Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/1-ZQ5eWzEvqgXvFgBO3u6KwkU0iY.roa
File: 1-ZQ5eWzEvqgXvFgBO3u6KwkU0iY.roa (raw, json)
Hash identifier: OeDoOMpKXf6xy1AI5aHqB1v1yYxpHuPkT45Ozkc7evM=
Subject key identifier: F9:94:39:79:6C:C4:BE:A8:17:BC:58:01:3B:7B:BA:2B:09:14:D2:26
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018CA6CA346248100EECBC68A205A3E44C05
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/1-ZQ5eWzEvqgXvFgBO3u6KwkU0iY.roa
Signing time: Tue 26 Dec 2023 15:41:58 +0000
ROA not before: Tue 26 Dec 2023 15:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 82.206.32.0/21 maxlen: 24
82.206.40.0/21 maxlen: 24
82.206.48.0/21 maxlen: 24
82.206.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:ca:34:62:48:10:0e:ec:bc:68:a2:05:a3:e4:4c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Dec 26 15:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f99439796cc4bea817bc58013b7bba2b0914d226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:85:27:f5:47:6b:a8:3e:bd:52:71:21:bc:
8b:f4:20:7b:df:ce:2e:30:f5:da:b2:73:25:a1:56:
27:74:b3:2f:e7:85:5d:1c:1a:30:7a:cc:29:21:05:
b0:e0:f0:bc:8d:3d:dc:bf:a8:47:a3:6e:70:71:be:
62:d1:cf:52:dc:29:7b:5e:3b:3d:3b:c0:b2:39:e7:
1c:b1:7e:80:6c:26:c1:ef:2a:e6:06:a4:c8:89:f3:
4e:6e:db:eb:e2:2c:33:9c:98:e9:e5:c8:91:a6:ec:
83:9a:76:6c:d8:a2:3d:cd:b8:4e:7d:77:14:9e:50:
a4:3b:68:c8:c4:5d:79:de:91:6d:41:6d:f5:21:88:
eb:68:92:37:ee:fa:31:28:99:2b:61:fb:26:11:80:
a1:c0:1c:88:08:6d:6b:59:ee:77:a5:cf:c8:d0:47:
38:7d:ec:b1:1d:fa:69:19:ea:08:c5:d9:1e:6f:f4:
61:c8:4a:2b:d7:de:40:81:e9:40:37:1e:8f:9c:62:
2b:fd:1b:7e:e1:2d:77:b3:5a:d0:e8:1d:b8:17:88:
b0:77:3a:6c:db:5b:04:c0:0f:76:83:23:92:ee:be:
c3:5d:cf:19:f8:c6:2f:f7:40:a6:d2:98:f4:24:bb:
4e:cb:1b:2e:14:c2:8a:e3:a2:4e:11:59:3d:95:70:
7b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:94:39:79:6C:C4:BE:A8:17:BC:58:01:3B:7B:BA:2B:09:14:D2:26
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/1-ZQ5eWzEvqgXvFgBO3u6KwkU0iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.32.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:55:0c:18:f5:ef:fc:27:7d:94:cc:a4:b5:31:dd:05:46:d3:
a4:37:77:60:83:21:a3:3c:e3:ff:83:ec:96:ac:e0:9e:40:fa:
6c:42:1f:1c:9d:f1:08:cc:68:68:39:9c:c9:6e:2f:2d:77:9e:
c3:b8:66:3f:95:73:01:98:02:51:42:be:6e:f5:ee:0a:71:f9:
4e:1c:f5:31:cd:b6:2d:bc:09:87:1d:f7:88:c7:62:aa:b3:89:
4e:d6:cb:71:c3:e6:41:2e:e6:db:33:3c:d9:96:c8:c5:8f:bf:
84:f4:b2:2b:7d:5a:ad:d4:e2:7f:9c:f4:81:db:f6:60:14:7b:
36:0a:b7:94:81:cb:e3:a1:a8:3f:12:c2:8e:72:5a:4c:16:be:
3c:47:2e:bc:59:f0:01:f0:54:27:07:ac:a9:ee:f5:53:8a:b3:
30:c8:20:c1:2f:58:01:59:ad:0d:7e:1f:84:25:e0:51:3d:9b:
db:23:5e:de:66:ae:f6:9d:fd:cb:b1:54:e7:85:77:28:93:a7:
34:80:1a:c9:e9:d6:7b:29:43:49:2f:84:3b:58:15:f4:1d:60:
dd:3d:ba:93:a2:71:67:db:6f:d9:60:91:73:72:60:7b:8e:12:
ef:a9:3a:38:37:cc:48:58:64:4f:28:cb:ea:c0:24:f6:97:a8:
a3:ea:08:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYymyjRiSBAO7LxoogWj5EwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjMxMjI2MTU0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTk0Mzk3OTZjYzRiZWE4MTdiYzU4MDEzYjdiYmEyYjA5MTRkMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+eFJ/VHa6g+vVJxIbyL9CB7384u
MPXasnMloVYndLMv54VdHBoweswpIQWw4PC8jT3cv6hHo25wcb5i0c9S3Cl7Xjs9
O8CyOeccsX6AbCbB7yrmBqTIifNObtvr4iwznJjp5ciRpuyDmnZs2KI9zbhOfXcU
nlCkO2jIxF153pFtQW31IYjraJI37voxKJkrYfsmEYChwByICG1rWe53pc/I0Ec4
feyxHfppGeoIxdkeb/RhyEor195AgelANx6PnGIr/Rt+4S13s1rQ6B24F4iwdzps
21sEwA92gyOS7r7DXc8Z+MYv90Cm0pj0JLtOyxsuFMKK46JOEVk9lXB73QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmUOXlsxL6oF7xYATt7uisJFNImMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvMS1aUTVlV3pFdnFnWHZGZ0JPM3U2S3drVTBpWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNGVlZjAzLTkxZmUtNDQ1YS1hN2NkLTU5NTkxOWJlMGY1
Mi8xL2w1a1VDMExiYkxhX2pHM1VFM1JfejBwdjJiVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVLOIDAN
BgkqhkiG9w0BAQsFAAOCAQEAflUMGPXv/Cd9lMyktTHdBUbTpDd3YIMhozzj/4Ps
lqzgnkD6bEIfHJ3xCMxoaDmcyW4vLXeew7hmP5VzAZgCUUK+bvXuCnH5Thz1Mc22
LbwJhx33iMdiqrOJTtbLccPmQS7m2zM82ZbIxY+/hPSyK31ardTif5z0gdv2YBR7
Ngq3lIHL46GoPxLCjnJaTBa+PEcuvFnwAfBUJwesqe71U4qzMMggwS9YAVmtDX4f
hCXgUT2b2yNe3mau9p39y7FU54V3KJOnNIAayenWeylDSS+EO1gV9B1g3T26k6Jx
Z9tv2WCRc3Jge44S76k6ODfMSFhkTyjL6sAk9peoo+oIsg==
-----END CERTIFICATE-----
Generated at Wed May 14 19:37:52 2025 by rpki-client