc:b7:55:e7:54:
49:f8:85:8f:f1:5a:85:3f:cd:6f:a0:d7:d3:80:5a:20:d3:b8:
b2:a9:40:29:4e:48:cb:b3:a0:01:fc:90:8b:3a:71:b4:21:d7:
13:e3:af:37:2c:77:45:83:f6:4f:13:ee:34:03:2b:9a:30:96:
db:e1:5e:83:fa:8a:7b:58:1d:c3:1b:72:8a:a4:90:f7:43:f3:
79:6c:18:dc:72:e3:0b:f0:b5:df:ab:61:13:1a:76:1f:c9:b4:
46:46:bd:4d:22:b7:36:e8:36:5d:85:1d:03:dc:b2:1b:cf:ea:
c9:35:18:9b:e8:5d:11:41:a8:76:6d:96:ef:5d:69:8c:07:c5:
37:25:cf:bb:ce:b2:b0:35:da:b9:91:dc:cf:f9:fa:f3:fe:e7:
0c:47:fd:f8:e6:63:a1:2e:d1:26:b6:f7:dc:e5:44:3f:95:57:
64:15:86:d1:ea:f1:d3:cb:58:7c:d6:a9:70:40:51:72:23:94:
ae:8a:b8:6b:57:e8:24:07:c0:b6:f0:74:d9:1e:11:1b:89:76:
fe:38:f0:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMDzrd1GYt0jDrPnemCtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YzdmOGU5MWI4MWZlNjQ4NzMwN2M1MjI2ZWIwNDRmOTIz
OTZjZWEwHhcNMjMwMTAyMDE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdkODhmNGJkZmVlODBhNGQyM2M3NmQ0ZGFlNzE1ZjZhOTk1NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2D6CegW0dTta3pr5UosS/YJQjOA1
EJE41pUlZUq1UjC0+P4wiRCQa8aDQS6PMkT5BTKLFQeVo5724zUqf8y7RZ0XE3rD
a39G8y1SejpIafCnNEFKdGR3VU5arVEHc8fK3bzIYafzN2BgXtncL85UL+2Gm/dB
9nc8H3f34wOOdE2bYMBG3965g6btTfm43dj4QepQqej6pRHPTZHb2Y1QFyLjTxmx
8X7aYK8AOixIpGmNpCp6TDUGVWNQ8BRM6bkDOMQYclnnNcWo+4vjeWu1JVo9i6y3
bFgfko4gti8Q9vFzho+S2eY38tNmzGz9jyt5BwM9BG9S4vW0JYkMf0TnLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM19iPS9/ugKTSPHbU2ucV9qmVbUMB8GA1UdIwQY
MBaAFHTH+Okbgf5khzB8UibrBE+SOWzqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE1mNDZSdUJfbVNITUh4U0p1c0VUNUk1Yk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hOWM2YWMtZjlhMi00NDYyLThhYWEt
OGI2NGY3YzNhNzZlLzEvelgySTlMMy02QXBOSThkdFRhNXhYMnFaVnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hOWM2YWMtZjlhMi00NDYyLThhYWEtOGI2NGY3YzNhNzZl
LzEvZE1mNDZSdUJfbVNITUh4U0p1c0VUNUk1Yk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwbCIMA0G
CSqGSIb3DQEBCwUAA4IBAQCzCqZhGVUnCgw8O+XEoc44rBUcYCoCdwWTwTPDLDHC
KcFMbmTZgF+yeBaMoRHJGZ8k3LdV51RJ+IWP8VqFP81voNfTgFog07iyqUApTkjL
s6AB/JCLOnG0IdcT4683LHdFg/ZPE+40AyuaMJbb4V6D+op7WB3DG3KKpJD3Q/N5
bBjccuML8LXfq2ETGnYfybRGRr1NIrc26DZdhR0D3LIbz+rJNRib6F0RQah2bZbv
XWmMB8U3Jc+7zrKwNdq5kdzP+frz/ucMR/345mOhLtEmtvfc5UQ/lVdkFYbR6vHT
y1h81qlwQFFyI5SuirhrV+gkB8C28HTZHhEbiXb+OPBw
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:29 2025 by rpki-client