Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/zRiScDR9Ih7P_54Hdgx0f-YRoSU.roa
File: zRiScDR9Ih7P_54Hdgx0f-YRoSU.roa (raw, json)
Hash identifier: CyREuLEcIt1fgHOcQLeQFZTe3pL78Kx3n/sl7Bsc+XM=
Subject key identifier: CD:18:92:70:34:7D:22:1E:CF:FF:9E:07:76:0C:74:7F:E6:11:A1:25
Certificate issuer: /CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Certificate serial: 01862B86A53BBFDED473670365D45E46E9BD
Authority key identifier: 3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/zRiScDR9Ih7P_54Hdgx0f-YRoSU.roa
Signing time: Tue 07 Feb 2023 10:58:09 +0000
ROA not before: Tue 07 Feb 2023 10:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34529
IP address blocks: 37.34.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:86:a5:3b:bf:de:d4:73:67:03:65:d4:5e:46:e9:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Validity
Not Before: Feb 7 10:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd189270347d221ecfff9e07760c747fe611a125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:84:22:9a:3f:81:7a:9d:31:c9:53:21:c4:
57:66:86:92:5a:b6:fb:c7:8d:fd:1b:81:65:57:76:
72:2a:83:22:fc:b5:7d:fe:8a:f8:99:e7:f3:9b:aa:
42:fb:ef:b5:cd:89:ee:95:99:f0:cc:ed:1d:16:bb:
18:81:7a:23:46:24:ab:42:0a:45:29:a9:79:37:d3:
f9:61:85:c5:87:1b:61:cc:f0:9f:bd:4b:43:8e:29:
86:07:4c:a2:d6:de:ba:b6:56:a7:54:26:32:be:a0:
29:3a:2d:45:49:ca:ae:c1:6a:6e:a4:e0:d0:30:7e:
1c:10:2f:a6:d6:dd:b6:4a:5c:f4:c6:52:53:89:e1:
9c:95:69:67:be:7b:b6:c7:2e:2e:b6:3d:54:d1:e9:
b7:41:ab:64:fb:4d:2d:00:2a:79:1b:b2:f9:3c:b3:
9c:a5:d9:89:70:2b:ef:e9:f7:37:54:d2:3d:5d:83:
49:34:53:8e:af:6b:99:48:51:d9:2e:8f:58:af:fd:
d5:96:62:1d:b7:57:1d:fc:4c:5a:88:3f:73:f5:e2:
a8:db:f1:49:79:36:fd:bc:ae:02:94:c3:bd:4e:b7:
e9:1d:60:48:6a:45:e6:52:0f:aa:ae:42:a9:f9:10:
6b:09:be:db:ab:25:68:48:7e:8f:96:3e:5e:1f:38:
8a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:18:92:70:34:7D:22:1E:CF:FF:9E:07:76:0C:74:7F:E6:11:A1:25
X509v3 Authority Key Identifier:
keyid:3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/zRiScDR9Ih7P_54Hdgx0f-YRoSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.104.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c2:e1:fb:aa:f4:2f:80:d5:1e:e0:63:76:08:10:ad:bf:cc:
98:15:b8:0b:78:af:3d:a9:c7:72:c7:e7:d9:ff:80:83:9f:31:
e3:56:c3:55:33:34:e1:e3:58:ab:e0:63:de:19:84:39:df:0e:
88:fd:40:4f:b4:0b:b9:87:18:5e:45:28:ca:97:40:26:f2:97:
ea:ef:a9:fa:86:c9:a6:2e:09:b7:eb:d9:bf:cf:9c:d3:74:95:
13:29:66:29:bd:0b:29:1c:20:94:60:ec:4b:b9:5f:35:72:82:
3b:17:fe:78:e7:94:78:e2:f8:54:59:db:25:5e:9d:42:11:7a:
8d:f2:9f:64:b7:7f:30:21:5f:6c:d9:94:42:18:02:66:23:0f:
0d:13:4a:6f:c3:03:16:29:07:b8:dd:0d:17:37:52:1a:44:b5:
8d:d0:cc:3e:89:50:a4:38:28:72:e0:c2:63:a6:d3:64:50:af:
06:cc:8e:78:d3:48:4a:8e:41:75:ce:96:1a:aa:bf:e1:78:7d:
a1:f4:c0:20:b9:29:7c:16:89:e1:0c:cb:12:ab:42:4e:0c:fc:
cc:29:4f:11:de:be:a8:74:a1:b7:21:e2:ed:98:d8:95:7c:b1:
08:9c:a4:41:3c:e6:35:09:dd:c7:05:ed:48:8f:33:df:63:a0:
76:48:74:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYrhqU7v97Uc2cDZdReRum9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWIxMDQ0NjNlOTIwYjQ1NTQyYjZhZjFhMjdkNTk1MGU4
NmU5YTAwHhcNMjMwMjA3MTA1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDE4OTI3MDM0N2QyMjFlY2ZmZjllMDc3NjBjNzQ3ZmU2MTFhMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpiEIpo/gXqdMclTIcRXZoaSWrb7
x439G4FlV3ZyKoMi/LV9/or4mefzm6pC+++1zYnulZnwzO0dFrsYgXojRiSrQgpF
Kal5N9P5YYXFhxthzPCfvUtDjimGB0yi1t66tlanVCYyvqApOi1FScquwWpupODQ
MH4cEC+m1t22Slz0xlJTieGclWlnvnu2xy4utj1U0em3Qatk+00tACp5G7L5PLOc
pdmJcCvv6fc3VNI9XYNJNFOOr2uZSFHZLo9Yr/3VlmIdt1cd/ExaiD9z9eKo2/FJ
eTb9vK4ClMO9TrfpHWBIakXmUg+qrkKp+RBrCb7bqyVoSH6Plj5eHziKuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0YknA0fSIez/+eB3YMdH/mEaElMB8GA1UdIwQY
MBaAFD3rEERj6SC0VUK2rxon1ZUOhumgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMt
MTE5ZDhiZjcxN2JiLzEvelJpU2NEUjlJaDdQXzU0SGRneDBmLVlSb1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMtMTE5ZDhiZjcxN2Ji
LzEvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSJoMA0G
CSqGSIb3DQEBCwUAA4IBAQAVwuH7qvQvgNUe4GN2CBCtv8yYFbgLeK89qcdyx+fZ
/4CDnzHjVsNVMzTh41ir4GPeGYQ53w6I/UBPtAu5hxheRSjKl0Am8pfq76n6hsmm
Lgm369m/z5zTdJUTKWYpvQspHCCUYOxLuV81coI7F/5455R44vhUWdslXp1CEXqN
8p9kt38wIV9s2ZRCGAJmIw8NE0pvwwMWKQe43Q0XN1IaRLWN0Mw+iVCkOChy4MJj
ptNkUK8GzI5400hKjkF1zpYaqr/heH2h9MAguSl8FonhDMsSq0JODPzMKU8R3r6o
dKG3IeLtmNiVfLEInKRBPOY1Cd3HBe1IjzPfY6B2SHRQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:55:19 2025 by rpki-client