Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/ZFae1z8Foq2BA3pBXitmmNIGZMk.roa
File: ZFae1z8Foq2BA3pBXitmmNIGZMk.roa (raw, json)
Hash identifier: tLgkK15/IJi8gFAjoDz9EWH6xWPN+hvIAkLw16VG4iM=
Subject key identifier: 64:56:9E:D7:3F:05:A2:AD:81:03:7A:41:5E:2B:66:98:D2:06:64:C9
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 01882BEC6ED662D3DBC117CEE4E00F7A9385
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/ZFae1z8Foq2BA3pBXitmmNIGZMk.roa
Signing time: Wed 17 May 2023 22:54:55 +0000
ROA not before: Wed 17 May 2023 22:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 51.199.252.0/23 maxlen: 24
51.199.254.0/23 maxlen: 24
2a06:5901:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2b:ec:6e:d6:62:d3:db:c1:17:ce:e4:e0:0f:7a:93:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: May 17 22:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64569ed73f05a2ad81037a415e2b6698d20664c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:20:7a:59:7c:7f:12:5b:94:ce:48:d9:7d:09:
75:a6:78:6f:81:4e:c7:f6:03:c3:7d:29:2a:c7:4d:
da:c7:82:fc:f2:13:df:ac:ab:2b:f7:1f:4f:42:07:
b6:58:5a:50:b8:ec:2b:c0:61:75:5e:cb:ae:8a:5e:
ae:76:80:23:88:49:e5:92:d7:b1:46:78:66:45:72:
86:f4:94:79:e6:cf:52:a5:8c:fe:82:9e:89:c5:06:
00:f3:7c:0b:6d:c4:cc:67:03:5b:51:8b:c3:ba:e4:
e7:b6:12:df:aa:91:7e:ca:47:29:e4:d0:fe:31:14:
0d:b5:ad:33:5b:d6:7f:e0:80:9f:af:72:52:b7:f3:
8d:e3:2d:e1:e0:e2:f7:4c:88:ec:4e:36:cf:0a:79:
0c:25:8b:fc:84:fa:09:41:c7:04:35:45:d7:d9:29:
00:26:3b:2b:9d:b4:19:7c:ab:16:1e:0e:3f:5e:32:
ac:56:1a:63:3d:ed:05:cd:a5:7b:a0:ff:2b:ee:ec:
2a:2c:07:cf:4e:f3:b2:28:9a:3f:8d:76:20:17:97:
d5:ec:02:98:ed:af:95:2a:3b:32:b8:45:2c:de:73:
7f:45:57:3e:23:d6:15:0a:49:16:71:d7:0a:c7:95:
4b:99:71:11:f2:0a:0d:1e:e1:11:7d:f7:f9:a9:92:
31:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:56:9E:D7:3F:05:A2:AD:81:03:7A:41:5E:2B:66:98:D2:06:64:C9
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/ZFae1z8Foq2BA3pBXitmmNIGZMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.199.252.0/22
IPv6:
2a06:5901:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:4f:42:ce:6e:d3:2c:98:e3:66:cf:c7:a4:65:fa:e7:08:3e:
7c:2b:57:7b:c5:73:02:6b:fd:de:1c:34:6e:49:96:d9:f4:26:
4d:81:5b:56:da:4e:56:8c:bc:3d:37:26:4d:97:9c:cf:13:81:
5f:af:ec:66:1b:b6:a6:ef:ab:83:a2:2b:64:3c:ff:b9:85:3e:
78:a8:6e:cf:e1:2e:28:bb:6c:33:ae:d3:eb:6f:50:75:23:4c:
70:ae:5d:4e:cb:67:9f:7f:26:ae:62:97:41:37:41:02:e2:f0:
b4:67:1c:1d:98:e3:b7:d2:bb:10:48:d0:60:1a:bb:c4:04:25:
92:79:83:72:c4:4d:2f:96:c8:1f:07:12:1f:bc:7d:3c:30:12:
b0:f2:a8:62:a7:8a:e0:52:17:83:bf:ce:5b:9e:12:c0:f2:5a:
bf:44:1b:4e:9b:6e:8b:5c:8f:35:2d:82:dd:09:17:b0:dd:7e:
85:6c:45:3c:a8:37:21:cc:94:af:6b:f2:8e:34:2c:86:32:74:
38:23:36:bb:85:71:a4:e3:aa:6c:94:16:29:2a:d2:10:c9:77:
ac:5e:5b:21:58:22:86:ed:8e:b9:ce:c0:50:a7:18:a5:06:bf:
76:b8:e7:ed:c9:e4:d1:70:9a:4e:f9:ee:fd:ef:1c:1f:74:97:
68:b5:29:96
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYgr7G7WYtPbwRfO5OAPepOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjMwNTE3MjI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU2OWVkNzNmMDVhMmFkODEwMzdhNDE1ZTJiNjY5OGQyMDY2NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiB6WXx/EluUzkjZfQl1pnhvgU7H
9gPDfSkqx03ax4L88hPfrKsr9x9PQge2WFpQuOwrwGF1Xsuuil6udoAjiEnlktex
RnhmRXKG9JR55s9SpYz+gp6JxQYA83wLbcTMZwNbUYvDuuTnthLfqpF+ykcp5ND+
MRQNta0zW9Z/4ICfr3JSt/ON4y3h4OL3TIjsTjbPCnkMJYv8hPoJQccENUXX2SkA
JjsrnbQZfKsWHg4/XjKsVhpjPe0FzaV7oP8r7uwqLAfPTvOyKJo/jXYgF5fV7AKY
7a+VKjsyuEUs3nN/RVc+I9YVCkkWcdcKx5VLmXER8goNHuERfff5qZIxCwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGRWntc/BaKtgQN6QV4rZpjSBmTJMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvWkZhZTF6OEZvcTJCQTNwQlhpdG1tTklHWk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCM8f8MA4E
AgACMAgDBgAqBlkBgDANBgkqhkiG9w0BAQsFAAOCAQEAt09Czm7TLJjjZs/HpGX6
5wg+fCtXe8VzAmv93hw0bkmW2fQmTYFbVtpOVoy8PTcmTZeczxOBX6/sZhu2pu+r
g6IrZDz/uYU+eKhuz+EuKLtsM67T629QdSNMcK5dTstnn38mrmKXQTdBAuLwtGcc
HZjjt9K7EEjQYBq7xAQlknmDcsRNL5bIHwcSH7x9PDASsPKoYqeK4FIXg7/OW54S
wPJav0QbTptui1yPNS2C3QkXsN1+hWxFPKg3IcyUr2vyjjQshjJ0OCM2u4VxpOOq
bJQWKSrSEMl3rF5bIVgihu2Ouc7AUKcYpQa/drjn7cnk0XCaTvnu/e8cH3SXaLUp
lg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:18:24 2025 by rpki-client