Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa
File: ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa (raw, json)
Hash identifier: BvP2R4dS35CHGOGubvWPXzRblSk0ENvN+107rNHiozk=
Subject key identifier: 66:66:4B:7A:6A:5A:6B:94:B5:C0:BC:D0:A6:36:CB:55:9D:2D:FE:B9
Certificate issuer: /CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Certificate serial: 01856F8B8ACB2C4FE264F4A04B76C7E2615C
Authority key identifier: 30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.64.6.0/24 maxlen: 24
2a10:2307:fffd::/48 maxlen: 48
2a10:2307:ffff::/48 maxlen: 48
2a10:2307:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8a:cb:2c:4f:e2:64:f4:a0:4b:76:c7:e2:61:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66664b7a6a5a6b94b5c0bcd0a636cb559d2dfeb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7b:ac:f7:75:53:a4:b3:94:cf:f1:ee:fe:f8:
11:8a:20:91:1f:68:a3:df:e0:73:5c:b0:5b:33:6f:
e5:3f:64:e1:63:a2:74:a3:51:66:47:a1:e7:7e:41:
a7:3e:85:df:6b:16:a3:28:fe:8d:7d:4c:17:31:0a:
51:46:1a:31:c9:22:96:8f:27:d3:28:2c:bf:b6:d9:
60:e3:60:d0:11:fb:c9:ee:4b:f6:69:cc:c5:21:15:
e1:f5:52:64:8e:31:2b:df:2f:46:fc:7b:c1:6a:3a:
c2:63:2a:9a:0d:2f:0f:a2:85:88:8a:ea:2e:a4:b6:
4c:e3:16:ec:17:c2:0d:78:47:09:77:eb:50:52:f2:
a4:e5:f1:1f:a4:e5:53:e2:2c:f0:e5:72:6b:95:bb:
76:47:cb:36:e8:86:05:e4:0c:3c:0c:00:8c:58:3d:
27:81:d1:44:3d:b9:b6:ff:f9:d9:2f:eb:85:3f:67:
e7:c7:cc:03:66:13:f4:8d:fc:c7:bf:17:86:21:bf:
82:e4:5e:09:d9:41:50:05:2b:ad:e3:71:ca:94:0b:
6e:64:83:55:f4:16:64:e4:75:c0:11:5e:55:b6:5a:
d3:a6:98:a2:9d:68:39:70:5f:e0:d4:1c:d5:43:fd:
d4:bd:0f:c2:11:d5:fa:77:96:f7:f5:55:ec:42:cd:
6e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:66:4B:7A:6A:5A:6B:94:B5:C0:BC:D0:A6:36:CB:55:9D:2D:FE:B9
X509v3 Authority Key Identifier:
keyid:30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.6.0/24
IPv6:
2a10:2307:fffd::-2a10:2307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
25:4d:2f:3a:87:3d:83:f2:20:57:09:95:a0:fc:66:36:d3:70:
10:80:22:d7:0c:2a:89:38:df:30:a8:f5:d8:4e:6b:70:64:31:
30:60:ab:38:d5:48:97:56:6c:67:10:ea:50:f0:01:f3:e0:ed:
8b:74:8e:55:ee:91:1b:0f:a6:27:12:2d:f4:f7:da:a4:1a:7d:
b2:e2:90:a4:17:3c:01:46:55:66:ed:d3:f2:28:e8:2b:c1:91:
87:a4:e7:b9:6f:b1:41:30:29:86:a5:39:50:03:e6:73:93:c2:
b5:1c:ac:f1:ee:fe:16:7a:df:cb:ab:ac:64:3e:92:a5:5f:92:
c1:9e:9d:13:b8:39:63:73:b9:13:72:c7:21:82:14:8f:2d:b8:
d9:51:b6:3e:b5:a0:aa:7f:9d:f4:2e:e4:28:d4:52:6b:c9:87:
9f:44:7b:b8:ea:4b:8d:3c:6a:f9:3e:4a:54:17:58:69:6f:69:
08:ff:08:6f:e1:80:c8:79:d6:5e:40:7e:64:93:f7:21:ce:e9:
ac:62:fc:3b:2b:ac:94:c4:c3:b4:05:6c:2c:97:e1:e6:72:db:
11:e3:0a:71:1e:b3:98:3d:a5:14:dd:de:2d:a1:85:93:84:15:
16:1d:74:72:fd:f3:58:c6:8f:d9:f9:b8:f9:5e:85:9a:89:e5:
13:65:3b:02
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvi4rLLE/iZPSgS3bH4mFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzA2YjJiOTU1ODhkNzgwZTM2ZWY4MmE4ZjU0YTMxN2Q1
ODY5ZTIwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjY2NGI3YTZhNWE2Yjk0YjVjMGJjZDBhNjM2Y2I1NTlkMmRmZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Xus93VTpLOUz/Hu/vgRiiCRH2ij
3+BzXLBbM2/lP2ThY6J0o1FmR6HnfkGnPoXfaxajKP6NfUwXMQpRRhoxySKWjyfT
KCy/ttlg42DQEfvJ7kv2aczFIRXh9VJkjjEr3y9G/HvBajrCYyqaDS8PooWIiuou
pLZM4xbsF8INeEcJd+tQUvKk5fEfpOVT4izw5XJrlbt2R8s26IYF5Aw8DACMWD0n
gdFEPbm2//nZL+uFP2fnx8wDZhP0jfzHvxeGIb+C5F4J2UFQBSut43HKlAtuZINV
9BZk5HXAEV5VtlrTppiinWg5cF/g1BzVQ/3UvQ/CEdX6d5b39VXsQs1u9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGZmS3pqWmuUtcC80KY2y1WdLf65MB8GA1UdIwQY
MBaAFDBwayuVWI14Djbvgqj1SjF9WGniMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzct
ODRlZDkxZWMxYzY1LzEvWm1aTGVtcGFhNVMxd0x6UXBqYkxWWjB0X3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzctODRlZDkxZWMxYzY1
LzEvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuUAGMBgE
AgACMBIwEAMHACoQIwf//QMFAyoQIwAwDQYJKoZIhvcNAQELBQADggEBACVNLzqH
PYPyIFcJlaD8ZjbTcBCAItcMKok43zCo9dhOa3BkMTBgqzjVSJdWbGcQ6lDwAfPg
7Yt0jlXukRsPpicSLfT32qQafbLikKQXPAFGVWbt0/Io6CvBkYek57lvsUEwKYal
OVAD5nOTwrUcrPHu/hZ638urrGQ+kqVfksGenRO4OWNzuRNyxyGCFI8tuNlRtj61
oKp/nfQu5CjUUmvJh59Ee7jqS408avk+SlQXWGlvaQj/CG/hgMh51l5AfmST9yHO
6axi/DsrrJTEw7QFbCyX4eZy2xHjCnEes5g9pRTd3i2hhZOEFRYddHL981jGj9n5
uPlehZqJ5RNlOwI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:41:23 2025 by rpki-client