Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/zXzOeYe46fxnyyoAap45C1B9zJM.roa
File: zXzOeYe46fxnyyoAap45C1B9zJM.roa (raw, json)
Hash identifier: XbLRBIexveo9D6rRI9D8xg7NUp1n7zIUNoa4tKvTb2o=
Subject key identifier: CD:7C:CE:79:87:B8:E9:FC:67:CB:2A:00:6A:9E:39:0B:50:7D:CC:93
Certificate issuer: /CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Certificate serial: 01856DDD3EC87E8C12F019293EEFA46D53CA
Authority key identifier: DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/zXzOeYe46fxnyyoAap45C1B9zJM.roa
Signing time: Sun 01 Jan 2023 15:04:54 +0000
ROA not before: Sun 01 Jan 2023 15:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28685
IP address blocks: 176.124.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:3e:c8:7e:8c:12:f0:19:29:3e:ef:a4:6d:53:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Validity
Not Before: Jan 1 15:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd7cce7987b8e9fc67cb2a006a9e390b507dcc93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:48:cc:34:b6:2d:d4:15:c5:ef:d5:9e:b5:
7f:f7:8d:26:07:ce:61:c7:54:e4:46:c5:a0:51:3f:
b8:a3:62:ed:6c:fa:5e:da:90:b2:35:b1:85:7b:fe:
8f:bf:e1:38:40:04:58:43:96:52:db:db:4f:c4:32:
3a:2d:df:40:f3:1b:68:91:18:70:ff:0d:72:9b:84:
f0:82:09:4e:c5:fa:8a:6e:a8:16:d0:8a:23:82:29:
86:16:e4:f8:38:54:ba:f5:6e:55:75:36:ec:14:33:
58:ed:4d:f1:e4:55:3a:f1:5e:3d:8f:32:0e:b8:7a:
fe:d8:5e:2f:10:fb:55:1f:10:a8:c1:57:8d:26:b9:
e9:12:e8:83:29:9d:19:d2:38:9e:3b:f2:bc:b4:2c:
66:01:d0:5b:96:07:97:f3:a1:25:49:b0:dc:ae:6f:
27:83:1a:7d:99:69:3b:42:cc:69:3b:e0:50:8c:ac:
d7:4b:b9:04:38:3a:61:f1:e3:1d:13:96:2f:87:cb:
bb:4c:cf:35:79:17:be:79:6f:7a:02:c2:ed:2a:fc:
a3:1b:f1:83:88:32:90:3f:6e:0e:13:6b:50:f7:4b:
e4:79:a8:67:a0:29:23:19:0c:6d:c2:2e:08:f4:8b:
c5:a4:ab:5c:09:b2:98:d7:07:0f:32:d8:aa:55:4a:
d4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7C:CE:79:87:B8:E9:FC:67:CB:2A:00:6A:9E:39:0B:50:7D:CC:93
X509v3 Authority Key Identifier:
keyid:DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/zXzOeYe46fxnyyoAap45C1B9zJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/29fJUTSL0uCcyvdvV7g4XxXfROQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.253.0/24
Signature Algorithm: sha256WithRSAEncryption
96:79:e0:0d:da:d7:c3:ff:88:b0:a5:52:74:fb:7f:c8:51:1f:
17:20:d1:c8:83:58:26:9f:56:ae:ef:44:95:af:72:d9:62:bb:
ef:0d:11:79:ac:c8:8f:62:2f:bb:34:ba:9a:18:8c:40:53:07:
99:e5:a7:ce:f8:36:7e:6a:63:ec:f4:b2:ef:28:f1:f4:55:57:
b5:1b:c5:d7:86:e6:1a:6b:7d:8d:7d:2d:8e:2b:44:b8:b6:66:
bc:7d:81:d6:9f:97:30:08:8e:e0:7f:40:04:8a:3e:85:1c:9b:
e8:0c:59:8c:91:51:0d:76:0b:52:e9:9c:db:7a:0e:ca:3c:86:
bf:d5:66:77:17:d3:14:06:bd:65:d8:ae:12:7e:d1:3b:2f:de:
5b:90:a0:26:81:15:1d:43:cc:64:f4:4c:60:40:6d:80:fc:bc:
f4:6d:92:51:26:52:d7:87:f3:ab:9a:80:a2:58:e9:a4:80:00:
0f:d2:ba:ee:a1:8a:07:43:d5:23:a8:69:1e:f6:65:fa:97:73:
4c:81:b8:80:24:57:30:17:6b:1f:ec:8e:0f:91:8b:e5:48:d2:
68:44:77:9a:7c:9c:74:29:c7:b5:bd:ce:6b:5c:1a:ce:7a:bc:
77:00:27:c6:de:6d:80:fb:bd:7b:da:37:b0:bc:32:9b:02:20:
71:6c:c8:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3T7IfowS8BkpPu+kbVPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdjOTUxMzQ4YmQyZTA5Y2NhZjc2ZjU3YjgzODVmMTVk
ZjQ0ZTQwHhcNMjMwMTAxMTUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdjY2U3OTg3YjhlOWZjNjdjYjJhMDA2YTllMzkwYjUwN2RjYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBJIzDS2LdQVxe/VnrV/940mB85h
x1TkRsWgUT+4o2LtbPpe2pCyNbGFe/6Pv+E4QARYQ5ZS29tPxDI6Ld9A8xtokRhw
/w1ym4TwgglOxfqKbqgW0IojgimGFuT4OFS69W5VdTbsFDNY7U3x5FU68V49jzIO
uHr+2F4vEPtVHxCowVeNJrnpEuiDKZ0Z0jieO/K8tCxmAdBblgeX86ElSbDcrm8n
gxp9mWk7QsxpO+BQjKzXS7kEODph8eMdE5Yvh8u7TM81eRe+eW96AsLtKvyjG/GD
iDKQP24OE2tQ90vkeahnoCkjGQxtwi4I9IvFpKtcCbKY1wcPMtiqVUrU2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM18znmHuOn8Z8sqAGqeOQtQfcyTMB8GA1UdIwQY
MBaAFNvXyVE0i9LgnMr3b1e4OF8V30TkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEt
N2QwYWM1MjgxNWE2LzEvelh6T2VZZTQ2ZnhueXlvQWFwNDVDMUI5ekpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEtN2QwYWM1MjgxNWE2
LzEvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHz9MA0G
CSqGSIb3DQEBCwUAA4IBAQCWeeAN2tfD/4iwpVJ0+3/IUR8XINHIg1gmn1au70SV
r3LZYrvvDRF5rMiPYi+7NLqaGIxAUweZ5afO+DZ+amPs9LLvKPH0VVe1G8XXhuYa
a32NfS2OK0S4tma8fYHWn5cwCI7gf0AEij6FHJvoDFmMkVENdgtS6Zzbeg7KPIa/
1WZ3F9MUBr1l2K4SftE7L95bkKAmgRUdQ8xk9ExgQG2A/Lz0bZJRJlLXh/OrmoCi
WOmkgAAP0rruoYoHQ9UjqGke9mX6l3NMgbiAJFcwF2sf7I4PkYvlSNJoRHeafJx0
Kce1vc5rXBrOerx3ACfG3m2A+7172jewvDKbAiBxbMhN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:21 2025 by rpki-client