Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/P2BQb1g5EOHe7Y2rjvfPKOHS3Is.roa
File: P2BQb1g5EOHe7Y2rjvfPKOHS3Is.roa (raw, json)
Hash identifier: zQe1geh+IAkPPFlhncqfaBn30xMrMVh2V1TUVXuA1iE=
Subject key identifier: 3F:60:50:6F:58:39:10:E1:DE:ED:8D:AB:8E:F7:CF:28:E1:D2:DC:8B
Certificate issuer: /CN=80d67a84409cedba022eeb035bd8ad620d683ea7
Certificate serial: 01856D93FC59B72C294690FFACDF58C6CAAC
Authority key identifier: 80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/P2BQb1g5EOHe7Y2rjvfPKOHS3Is.roa
Signing time: Sun 01 Jan 2023 13:44:52 +0000
ROA not before: Sun 01 Jan 2023 13:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 193.242.97.0/24 maxlen: 24
2001:67c:18a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:fc:59:b7:2c:29:46:90:ff:ac:df:58:c6:ca:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80d67a84409cedba022eeb035bd8ad620d683ea7
Validity
Not Before: Jan 1 13:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f60506f583910e1deed8dab8ef7cf28e1d2dc8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:00:3f:78:41:e4:e4:83:d1:68:22:d8:15:81:
28:4f:8c:4a:c5:e9:a9:b4:bf:c6:9e:de:1f:e7:d3:
0c:1b:8a:c7:e6:bb:20:fc:cc:62:56:78:48:77:60:
86:3f:16:f3:da:02:b8:d8:85:de:64:a9:96:25:49:
ee:42:8b:3d:2c:01:61:05:1c:7f:ff:a3:75:7b:fb:
f6:ae:4e:af:f3:4f:8d:b9:c2:93:93:26:26:1e:8d:
7e:72:e5:2a:ee:42:80:e5:39:51:05:02:70:d7:e4:
d2:0d:e2:ac:43:eb:c3:6a:5a:1b:24:07:82:7f:7c:
47:c6:db:ae:89:50:14:8f:09:fb:96:8e:08:5c:30:
c2:95:05:7d:9e:ad:52:b3:bc:70:39:0a:d3:dd:1d:
09:48:30:b2:79:e4:2e:bc:82:ac:bf:8e:74:63:0b:
9a:f6:cd:1f:c6:72:af:ff:41:43:4c:ec:98:03:c4:
c5:f2:ce:02:da:55:8d:a7:02:f1:7d:0b:68:22:ab:
3d:9f:fe:82:7a:97:39:42:07:ef:f2:8a:eb:5e:77:
d9:8f:7a:3d:78:62:13:53:d3:aa:3c:42:92:fc:51:
16:b5:c2:ab:54:e8:b5:74:cd:e2:46:31:8a:38:3e:
96:47:c1:09:c2:e4:d1:f1:63:d5:45:fb:6a:1a:58:
ec:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:60:50:6F:58:39:10:E1:DE:ED:8D:AB:8E:F7:CF:28:E1:D2:DC:8B
X509v3 Authority Key Identifier:
keyid:80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/P2BQb1g5EOHe7Y2rjvfPKOHS3Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.97.0/24
IPv6:
2001:67c:18a0::/48
Signature Algorithm: sha256WithRSAEncryption
58:c9:6d:ee:03:97:5e:e8:49:ac:3b:6e:64:75:42:d6:20:0b:
63:5f:8c:29:75:3e:e3:0d:d4:01:15:c2:02:1b:5b:a3:34:ea:
df:74:2a:49:ce:c8:09:83:c6:59:06:52:07:68:de:55:b5:f9:
f9:d4:d6:d2:28:7f:ac:b3:21:63:39:20:93:4a:d9:00:43:a7:
28:22:41:f3:48:1b:86:c8:43:8e:ed:dd:e7:79:da:77:70:46:
a5:bb:b0:25:be:70:0a:a8:b7:fd:18:21:81:0d:3b:76:d5:1e:
27:a5:5d:f7:70:eb:15:51:6a:90:13:7f:20:06:3a:23:35:52:
fb:3b:36:e9:e4:f7:52:56:81:07:4d:2d:b0:53:db:13:65:9f:
60:38:32:91:1e:b7:4e:4a:a3:5c:db:0a:bf:3f:b2:cf:d9:85:
07:f9:f0:dd:98:d7:98:2a:00:c1:0d:db:a2:ff:be:75:39:0e:
fe:cb:e1:6c:85:2f:0b:d4:ed:d2:e5:86:48:0f:56:b2:96:ae:
c1:45:72:da:80:a6:b0:b6:97:81:92:23:b8:6e:11:f6:fb:bc:
c4:e8:63:4d:9a:2d:11:f2:d8:da:5c:b1:fb:c7:73:9d:2e:4b:
11:84:64:93:b2:52:d9:da:3b:b1:6c:fc:2d:49:ca:e0:e0:77:
5e:0d:47:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtk/xZtywpRpD/rN9YxsqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZDY3YTg0NDA5Y2VkYmEwMjJlZWIwMzViZDhhZDYyMGQ2
ODNlYTcwHhcNMjMwMTAxMTM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjYwNTA2ZjU4MzkxMGUxZGVlZDhkYWI4ZWY3Y2YyOGUxZDJkYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwA/eEHk5IPRaCLYFYEoT4xKxemp
tL/Gnt4f59MMG4rH5rsg/MxiVnhId2CGPxbz2gK42IXeZKmWJUnuQos9LAFhBRx/
/6N1e/v2rk6v80+NucKTkyYmHo1+cuUq7kKA5TlRBQJw1+TSDeKsQ+vDalobJAeC
f3xHxtuuiVAUjwn7lo4IXDDClQV9nq1Ss7xwOQrT3R0JSDCyeeQuvIKsv450Ywua
9s0fxnKv/0FDTOyYA8TF8s4C2lWNpwLxfQtoIqs9n/6Cepc5Qgfv8orrXnfZj3o9
eGITU9OqPEKS/FEWtcKrVOi1dM3iRjGKOD6WR8EJwuTR8WPVRftqGljs5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD9gUG9YORDh3u2Nq473zyjh0tyLMB8GA1UdIwQY
MBaAFIDWeoRAnO26Ai7rA1vYrWINaD6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xM2Q1MGItN2RiMy00ZDEwLThhNGUt
NmViM2FhNmEyMWFmLzEvUDJCUWIxZzVFT0hlN1kycmp2ZlBLT0hTM0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xM2Q1MGItN2RiMy00ZDEwLThhNGUtNmViM2FhNmEyMWFm
LzEvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwfJhMA8E
AgACMAkDBwAgAQZ8GKAwDQYJKoZIhvcNAQELBQADggEBAFjJbe4Dl17oSaw7bmR1
QtYgC2NfjCl1PuMN1AEVwgIbW6M06t90KknOyAmDxlkGUgdo3lW1+fnU1tIof6yz
IWM5IJNK2QBDpygiQfNIG4bIQ47t3ed52ndwRqW7sCW+cAqot/0YIYENO3bVHiel
Xfdw6xVRapATfyAGOiM1Uvs7Nunk91JWgQdNLbBT2xNln2A4MpEet05Ko1zbCr8/
ss/ZhQf58N2Y15gqAMEN26L/vnU5Dv7L4WyFLwvU7dLlhkgPVrKWrsFFctqAprC2
l4GSI7huEfb7vMToY02aLRHy2NpcsfvHc50uSxGEZJOyUtnaO7Fs/C1JyuDgd14N
R0c=
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:56:15 2025 by rpki-client