Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/a8zcxKgAzEhkUvcfXS8UZUKjig4.roa
File: a8zcxKgAzEhkUvcfXS8UZUKjig4.roa (raw, json)
Hash identifier: 28wcBBzZ8ZZdyHM6IZsUfPgmw46O9csJVLe1ZWwtPPM=
Subject key identifier: 6B:CC:DC:C4:A8:00:CC:48:64:52:F7:1F:5D:2F:14:65:42:A3:8A:0E
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018BA91612C9EB88DE4D273D5FE2155EEDBD
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/a8zcxKgAzEhkUvcfXS8UZUKjig4.roa
Signing time: Tue 07 Nov 2023 09:21:17 +0000
ROA not before: Tue 07 Nov 2023 09:21:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 149.238.32.0/19 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
2a13:cb40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:16:12:c9:eb:88:de:4d:27:3d:5f:e2:15:5e:ed:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Nov 7 09:21:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bccdcc4a800cc486452f71f5d2f146542a38a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:32:40:48:5f:d8:5d:9b:77:a8:6c:51:ee:47:
eb:a2:4c:c9:c1:89:c2:b6:a5:ad:92:12:c5:1f:43:
d8:9e:ed:29:f7:c4:4d:63:86:cb:da:77:ca:6a:d0:
ed:93:7b:0f:52:ed:70:a3:3b:04:74:fb:49:4d:61:
41:65:e5:a5:c6:38:c1:44:84:8b:76:7a:1b:2f:e6:
38:dd:7c:e5:a1:f2:58:b9:f0:83:37:72:3b:e0:be:
25:6b:3a:c4:3b:47:40:65:ac:ce:c0:62:9d:3c:c9:
e4:0c:df:7f:0a:a1:d3:70:1b:d3:96:22:13:fa:3e:
62:47:41:e9:94:5e:91:3e:25:35:d3:0c:7a:27:d6:
db:14:20:f5:3c:e6:d4:4c:00:9d:9f:c0:ba:58:5d:
2b:87:28:80:02:42:e0:7c:f4:74:1f:87:9a:36:0c:
5c:37:d4:8f:8f:3a:43:b3:e8:90:ad:1f:a5:62:44:
79:66:f6:3b:5b:54:ea:ad:c5:dc:3a:45:86:0d:d3:
c8:a2:b2:15:cb:4a:01:ad:a7:85:5e:e4:b5:c0:a5:
68:5f:23:ab:92:89:f0:19:35:a3:c0:67:93:bd:ed:
cd:64:78:87:50:d7:f6:e3:53:3e:9e:52:04:76:32:
37:c5:60:d4:3b:55:5f:d0:09:f7:f6:b9:91:31:c1:
dc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:CC:DC:C4:A8:00:CC:48:64:52:F7:1F:5D:2F:14:65:42:A3:8A:0E
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/a8zcxKgAzEhkUvcfXS8UZUKjig4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0-149.238.191.255
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
57:9b:9f:b3:0c:8d:7a:6e:99:e0:e3:11:76:d0:3f:a3:d0:04:
c8:ba:19:9f:e7:43:f6:38:45:26:80:0b:26:86:e9:7c:7f:bb:
a4:95:8f:15:b6:1a:56:a8:b7:f1:b1:c5:5f:28:90:a3:e2:7d:
28:ca:b1:74:b8:1e:64:54:0a:1f:80:62:60:b0:77:a1:bb:4f:
97:f1:a9:a6:ac:a0:4d:9a:e2:ab:16:ec:34:cb:d9:7a:a8:90:
0c:75:fe:1d:07:a1:67:53:e1:15:2d:2b:92:39:ee:2c:d0:e2:
38:af:7b:93:4a:3c:ea:6a:c5:20:01:80:57:4f:65:26:57:3e:
84:ca:4f:62:b8:40:f5:46:5d:c1:46:a9:a3:7b:3a:bc:f9:d2:
16:da:ae:e2:6a:13:f9:77:72:7d:3c:6a:af:de:d8:d8:eb:89:
1e:e2:55:74:73:28:f0:79:2e:25:31:93:09:b2:65:37:30:55:
65:b6:87:4c:39:17:65:21:70:37:d4:e3:f2:89:b3:95:4e:55:
76:f1:6a:f2:05:c7:6b:65:dc:be:75:a9:19:64:1c:39:38:09:
b4:ec:9e:42:ae:9c:bb:fe:29:1d:35:21:e9:ee:8a:23:05:38:
e5:3e:09:c8:bb:52:67:ff:f9:da:65:81:81:89:6c:b7:52:04:
53:89:2f:26
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYupFhLJ64jeTSc9X+IVXu29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMTA3MDkyMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmNjZGNjNGE4MDBjYzQ4NjQ1MmY3MWY1ZDJmMTQ2NTQyYTM4YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTJASF/YXZt3qGxR7kfrokzJwYnC
tqWtkhLFH0PYnu0p98RNY4bL2nfKatDtk3sPUu1wozsEdPtJTWFBZeWlxjjBRISL
dnobL+Y43XzlofJYufCDN3I74L4lazrEO0dAZazOwGKdPMnkDN9/CqHTcBvTliIT
+j5iR0HplF6RPiU10wx6J9bbFCD1PObUTACdn8C6WF0rhyiAAkLgfPR0H4eaNgxc
N9SPjzpDs+iQrR+lYkR5ZvY7W1TqrcXcOkWGDdPIorIVy0oBraeFXuS1wKVoXyOr
konwGTWjwGeTve3NZHiHUNf241M+nlIEdjI3xWDUO1Vf0An39rmRMcHc8wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGvM3MSoAMxIZFL3H10vFGVCo4oOMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvYTh6Y3hLZ0F6RWhrVXZjZlhTOFVaVUtqaWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwGV7gME
BpXugDANBAIAAjAHAwUDKhPLQDANBgkqhkiG9w0BAQsFAAOCAQEAV5ufswyNem6Z
4OMRdtA/o9AEyLoZn+dD9jhFJoALJobpfH+7pJWPFbYaVqi38bHFXyiQo+J9KMqx
dLgeZFQKH4BiYLB3obtPl/GppqygTZriqxbsNMvZeqiQDHX+HQehZ1PhFS0rkjnu
LNDiOK97k0o86mrFIAGAV09lJlc+hMpPYrhA9UZdwUapo3s6vPnSFtqu4moT+Xdy
fTxqr97Y2OuJHuJVdHMo8HkuJTGTCbJlNzBVZbaHTDkXZSFwN9Tj8omzlU5VdvFq
8gXHa2XcvnWpGWQcOTgJtOyeQq6cu/4pHTUh6e6KIwU45T4JyLtSZ//52mWBgYls
t1IEU4kvJg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:41:55 2025 by rpki-client