Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/zuRJLuN8FDCsMuumb-VtaZ-cJLc.roa
File: zuRJLuN8FDCsMuumb-VtaZ-cJLc.roa (raw, json)
Hash identifier: p6DjL9dDVT3wXZuFFoYKOvjcGCcdslWDsHqdzc9bgMw=
Subject key identifier: CE:E4:49:2E:E3:7C:14:30:AC:32:EB:A6:6F:E5:6D:69:9F:9C:24:B7
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 0189E62B84493B93A8D6AAAB1362F3E2A5BF
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/zuRJLuN8FDCsMuumb-VtaZ-cJLc.roa
Signing time: Fri 11 Aug 2023 19:55:58 +0000
ROA not before: Fri 11 Aug 2023 19:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206728
IP address blocks: 217.196.103.0/24 maxlen: 24
217.196.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e6:2b:84:49:3b:93:a8:d6:aa:ab:13:62:f3:e2:a5:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Aug 11 19:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cee4492ee37c1430ac32eba66fe56d699f9c24b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a3:d0:32:45:da:1c:c6:c1:b8:a2:89:b0:f3:
49:25:27:8c:f3:bf:8d:ae:9e:ff:aa:3b:69:85:d4:
07:10:ac:bb:13:fe:fc:f8:10:ad:63:27:83:0e:1a:
1a:25:e0:cc:5e:a4:17:de:d5:ed:b9:b9:b5:ec:44:
f4:de:a2:a4:3c:3c:7c:d9:31:6d:50:f6:ce:10:ad:
97:fc:5c:45:95:3b:1c:d6:13:14:3d:0a:7d:54:cb:
66:4d:fc:01:ed:97:71:aa:f7:e3:f6:6e:e9:e0:9b:
45:95:6c:ff:e5:43:0b:d0:52:37:28:41:51:62:65:
cb:b9:5a:53:b4:1f:1b:8b:7f:8a:86:7f:86:9b:2f:
95:bc:c2:cd:4d:bf:a8:da:68:ad:9d:d6:f9:50:b6:
1e:f5:36:7e:2a:21:5d:08:17:5a:1c:23:51:a3:b2:
51:cd:47:cd:86:a6:4b:94:24:e5:03:19:50:46:8c:
57:8f:36:00:83:e9:6f:28:97:e2:2b:49:62:f0:79:
da:3e:bb:4e:ad:b9:cf:cc:58:3e:75:10:10:02:b5:
f0:f2:af:59:c2:95:f1:8d:5c:3d:b9:a4:f2:a6:85:
27:fb:84:0c:be:ad:4e:6f:fa:5e:ae:7a:80:55:4f:
61:e3:bf:81:45:cb:70:7e:de:5b:fa:30:0a:4f:6b:
fa:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E4:49:2E:E3:7C:14:30:AC:32:EB:A6:6F:E5:6D:69:9F:9C:24:B7
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/zuRJLuN8FDCsMuumb-VtaZ-cJLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.102.0/23
Signature Algorithm: sha256WithRSAEncryption
87:a6:d8:9f:f7:f6:66:8c:ce:d6:3e:f5:99:af:bf:f3:67:f8:
af:ee:44:7f:f7:2d:e8:dc:36:ef:9f:ee:05:80:95:36:e3:68:
7c:cd:21:0b:ea:8b:8e:63:bd:9a:48:b8:54:a6:64:7f:7b:cf:
73:7f:6a:ca:79:21:ae:1f:c6:12:ae:ed:5d:67:7a:d4:5c:4d:
c0:68:2a:60:a5:17:db:b3:f6:0a:89:f7:57:be:00:17:73:80:
4f:c6:54:e7:71:91:39:bc:b3:e6:32:cb:98:5e:12:d4:0a:e5:
c4:2f:11:32:1f:0d:56:9e:dd:d7:6e:5e:3a:da:97:90:e5:df:
0a:36:2a:67:2e:ca:7d:4b:06:58:73:9f:3f:43:bf:40:9e:b4:
eb:79:f4:8e:fd:ec:d9:64:a4:3a:7b:51:e5:2e:af:93:16:54:
8d:42:bd:ad:0f:32:29:b5:be:38:49:04:13:e4:63:0e:b8:69:
47:ba:cf:95:ac:94:25:2b:d4:51:20:2b:59:06:03:4b:7a:4c:
76:fe:a7:68:d4:b0:43:ee:a6:c8:86:a5:72:b9:1e:f3:c6:da:
b8:71:51:fb:8f:6c:c3:c5:09:94:74:46:e8:54:2b:7c:df:ff:
1e:8b:04:1d:fe:63:8f:d7:65:61:e2:a4:07:44:d1:4d:a5:08:
86:4c:e6:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnmK4RJO5Oo1qqrE2Lz4qW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjMwODExMTk1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWU0NDkyZWUzN2MxNDMwYWMzMmViYTY2ZmU1NmQ2OTlmOWMyNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaPQMkXaHMbBuKKJsPNJJSeM87+N
rp7/qjtphdQHEKy7E/78+BCtYyeDDhoaJeDMXqQX3tXtubm17ET03qKkPDx82TFt
UPbOEK2X/FxFlTsc1hMUPQp9VMtmTfwB7Zdxqvfj9m7p4JtFlWz/5UML0FI3KEFR
YmXLuVpTtB8bi3+Khn+Gmy+VvMLNTb+o2mitndb5ULYe9TZ+KiFdCBdaHCNRo7JR
zUfNhqZLlCTlAxlQRoxXjzYAg+lvKJfiK0li8HnaPrtOrbnPzFg+dRAQArXw8q9Z
wpXxjVw9uaTypoUn+4QMvq1Ob/pernqAVU9h47+BRctwft5b+jAKT2v6HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7kSS7jfBQwrDLrpm/lbWmfnCS3MB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvenVSSkx1TjhGRENzTXV1bWItVnRhWi1jSkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2cRmMA0G
CSqGSIb3DQEBCwUAA4IBAQCHptif9/ZmjM7WPvWZr7/zZ/iv7kR/9y3o3Dbvn+4F
gJU242h8zSEL6ouOY72aSLhUpmR/e89zf2rKeSGuH8YSru1dZ3rUXE3AaCpgpRfb
s/YKifdXvgAXc4BPxlTncZE5vLPmMsuYXhLUCuXELxEyHw1Wnt3Xbl462peQ5d8K
NipnLsp9SwZYc58/Q79AnrTrefSO/ezZZKQ6e1HlLq+TFlSNQr2tDzIptb44SQQT
5GMOuGlHus+VrJQlK9RRICtZBgNLekx2/qdo1LBD7qbIhqVyuR7zxtq4cVH7j2zD
xQmUdEboVCt83/8eiwQd/mOP12Vh4qQHRNFNpQiGTObs
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:11:40 2025 by rpki-client