Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/ZQ1SnPhNS3hpEWHp17zVQ7smR48.roa
File: ZQ1SnPhNS3hpEWHp17zVQ7smR48.roa (raw, json)
Hash identifier: Ygb9nRareBvUPnA50zSXpy0g1LdgOSFCPnFIwI5pVcI=
Subject key identifier: 65:0D:52:9C:F8:4D:4B:78:69:11:61:E9:D7:BC:D5:43:BB:26:47:8F
Certificate issuer: /CN=3d70fe1d75f7da76d2e3dc344fb1f0b0b69de001
Certificate serial: 05880542
Authority key identifier: 3D:70:FE:1D:75:F7:DA:76:D2:E3:DC:34:4F:B1:F0:B0:B6:9D:E0:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXD-HXX32nbS49w0T7HwsLad4AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/ZQ1SnPhNS3hpEWHp17zVQ7smR48.roa
Signing time: Sat 01 Jan 2022 06:00:59 +0000
ROA not before: Sat 01 Jan 2022 06:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12886
IP address blocks: 193.23.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92800322 (0x5880542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d70fe1d75f7da76d2e3dc344fb1f0b0b69de001
Validity
Not Before: Jan 1 06:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=650d529cf84d4b78691161e9d7bcd543bb26478f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6b:30:42:d7:82:af:29:ad:95:b2:cd:53:d2:
65:93:4e:03:1b:4f:6e:fb:79:cf:9a:53:da:0f:2c:
fb:c2:9f:45:51:3e:47:0f:06:8d:55:b6:40:45:ae:
7b:9e:90:5f:fc:a5:b7:22:de:58:66:52:40:41:ba:
81:0c:de:f0:07:21:0e:0c:bf:51:bc:e7:bb:b7:b8:
0c:60:66:ad:92:26:8a:39:10:5e:2d:10:31:10:8d:
7b:57:42:05:4f:77:25:2f:b7:98:60:5c:77:48:92:
73:ed:3e:4d:f7:09:bb:8c:e6:d1:51:3e:d0:53:de:
85:5a:e2:39:b4:71:ec:7f:f8:3a:5e:be:55:17:c5:
a7:d8:11:e0:c1:e8:e3:fc:d6:7b:42:bb:d0:d1:5b:
9e:75:12:06:fb:5e:a4:5e:bd:af:d3:ea:8b:fb:23:
69:eb:5f:eb:7f:9a:cb:70:2d:4e:82:0b:10:7d:30:
d9:0d:a0:34:33:b6:22:cb:8f:ad:cb:60:f7:d5:08:
96:89:36:cb:05:1c:bc:a1:44:a1:29:1f:1e:82:1c:
a0:93:79:a8:2c:91:a9:c3:fb:37:ba:13:b5:91:2e:
3a:8e:f7:78:f4:7d:cf:68:7b:98:7e:d0:6b:b7:92:
8e:d0:a8:eb:8e:68:62:b8:49:00:f3:84:d1:da:1b:
32:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0D:52:9C:F8:4D:4B:78:69:11:61:E9:D7:BC:D5:43:BB:26:47:8F
X509v3 Authority Key Identifier:
keyid:3D:70:FE:1D:75:F7:DA:76:D2:E3:DC:34:4F:B1:F0:B0:B6:9D:E0:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXD-HXX32nbS49w0T7HwsLad4AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/ZQ1SnPhNS3hpEWHp17zVQ7smR48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/PXD-HXX32nbS49w0T7HwsLad4AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.148.0/22
Signature Algorithm: sha256WithRSAEncryption
