Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/z0qnHO3QloXUjXoA2isUrTNie8M.roa
File: z0qnHO3QloXUjXoA2isUrTNie8M.roa (raw, json)
Hash identifier: qz1GZNr3UcHzYY+ZIeqzmRX25teOxWphkWjSubWCoGo=
Subject key identifier: CF:4A:A7:1C:ED:D0:96:85:D4:8D:7A:00:DA:2B:14:AD:33:62:7B:C3
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 0187C393E2A78320D7C6E4A45B01EC03B5A0
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/z0qnHO3QloXUjXoA2isUrTNie8M.roa
Signing time: Thu 27 Apr 2023 16:37:41 +0000
ROA not before: Thu 27 Apr 2023 16:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60983
IP address blocks: 185.22.128.0/22 maxlen: 24
2a00:6060:ee37::/48 maxlen: 48
2a00:6060::/32 maxlen: 32
2a00:6060:ca00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:93:e2:a7:83:20:d7:c6:e4:a4:5b:01:ec:03:b5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Apr 27 16:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf4aa71cedd09685d48d7a00da2b14ad33627bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b1:33:3d:59:ac:f5:78:20:fd:ae:c4:4f:a7:
00:ce:a5:aa:76:ef:23:08:7a:da:33:f0:aa:5a:df:
72:fc:f3:7f:b3:25:9c:c7:a8:5b:22:ed:48:7a:59:
65:24:da:de:91:0e:67:32:d4:a5:b8:7f:92:5f:67:
7f:3a:f4:0b:2c:20:fd:4b:25:94:b2:d1:90:3a:fe:
b3:23:8e:a9:f5:fd:c6:00:8e:a6:07:8f:d6:c2:ea:
d0:72:de:44:78:76:ea:af:cf:11:fa:b0:67:87:03:
ff:f4:8d:70:4b:16:c7:ba:e7:05:58:de:62:5d:8c:
38:d0:a2:41:18:d8:72:6e:c0:1d:03:e1:3c:6e:b1:
d3:db:0f:24:43:d0:ca:c2:05:ae:0d:f5:01:4a:fc:
b8:23:34:26:dd:27:82:be:2f:31:c8:61:f9:6d:39:
19:23:7c:f6:45:6a:44:1b:21:43:bd:3a:2c:d3:85:
77:00:00:b8:de:b0:d1:6d:01:9f:7f:bb:82:ed:ba:
3b:c6:f6:19:bd:b3:90:32:fc:09:1a:6c:74:aa:86:
ba:ea:f4:04:94:3e:80:8e:d1:ab:95:d4:a4:00:8b:
ad:51:f4:ad:a1:e3:3f:cb:bf:1f:fd:31:c3:96:2d:
a6:e5:a9:d4:9a:6b:e2:d6:da:20:90:59:d5:d6:91:
ae:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:A7:1C:ED:D0:96:85:D4:8D:7A:00:DA:2B:14:AD:33:62:7B:C3
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/z0qnHO3QloXUjXoA2isUrTNie8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.128.0/22
IPv6:
2a00:6060::/32
Signature Algorithm: sha256WithRSAEncryption
0e:b9:9e:6a:ad:27:52:55:cb:5c:17:36:2d:50:65:0a:a1:fc:
1d:46:df:6a:9c:4c:06:b3:a1:fd:79:ec:35:ce:5f:62:84:54:
23:80:ed:4e:3e:c2:93:ab:c2:22:23:43:47:ad:79:2e:06:da:
5a:cd:99:82:af:cf:f5:64:ca:7d:30:ef:d6:e0:31:09:84:e4:
4f:ad:d0:50:90:f8:5a:77:5a:24:b2:00:b9:81:22:91:50:11:
c6:ea:c5:4d:99:3c:d8:f9:d5:9f:7d:b0:bf:4b:5d:cb:2b:f9:
0c:2c:bc:f1:df:ad:27:b2:d6:2d:7e:83:fc:19:f2:e9:02:0d:
50:86:fd:91:67:e3:93:f9:50:52:80:d6:b4:7f:53:35:65:87:
ab:00:20:19:40:31:7b:df:ef:11:46:30:3a:0c:7c:00:08:8b:
f0:2d:14:57:be:e9:cd:2e:8f:db:48:d5:f9:0f:c8:85:5e:dc:
6b:64:d4:e1:b5:fb:c1:80:69:ca:2a:88:4c:0b:9e:c9:93:ca:
e8:0b:20:14:7a:99:c3:1a:74:31:07:75:d4:08:03:62:2e:6d:
df:49:86:20:27:0f:c0:d9:c4:8f:f0:b7:0f:29:49:43:b4:28:
53:dc:52:4d:89:e5:e8:50:1c:d9:56:2d:d4:2c:58:9a:90:99:
e8:5d:b9:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfDk+KngyDXxuSkWwHsA7WgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjMwNDI3MTYzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRhYTcxY2VkZDA5Njg1ZDQ4ZDdhMDBkYTJiMTRhZDMzNjI3YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLEzPVms9Xgg/a7ET6cAzqWqdu8j
CHraM/CqWt9y/PN/syWcx6hbIu1IelllJNrekQ5nMtSluH+SX2d/OvQLLCD9SyWU
stGQOv6zI46p9f3GAI6mB4/WwurQct5EeHbqr88R+rBnhwP/9I1wSxbHuucFWN5i
XYw40KJBGNhybsAdA+E8brHT2w8kQ9DKwgWuDfUBSvy4IzQm3SeCvi8xyGH5bTkZ
I3z2RWpEGyFDvTos04V3AAC43rDRbQGff7uC7bo7xvYZvbOQMvwJGmx0qoa66vQE
lD6AjtGrldSkAIutUfStoeM/y78f/THDli2m5anUmmvi1togkFnV1pGuhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM9Kpxzt0JaF1I16ANorFK0zYnvDMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvejBxbkhPM1Fsb1hValhvQTJpc1VyVE5pZThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRaAMA0E
AgACMAcDBQAqAGBgMA0GCSqGSIb3DQEBCwUAA4IBAQAOuZ5qrSdSVctcFzYtUGUK
ofwdRt9qnEwGs6H9eew1zl9ihFQjgO1OPsKTq8IiI0NHrXkuBtpazZmCr8/1ZMp9
MO/W4DEJhORPrdBQkPhad1oksgC5gSKRUBHG6sVNmTzY+dWffbC/S13LK/kMLLzx
360nstYtfoP8GfLpAg1Qhv2RZ+OT+VBSgNa0f1M1ZYerACAZQDF73+8RRjA6DHwA
CIvwLRRXvunNLo/bSNX5D8iFXtxrZNThtfvBgGnKKohMC57Jk8roCyAUepnDGnQx
B3XUCANiLm3fSYYgJw/A2cSP8LcPKUlDtChT3FJNieXoUBzZVi3ULFiakJnoXbmw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:56 2025 by rpki-client