Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/ZyfV4U6FWsZ4qKvbe_k_JeiMfn4.roa
File: ZyfV4U6FWsZ4qKvbe_k_JeiMfn4.roa (raw, json)
Hash identifier: MSFspqPlXRp31SuId9E2154GWAkrO3BO+mX6fkwk3E0=
Subject key identifier: 67:27:D5:E1:4E:85:5A:C6:78:A8:AB:DB:7B:F9:3F:25:E8:8C:7E:7E
Certificate issuer: /CN=080369a358961f7284fbd591e927737cdb05c35d
Certificate serial: 018B801585EF47FF4BF4DE4BFA2D6F51B48D
Authority key identifier: 08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/ZyfV4U6FWsZ4qKvbe_k_JeiMfn4.roa
Signing time: Mon 30 Oct 2023 10:16:16 +0000
ROA not before: Mon 30 Oct 2023 10:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209190
IP address blocks: 81.92.128.0/20 maxlen: 20
81.92.128.0/21 maxlen: 21
81.92.136.0/21 maxlen: 21
81.92.143.0/24 maxlen: 24
81.92.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:15:85:ef:47:ff:4b:f4:de:4b:fa:2d:6f:51:b4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=080369a358961f7284fbd591e927737cdb05c35d
Validity
Not Before: Oct 30 10:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6727d5e14e855ac678a8abdb7bf93f25e88c7e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:51:e0:cb:a5:8c:23:2b:c1:7d:f2:3d:88:ae:
48:e9:94:c7:83:0f:06:54:64:9a:97:b0:44:86:61:
e7:34:e1:55:fc:92:3a:6c:61:52:65:d4:64:f3:f9:
95:36:2f:e5:75:2e:c1:b0:45:36:ff:01:f7:12:04:
2c:b0:af:58:0c:c9:8f:27:ac:9f:9f:ca:36:47:f7:
a2:3d:6d:87:4b:36:17:56:d2:ef:02:72:a2:10:b8:
ad:cb:f8:fa:fe:1b:7b:6a:38:c6:ec:71:9e:e7:0c:
04:12:19:f0:a4:60:1c:70:99:1e:a4:8e:9f:85:f1:
6e:d4:b1:98:f4:c8:a3:7b:25:64:04:93:e5:5f:e8:
52:87:6c:4d:30:93:d5:03:e0:4a:cd:a9:65:13:43:
17:d7:d1:d7:f2:5f:6d:ee:fb:e0:92:3f:32:42:02:
94:22:c9:72:10:40:a3:a9:c0:2d:0e:7b:f5:83:da:
28:37:14:57:98:ca:19:54:38:bd:65:84:c5:13:b7:
39:13:48:a6:96:37:08:02:f3:68:81:b8:39:20:f3:
8b:5b:48:bf:40:bf:2c:6c:76:f2:3a:6e:7a:33:1b:
68:de:f3:3c:8f:55:a0:10:29:a3:89:53:6a:b3:17:
7c:c3:3a:85:aa:6c:86:4c:d9:18:64:38:e6:15:03:
35:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:27:D5:E1:4E:85:5A:C6:78:A8:AB:DB:7B:F9:3F:25:E8:8C:7E:7E
X509v3 Authority Key Identifier:
keyid:08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/ZyfV4U6FWsZ4qKvbe_k_JeiMfn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.128.0/20
Signature Algorithm: sha256WithRSAEncryption
79:16:3f:f8:75:36:ec:be:fa:cc:0e:c0:94:12:48:d6:5a:24:
a0:78:4c:ba:39:5c:85:c7:ac:bd:ec:85:17:23:4f:b4:55:c5:
19:69:d4:4e:df:49:32:40:69:85:86:1c:b3:57:6b:79:81:d8:
53:5f:ca:19:d1:70:76:13:15:29:b6:ef:b3:87:12:f4:36:50:
2f:4e:ab:81:13:4c:22:0a:7d:0a:12:49:4e:05:87:ee:28:c2:
2e:20:08:b2:95:9c:d9:eb:ba:73:99:35:b0:ea:24:e8:5c:ce:
ba:a9:22:37:2b:19:f7:3b:de:ed:b0:a1:92:97:90:19:34:79:
9e:0b:6b:a0:58:04:5a:4b:e0:b5:73:ff:c3:08:b2:12:11:d5:
0a:6f:0a:7c:1d:d5:96:3a:e6:1e:ff:ed:8b:70:5a:64:ae:bd:
26:d5:f1:0a:7d:13:03:d0:3d:61:e3:72:51:b4:2d:e4:71:dd:
a4:b8:67:ac:96:62:ea:9b:94:e9:c9:80:2c:3c:f0:eb:1e:6e:
14:1d:72:eb:b7:59:a7:21:7c:03:e1:1a:3c:37:16:32:ba:60:
f2:5d:2d:ae:d5:30:83:5d:b0:dc:e3:fb:c2:77:3f:5d:1d:6a:
bb:1f:38:bd:80:df:aa:d3:bf:da:1a:c9:c3:32:c4:08:b8:32:
da:d6:03:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuAFYXvR/9L9N5L+i1vUbSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDM2OWEzNTg5NjFmNzI4NGZiZDU5MWU5Mjc3MzdjZGIw
NWMzNWQwHhcNMjMxMDMwMTAxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzI3ZDVlMTRlODU1YWM2NzhhOGFiZGI3YmY5M2YyNWU4OGM3ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVHgy6WMIyvBffI9iK5I6ZTHgw8G
VGSal7BEhmHnNOFV/JI6bGFSZdRk8/mVNi/ldS7BsEU2/wH3EgQssK9YDMmPJ6yf
n8o2R/eiPW2HSzYXVtLvAnKiELity/j6/ht7ajjG7HGe5wwEEhnwpGAccJkepI6f
hfFu1LGY9MijeyVkBJPlX+hSh2xNMJPVA+BKzallE0MX19HX8l9t7vvgkj8yQgKU
IslyEECjqcAtDnv1g9ooNxRXmMoZVDi9ZYTFE7c5E0imljcIAvNogbg5IPOLW0i/
QL8sbHbyOm56Mxto3vM8j1WgECmjiVNqsxd8wzqFqmyGTNkYZDjmFQM1lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcn1eFOhVrGeKir23v5PyXojH5+MB8GA1UdIwQY
MBaAFAgDaaNYlh9yhPvVkeknc3zbBcNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMt
M2YxYjE2YzZjZDYzLzEvWnlmVjRVNkZXc1o0cUt2YmVfa19KZWlNZm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMtM2YxYjE2YzZjZDYz
LzEvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUVyAMA0G
CSqGSIb3DQEBCwUAA4IBAQB5Fj/4dTbsvvrMDsCUEkjWWiSgeEy6OVyFx6y97IUX
I0+0VcUZadRO30kyQGmFhhyzV2t5gdhTX8oZ0XB2ExUptu+zhxL0NlAvTquBE0wi
Cn0KEklOBYfuKMIuIAiylZzZ67pzmTWw6iToXM66qSI3Kxn3O97tsKGSl5AZNHme
C2ugWARaS+C1c//DCLISEdUKbwp8HdWWOuYe/+2LcFpkrr0m1fEKfRMD0D1h43JR
tC3kcd2kuGeslmLqm5TpyYAsPPDrHm4UHXLrt1mnIXwD4Ro8NxYyumDyXS2u1TCD
XbDc4/vCdz9dHWq7Hzi9gN+q07/aGsnDMsQIuDLa1gNQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:47 2025 by rpki-client