Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/a2unULWN2BQdgcP9fjKjYV6M-eM.roa
File: a2unULWN2BQdgcP9fjKjYV6M-eM.roa (raw, json)
Hash identifier: mc0jhgJ2E/+E54KEpFqcVCjmYhvcFl2eGFDIJt0k9S8=
Subject key identifier: 6B:6B:A7:50:B5:8D:D8:14:1D:81:C3:FD:7E:32:A3:61:5E:8C:F9:E3
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 0187E37DC3FBA714656599CCC3C67D793DA1
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/a2unULWN2BQdgcP9fjKjYV6M-eM.roa
Signing time: Wed 03 May 2023 21:21:22 +0000
ROA not before: Wed 03 May 2023 21:21:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56971
IP address blocks: 194.116.215.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
194.36.208.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e3:7d:c3:fb:a7:14:65:65:99:cc:c3:c6:7d:79:3d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: May 3 21:21:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b6ba750b58dd8141d81c3fd7e32a3615e8cf9e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a7:21:64:b7:1e:cd:2f:16:c5:69:d5:86:05:
43:9d:61:c1:59:b2:2a:73:b1:d2:4e:53:d6:18:bd:
c2:63:11:4b:6e:5e:5b:0b:12:fb:b0:c8:16:c6:34:
b6:3f:8e:17:95:00:90:06:0f:c9:be:27:ef:48:65:
86:b3:4d:04:12:b9:0a:f4:24:27:d1:85:b0:bc:5f:
c4:23:b9:fd:da:8f:7e:4e:f1:e5:81:6d:6b:f7:c3:
b2:5e:77:98:bb:1b:fc:aa:04:01:53:33:8b:52:d5:
7c:d2:01:9d:b6:5f:e9:4f:ab:f9:83:2c:61:12:90:
40:80:67:76:9a:b9:3f:70:4a:14:09:62:a3:bf:64:
bf:ad:07:8b:b2:72:3f:aa:d6:00:4b:d1:13:d1:8a:
d4:6f:43:1a:e8:56:a4:6a:21:ac:5a:50:8d:4a:ca:
fc:ad:59:9a:2c:50:dc:86:35:b4:d9:d0:80:3d:55:
73:5c:b9:9a:4e:fe:b3:93:33:8d:47:78:65:79:f0:
77:37:c3:58:e6:63:58:54:48:f4:8c:bd:8a:ec:79:
09:18:ea:fa:48:11:a6:d2:0a:98:7d:89:59:d2:6b:
06:c0:9d:f5:01:cb:7d:17:45:62:2a:74:4d:37:37:
45:ce:48:c1:83:1b:c4:dc:eb:f9:23:86:99:c4:96:
0d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6B:A7:50:B5:8D:D8:14:1D:81:C3:FD:7E:32:A3:61:5E:8C:F9:E3
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/a2unULWN2BQdgcP9fjKjYV6M-eM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
194.36.171.0/24
194.36.208.0/24
194.116.214.0/23
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
53:ab:6b:d1:ca:ab:9a:3f:d9:f0:98:11:89:4d:38:c2:23:f6:
d6:21:73:45:11:21:da:58:2a:e5:0b:f1:f3:ca:34:55:2b:59:
cb:f1:e2:3c:78:15:af:92:02:7c:f7:ee:45:f4:3f:56:c8:38:
30:80:2c:f4:24:2c:b8:7f:fd:1b:9d:11:e9:f9:d5:11:a2:12:
70:ae:4a:67:40:a7:58:ef:b1:04:5c:6b:b4:52:ca:10:16:d4:
85:97:ce:12:c7:d5:8d:1e:f0:84:ac:de:a9:f5:42:c7:98:38:
b5:73:04:d3:ad:14:93:a8:fc:70:ee:c2:48:2a:f8:da:55:99:
6b:10:d2:37:0e:38:15:df:2d:df:d6:80:be:1d:6f:6b:c0:f9:
c6:c2:31:c4:f8:8b:e1:65:90:a1:6e:68:10:77:49:41:16:01:
85:01:f8:ae:86:d2:50:53:0e:ae:f8:e4:9a:c9:42:a6:7c:44:
08:de:2d:f3:70:bf:78:d6:79:0b:bb:55:86:fe:42:7a:69:f1:
75:29:c5:1a:67:51:45:1b:c4:e1:ef:49:5a:a4:b7:20:fb:73:
ae:08:5c:f6:b6:43:d9:ac:34:8b:26:44:2a:a8:3b:da:51:89:
67:b3:99:7a:be:74:e7:58:5a:59:bf:f0:ea:33:18:63:3c:a7:
8a:7e:20:7b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYfjfcP7pxRlZZnMw8Z9eT2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjMwNTAzMjEyMTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZiYTc1MGI1OGRkODE0MWQ4MWMzZmQ3ZTMyYTM2MTVlOGNmOWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiachZLcezS8WxWnVhgVDnWHBWbIq
c7HSTlPWGL3CYxFLbl5bCxL7sMgWxjS2P44XlQCQBg/JvifvSGWGs00EErkK9CQn
0YWwvF/EI7n92o9+TvHlgW1r98OyXneYuxv8qgQBUzOLUtV80gGdtl/pT6v5gyxh
EpBAgGd2mrk/cEoUCWKjv2S/rQeLsnI/qtYAS9ET0YrUb0Ma6FakaiGsWlCNSsr8
rVmaLFDchjW02dCAPVVzXLmaTv6zkzONR3hlefB3N8NY5mNYVEj0jL2K7HkJGOr6
SBGm0gqYfYlZ0msGwJ31Act9F0ViKnRNNzdFzkjBgxvE3Ov5I4aZxJYNrwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGtrp1C1jdgUHYHD/X4yo2FejPnjMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvYTJ1blVMV04yQlFkZ2NQOWZqS2pZVjZNLWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAwbCZAwQA
wbCeAwQAwbCzAwQAwiSrAwQAwiTQAwQBwnTWAwQAwnh0MA0EAgACMAcDBQAqE3wA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTq2vRyquaP9nwmBGJTTjCI/bWIXNFESHaWCrl
C/HzyjRVK1nL8eI8eBWvkgJ89+5F9D9WyDgwgCz0JCy4f/0bnRHp+dURohJwrkpn
QKdY77EEXGu0UsoQFtSFl84Sx9WNHvCErN6p9ULHmDi1cwTTrRSTqPxw7sJIKvja
VZlrENI3DjgV3y3f1oC+HW9rwPnGwjHE+IvhZZChbmgQd0lBFgGFAfiuhtJQUw6u
+OSayUKmfEQI3i3zcL941nkLu1WG/kJ6afF1KcUaZ1FFG8Th70lapLcg+3OuCFz2
tkPZrDSLJkQqqDvaUYlns5l6vnTnWFpZv/DqMxhjPKeKfiB7
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:09:12 2025 by rpki-client