Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/szj76EPeTlAGPMjSXQBeRfW0Bxo.roa
File: szj76EPeTlAGPMjSXQBeRfW0Bxo.roa (raw, json)
Hash identifier: 3LSMHrXEeS5g60KypBP+SslHIn6u6EV/g1M+XpCvn2o=
Subject key identifier: B3:38:FB:E8:43:DE:4E:50:06:3C:C8:D2:5D:00:5E:45:F5:B4:07:1A
Certificate issuer: /CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Certificate serial: 0186E529316D2CDDD473421E198BD83B77DA
Authority key identifier: AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/szj76EPeTlAGPMjSXQBeRfW0Bxo.roa
Signing time: Wed 15 Mar 2023 12:05:27 +0000
ROA not before: Wed 15 Mar 2023 12:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48288
IP address blocks: 185.161.77.0/24 maxlen: 24
87.104.128.0/18 maxlen: 18
87.104.240.0/20 maxlen: 20
2a00:8200::/32 maxlen: 32
2a12:3d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:29:31:6d:2c:dd:d4:73:42:1e:19:8b:d8:3b:77:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Validity
Not Before: Mar 15 12:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b338fbe843de4e50063cc8d25d005e45f5b4071a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ab:00:b9:7c:d6:37:dc:a8:86:d2:9d:a7:ad:
36:c0:f8:88:cf:20:8a:0f:eb:59:0e:7d:05:05:ab:
72:60:cf:f8:7d:d6:f4:02:d3:3a:4e:16:5a:1e:71:
51:39:ea:40:59:b4:4f:b7:47:4d:30:3a:c4:bf:76:
bb:72:a7:e9:af:05:1a:72:34:9c:9f:f3:57:5a:58:
ec:ec:6b:49:45:89:e7:3b:64:de:8c:fd:84:14:fd:
3d:47:21:c8:26:65:2e:1f:91:1a:c8:11:2a:ff:9e:
f1:a1:1b:0a:01:c9:9e:cf:a8:c9:c4:d0:ee:81:0d:
4a:7e:4f:9c:b0:fd:9c:1f:f4:09:1b:02:ba:a0:ee:
4c:f1:81:1b:3b:0b:dd:98:f7:f3:e2:dd:5d:97:35:
01:83:1a:b4:7b:5f:14:ea:33:0d:a4:e4:2b:8a:9a:
2b:3e:e3:14:ae:29:5d:09:67:e1:03:70:fa:8f:61:
ee:c0:e8:8a:84:cd:f5:c8:91:b4:e6:1e:8b:0d:a6:
09:6c:0e:e6:ce:eb:7b:de:a9:65:bc:07:61:d9:a7:
a0:01:58:53:03:ce:80:49:df:0a:33:99:58:a5:cf:
bf:21:61:22:47:0b:06:b5:77:85:a5:a3:e5:47:63:
65:14:88:53:7e:cc:38:20:36:a7:ed:8f:e4:98:81:
d8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:38:FB:E8:43:DE:4E:50:06:3C:C8:D2:5D:00:5E:45:F5:B4:07:1A
X509v3 Authority Key Identifier:
keyid:AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/szj76EPeTlAGPMjSXQBeRfW0Bxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.104.128.0/18
87.104.240.0/20
185.161.77.0/24
IPv6:
2a00:8200::/32
2a12:3d80::/29
Signature Algorithm: sha256WithRSAEncryption
51:7b:8c:70:ca:ec:68:d9:13:40:7b:ce:99:64:0f:f6:ee:0a:
10:c4:b5:3e:3b:a1:2d:33:c1:9f:66:59:67:a5:4b:0d:77:b8:
99:71:1d:4c:b5:5f:92:29:1e:28:06:e8:e8:76:80:cc:db:6d:
61:f9:42:42:ba:05:26:51:67:14:04:b3:d0:11:06:23:5e:c4:
67:67:46:25:4e:9b:03:d9:77:4d:86:66:69:9a:58:32:90:a2:
a6:9a:1b:a4:a4:ec:97:40:cf:aa:36:f4:1b:81:6d:5b:17:74:
fe:4c:9e:04:0c:b6:4f:b0:67:f8:63:71:5e:00:ad:c7:ae:87:
14:15:fe:15:54:90:00:f4:32:83:d3:18:9e:82:0a:97:f7:71:
b7:cc:bb:b7:7b:5f:4b:20:0f:1e:9d:8d:9e:41:64:39:e6:3e:
7e:e9:aa:76:e3:1e:ab:07:84:bf:03:30:a7:1c:d9:81:10:54:
19:e2:26:92:e7:1f:be:e9:d7:c6:d5:e8:3b:4a:65:6a:21:06:
a1:a0:10:ba:ae:72:19:fa:4e:bd:d3:85:de:94:e8:ae:e1:cd:
5d:b0:ec:2e:57:4e:81:b8:9b:33:9c:04:b4:f9:a6:0e:45:99:
94:9c:7b:83:d6:4b:7e:35:70:e0:b9:9d:fc:94:b7:ad:d9:75:
e0:90:38:b9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYblKTFtLN3Uc0IeGYvYO3faMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTdlYjk2NzQzOGZmYzRlYjY2NjMzZGQ4YzAzNTAxODkz
NjY3ZjcwHhcNMjMwMzE1MTIwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM4ZmJlODQzZGU0ZTUwMDYzY2M4ZDI1ZDAwNWU0NWY1YjQwNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKsAuXzWN9yohtKdp602wPiIzyCK
D+tZDn0FBatyYM/4fdb0AtM6ThZaHnFROepAWbRPt0dNMDrEv3a7cqfprwUacjSc
n/NXWljs7GtJRYnnO2TejP2EFP09RyHIJmUuH5EayBEq/57xoRsKAcmez6jJxNDu
gQ1Kfk+csP2cH/QJGwK6oO5M8YEbOwvdmPfz4t1dlzUBgxq0e18U6jMNpOQripor
PuMUrildCWfhA3D6j2HuwOiKhM31yJG05h6LDaYJbA7mzut73qllvAdh2aegAVhT
A86ASd8KM5lYpc+/IWEiRwsGtXeFpaPlR2NlFIhTfsw4IDan7Y/kmIHYDwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLM4++hD3k5QBjzI0l0AXkX1tAcaMB8GA1UdIwQY
MBaAFKyX65Z0OP/E62ZjPdjANQGJNmf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEt
Y2YxOTk3YzAyNTBkLzEvc3pqNzZFUGVUbEFHUE1qU1hRQmVSZlcwQnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEtY2YxOTk3YzAyNTBk
LzEvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQGV2iAAwQE
V2jwAwQAuaFNMBQEAgACMA4DBQAqAIIAAwUDKhI9gDANBgkqhkiG9w0BAQsFAAOC
AQEAUXuMcMrsaNkTQHvOmWQP9u4KEMS1PjuhLTPBn2ZZZ6VLDXe4mXEdTLVfkike
KAbo6HaAzNttYflCQroFJlFnFASz0BEGI17EZ2dGJU6bA9l3TYZmaZpYMpCippob
pKTsl0DPqjb0G4FtWxd0/kyeBAy2T7Bn+GNxXgCtx66HFBX+FVSQAPQyg9MYnoIK
l/dxt8y7t3tfSyAPHp2NnkFkOeY+fumqduMeqweEvwMwpxzZgRBUGeImkucfvunX
xtXoO0plaiEGoaAQuq5yGfpOvdOF3pToruHNXbDsLldOgbibM5wEtPmmDkWZlJx7
g9ZLfjVw4Lmd/JS3rdl14JA4uQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:15 2025 by rpki-client