Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/ZefUHNxmeHnFGqc9an0V98A4KZ4.roa
File: ZefUHNxmeHnFGqc9an0V98A4KZ4.roa (raw, json)
Hash identifier: HhwYOJyzeBc1AawItQUFOaDMsrK+D3HaqXXYs1SIky4=
Subject key identifier: 65:E7:D4:1C:DC:66:78:79:C5:1A:A7:3D:6A:7D:15:F7:C0:38:29:9E
Certificate issuer: /CN=24504c74c7127090a4cff85001f443149e128e60
Certificate serial: 018C670DF06B83B6FA7D1116D23F61C55B6F
Authority key identifier: 24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/ZefUHNxmeHnFGqc9an0V98A4KZ4.roa
Signing time: Thu 14 Dec 2023 06:40:15 +0000
ROA not before: Thu 14 Dec 2023 06:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39737
IP address blocks: 193.142.241.0/24 maxlen: 24
195.64.169.0/24 maxlen: 24
195.64.168.0/24 maxlen: 24
193.142.205.0/24 maxlen: 24
193.142.223.0/24 maxlen: 24
195.64.152.0/23 maxlen: 23
193.142.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:0d:f0:6b:83:b6:fa:7d:11:16:d2:3f:61:c5:5b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24504c74c7127090a4cff85001f443149e128e60
Validity
Not Before: Dec 14 06:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65e7d41cdc667879c51aa73d6a7d15f7c038299e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:87:e0:31:40:23:b1:75:c8:02:2d:1e:03:93:
9d:1f:04:a5:d6:33:b5:e5:77:a7:7b:45:18:6d:3e:
11:db:d1:6c:ce:d5:10:69:2a:5c:bf:9c:8b:54:64:
da:0d:ae:57:c1:ea:fc:e6:51:5d:3b:77:3b:4f:a4:
6b:77:dd:32:9d:b6:2d:5b:96:27:51:82:db:11:50:
89:56:cb:50:77:c4:df:38:02:08:86:1c:cf:67:ba:
e4:40:cf:51:58:81:f1:97:f9:dc:9e:da:af:81:e5:
e4:5d:8c:7d:e7:99:09:97:59:14:72:ac:ff:e5:e3:
44:c4:90:71:ec:0c:e3:56:24:1b:83:3d:10:47:c8:
af:0d:9d:d9:c6:94:9c:f3:d7:0f:e0:6e:4f:5c:fb:
9b:60:0e:3c:9d:85:77:9f:98:e9:82:3d:b4:25:2d:
57:0f:3b:10:ee:66:11:40:07:6f:8c:d0:62:a0:1c:
eb:e2:ec:00:f6:e5:b8:5d:15:cc:04:cc:d6:df:d5:
cf:ca:f8:68:e3:c3:e6:8a:5e:ac:dd:59:8c:04:c7:
da:1e:c7:ae:d3:70:34:34:7d:b6:b9:3d:0c:db:79:
a5:81:64:25:de:a7:60:1d:75:f2:dc:a0:9c:b4:31:
53:ff:e4:4c:84:6f:42:3d:0d:47:a2:dc:eb:92:32:
7b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E7:D4:1C:DC:66:78:79:C5:1A:A7:3D:6A:7D:15:F7:C0:38:29:9E
X509v3 Authority Key Identifier:
keyid:24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/ZefUHNxmeHnFGqc9an0V98A4KZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.205.0/24
193.142.223.0/24
193.142.234.0/24
193.142.241.0/24
195.64.152.0/23
195.64.168.0/23