74:9b:cb:a4:17:96:38:2f:42:98:90:aa:94:5d:6d:e3:36:0f:
bf:6a:62:1c:e2:35:fc:3e:a5:b1:91:eb:77:99:8e:35:36:41:
a0:3a:e5:7c:70:56:17:4e:a3:dd:d5:fe:e7:6b:07:28:db:78:
cc:9a:42:37:52:d8:a1:32:a6:37:c9:07:fb:84:8a:a3:78:7e:
ec:c8:52:4e:83:48:5f:d2:5b:57:de:43:9e:e6:10:0d:d6:5b:
22:13:11:ce:cc:07:75:2d:71:92:93:96:6d:8e:2f:e1:a1:b8:
8f:da:6d:c0:ce:c2:4e:7b:e5:10:a0:64:2b:5c:3d:34:53:ae:
9c:b7:f2:6c:b9:cb:5f:6c:99:04:d8:2f:cc:62:68:39:f6:0c:
05:1a:13:5d:00:6d:f6:a6:83:bc:6e:75:22:0c:07:3d:07:e8:
49:7a:1b:a5:de:e0:d0:52:f2:39:15:91:69:85:b4:79:79:2f:
93:21:17:0a:63:ca:b4:01:4e:f0:9e:fe:ba:5d:96:d3:b2:c1:
e5:b4:90:fc:b9:21:21:62:36:72:ed:dc:63:d1:9d:f7:15:95:
fe:72:17:89:49:dc:cc:fa:a4:57:7b:57:61:66:22:a2:6f:3b:
7c:db:f7:35:54:ea:bf:7d:cd:48:58:7c:08:76:f0:70:47:a8:
a8:fc:20:5c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBYgFQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDcwZmUxZDc1ZjdkYTc2ZDJlM2RjMzQ0ZmIxZjBiMGI2OWRlMDAxMB4XDTIyMDEw
MTA2MDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjUwZDUyOWNmODRk
NGI3ODY5MTE2MWU5ZDdiY2Q1NDNiYjI2NDc4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNrMELXgq8prZWyzVPSZZNOAxtPbvt5z5pT2g8s+8KfRVE+
Rw8GjVW2QEWue56QX/yltyLeWGZSQEG6gQze8AchDgy/Ubznu7e4DGBmrZImijkQ
Xi0QMRCNe1dCBU93JS+3mGBcd0iSc+0+TfcJu4zm0VE+0FPehVriObRx7H/4Ol6+
VRfFp9gR4MHo4/zWe0K70NFbnnUSBvtepF69r9Pqi/sjaetf63+ay3AtToILEH0w
2Q2gNDO2IsuPrctg99UIlok2ywUcvKFEoSkfHoIcoJN5qCyRqcP7N7oTtZEuOo73
ePR9z2h7mH7Qa7eSjtCo645oYrhJAPOE0dobMmECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRlDVKc+E1LeGkRYenXvNVDuyZHjzAfBgNVHSMEGDAWgBQ9cP4ddffadtLj
3DRPsfCwtp3gATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BYRC1IWFgzMm5iUzQ5dzBUN0h3c0xhZDRBRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvMjQ1NmU1LTYxZGQtNGFlMy1hMjRmLWI4NTJiZDgxMjNmMC8x
L1pRMVNuUGhOUzNocEVXSHAxN3pWUTdzbVI0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
MjQ1NmU1LTYxZGQtNGFlMy1hMjRmLWI4NTJiZDgxMjNmMC8xL1BYRC1IWFgzMm5i
UzQ5dzBUN0h3c0xhZDRBRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsEXlDANBgkqhkiG9w0BAQsFAAOC
AQEAdJvLpBeWOC9CmJCqlF1t4zYPv2piHOI1/D6lsZHrd5mONTZBoDrlfHBWF06j
3dX+52sHKNt4zJpCN1LYoTKmN8kH+4SKo3h+7MhSToNIX9JbV95DnuYQDdZbIhMR
zswHdS1xkpOWbY4v4aG4j9ptwM7CTnvlEKBkK1w9NFOunLfybLnLX2yZBNgvzGJo
OfYMBRoTXQBt9qaDvG51IgwHPQfoSXobpd7g0FLyORWRaYW0eXkvkyEXCmPKtAFO
8J7+ul2W07LB5bSQ/LkhIWI2cu3cY9Gd9xWV/nIXiUnczPqkV3tXYWYiom87fNv3
NVTqv33NSFh8CHbwcEeoqPwgXA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:19:08 2025 by rpki-client