Signature Algorithm: sha256WithRSAEncryption
20:0d:e9:fe:59:0c:a2:f3:04:59:5e:4d:07:82:7e:3d:fa:1f:
6c:6b:6c:89:f3:dc:35:81:1d:40:0e:81:38:77:4a:a4:ef:97:
da:d5:df:61:69:82:e2:1d:f8:43:78:f1:20:44:04:3f:36:0a:
6b:70:fb:81:81:b7:f4:7f:51:91:be:73:8c:ec:62:20:3e:b9:
b3:3f:ef:6a:16:e8:34:2b:a1:99:a5:9b:3d:d3:a7:a3:6e:d3:
1e:ed:cf:ad:62:7e:7a:3e:b3:f3:e4:c1:9a:58:64:c5:18:87:
a0:9c:f7:93:60:a6:22:a2:8e:59:05:ef:b8:ea:ce:99:5f:b5:
0c:1d:71:93:c0:37:e5:d0:8f:e1:8e:ad:ce:73:42:70:3c:37:
f6:83:00:fd:5c:9f:a0:35:fb:90:4b:5d:cd:b4:6a:08:0e:02:
b5:4b:2c:cb:26:ba:87:e3:64:c5:b7:e9:fb:c7:3c:86:1a:3c:
63:d2:2e:91:29:57:99:ff:b4:5d:1c:b9:bb:86:cc:5b:f2:7d:
b1:67:f9:bd:23:56:4a:5e:c8:84:90:9b:3f:fb:ad:cf:06:1b:
7b:b4:ea:06:97:65:96:9c:0f:2c:68:09:9b:16:6b:4a:01:74:
79:19:e0:58:3d:45:12:c4:d6:04:09:ed:d3:08:ca:65:d2:5f:
d8:e3:24:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxnDfBrg7b6fREW0j9hxVtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTA0Yzc0YzcxMjcwOTBhNGNmZjg1MDAxZjQ0MzE0OWUx
MjhlNjAwHhcNMjMxMjE0MDY0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWU3ZDQxY2RjNjY3ODc5YzUxYWE3M2Q2YTdkMTVmN2MwMzgyOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4fgMUAjsXXIAi0eA5OdHwSl1jO1
5Xene0UYbT4R29FsztUQaSpcv5yLVGTaDa5Xwer85lFdO3c7T6Rrd90ynbYtW5Yn
UYLbEVCJVstQd8TfOAIIhhzPZ7rkQM9RWIHxl/ncntqvgeXkXYx955kJl1kUcqz/
5eNExJBx7AzjViQbgz0QR8ivDZ3ZxpSc89cP4G5PXPubYA48nYV3n5jpgj20JS1X
DzsQ7mYRQAdvjNBioBzr4uwA9uW4XRXMBMzW39XPyvho48Pmil6s3VmMBMfaHseu
03A0NH22uT0M23mlgWQl3qdgHXXy3KCctDFT/+RMhG9CPQ1HotzrkjJ7QwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGXn1BzcZnh5xRqnPWp9FffAOCmeMB8GA1UdIwQY
MBaAFCRQTHTHEnCQpM/4UAH0QxSeEo5gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQt
ZDA2MjJjNGNkNDhkLzEvWmVmVUhOeG1lSG5GR3FjOWFuMFY5OEE0S1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQtZDA2MjJjNGNkNDhk
LzEvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwY7NAwQA
wY7fAwQAwY7qAwQAwY7xAwQBw0CYAwQBw0CoMA0GCSqGSIb3DQEBCwUAA4IBAQAg
Den+WQyi8wRZXk0Hgn49+h9sa2yJ89w1gR1ADoE4d0qk75fa1d9haYLiHfhDePEg
RAQ/NgprcPuBgbf0f1GRvnOM7GIgPrmzP+9qFug0K6GZpZs906ejbtMe7c+tYn56
PrPz5MGaWGTFGIegnPeTYKYioo5ZBe+46s6ZX7UMHXGTwDfl0I/hjq3Oc0JwPDf2
gwD9XJ+gNfuQS13NtGoIDgK1SyzLJrqH42TFt+n7xzyGGjxj0i6RKVeZ/7RdHLm7
hsxb8n2xZ/m9I1ZKXsiEkJs/+63PBht7tOoGl2WWnA8saAmbFmtKAXR5GeBYPUUS
xNYECe3TCMpl0l/Y4ySa
-----END CERTIFICATE-----
Generated at Wed May 7 22:06:48 2025 by rpki-client