Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2e4e54-0548-4d0c-93f1-75461abbb5a4/1/Z83rF1o09r8WFpShX9nq2fIpPI0.roa
File: Z83rF1o09r8WFpShX9nq2fIpPI0.roa (raw, json)
Hash identifier: l0QUTQ++aa+d2ECVhAhIrRpvu9y2qNk23+1ZgdganuU=
Subject key identifier: 67:CD:EB:17:5A:34:F6:BF:16:16:94:A1:5F:D9:EA:D9:F2:29:3C:8D
Certificate issuer: /CN=317b8147503ea19f581ca00d28dbee5e58cb8f48
Certificate serial: 018572A7F5F14D84BD9F1C666C532DDD33E2
Authority key identifier: 31:7B:81:47:50:3E:A1:9F:58:1C:A0:0D:28:DB:EE:5E:58:CB:8F:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXuBR1A-oZ9YHKANKNvuXljLj0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2e4e54-0548-4d0c-93f1-75461abbb5a4/1/Z83rF1o09r8WFpShX9nq2fIpPI0.roa
Signing time: Mon 02 Jan 2023 13:24:47 +0000
ROA not before: Mon 02 Jan 2023 13:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58160
IP address blocks: 185.93.212.0/23 maxlen: 23
2a00:d900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:f5:f1:4d:84:bd:9f:1c:66:6c:53:2d:dd:33:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317b8147503ea19f581ca00d28dbee5e58cb8f48
Validity
Not Before: Jan 2 13:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67cdeb175a34f6bf161694a15fd9ead9f2293c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6e:ca:a7:64:06:bc:8b:04:33:0d:d1:ed:13:
1c:bb:70:1e:71:13:b6:69:76:d0:2c:1c:68:6a:ab:
54:ed:56:ae:78:56:58:f7:02:f5:cc:20:c1:b7:2f:
30:57:88:03:4b:ca:39:cb:fd:7b:b4:a3:98:08:16:
d2:9b:83:05:6a:2a:93:3a:a6:4f:89:47:87:a6:aa:
7f:74:f8:27:c5:e4:3b:a1:5f:67:84:f7:34:9a:d5:
5b:e1:bb:a3:fd:f3:b1:2a:f7:5f:95:77:23:78:02:
ea:c4:4f:f5:bc:82:b1:a0:de:73:24:6d:a5:55:4f:
b3:da:7f:89:28:aa:8a:d2:44:36:c8:58:9a:74:dc:
cd:5c:32:17:ba:9b:b6:19:e5:ab:77:8c:35:54:a2:
f6:5f:79:a7:d0:94:53:f2:fd:50:31:85:ed:b5:2b:
bd:ba:00:29:5e:bd:b8:53:e7:9d:a0:b0:13:a1:4c:
57:e9:2f:e9:9b:28:ed:23:2c:28:db:0f:19:0e:f1:
1e:b9:40:49:97:45:7d:dd:68:f2:e7:53:99:7f:f6:
10:2e:6a:0c:ae:ba:1e:50:e6:8b:15:b3:07:10:45:
a1:f2:34:23:11:c2:68:e9:b0:7b:8c:fd:6e:11:53:
73:f5:a9:4a:29:4d:7c:cc:a8:5d:11:11:46:63:10:
27:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CD:EB:17:5A:34:F6:BF:16:16:94:A1:5F:D9:EA:D9:F2:29:3C:8D
X509v3 Authority Key Identifier:
keyid:31:7B:81:47:50:3E:A1:9F:58:1C:A0:0D:28:DB:EE:5E:58:CB:8F:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXuBR1A-oZ9YHKANKNvuXljLj0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2e4e54-0548-4d0c-93f1-75461abbb5a4/1/Z83rF1o09r8WFpShX9nq2fIpPI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2e4e54-0548-4d0c-93f1-75461abbb5a4/1/MXuBR1A-oZ9YHKANKNvuXljLj0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.212.0/23
IPv6:
2a00:d900::/32
Signature Algorithm: sha256WithRSAEncryption
be:73:3f:fe:f8:4b:f2:f8:05:97:d5:8c:a1:ad:a2:10:ad:10:
d4:15:20:75:97:f1:f4:76:77:b9:4c:bd:d4:fc:bf:3f:29:db:
70:74:b9:7d:46:3b:48:8c:38:0a:e2:34:07:a1:16:16:c6:14:
3c:90:e9:0c:11:5c:09:bb:50:07:7f:23:61:d5:65:7e:82:2b:
ba:f8:3b:d5:59:95:49:ab:a3:6a:1d:cf:24:b1:36:3d:65:a2:
89:b8:2c:5f:4f:f3:70:bd:82:c0:d1:14:9e:82:cc:26:eb:2a:
b5:ac:fa:79:75:07:00:19:c8:3f:c6:75:67:68:c6:c3:b7:a5:
ed:3f:d6:f0:94:df:8e:e1:77:3e:78:58:c3:03:30:75:3a:3d:
f9:2d:be:17:93:74:31:38:7e:da:2b:f8:f0:8c:51:6a:b8:43:
3d:94:1e:89:79:cb:23:d8:a0:4d:9c:5e:cc:fc:29:90:40:46:
a7:2d:26:6a:34:5e:47:82:ed:b4:88:81:2b:99:33:47:c3:9d:
40:df:4d:93:64:18:df:a3:b1:3c:a7:0e:fc:33:29:28:d4:ac:
b6:27:28:e5:af:5a:d8:be:f1:e5:2a:7e:9a:1d:39:29:d9:94:
f2:81:90:79:5a:59:cc:80:a5:b8:fa:76:a1:a4:0d:ed:8c:18:
34:9c:c7:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyp/XxTYS9nxxmbFMt3TPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxN2I4MTQ3NTAzZWExOWY1ODFjYTAwZDI4ZGJlZTVlNThj
YjhmNDgwHhcNMjMwMTAyMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NkZWIxNzVhMzRmNmJmMTYxNjk0YTE1ZmQ5ZWFkOWYyMjkzYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW7Kp2QGvIsEMw3R7RMcu3AecRO2
aXbQLBxoaqtU7VaueFZY9wL1zCDBty8wV4gDS8o5y/17tKOYCBbSm4MFaiqTOqZP
iUeHpqp/dPgnxeQ7oV9nhPc0mtVb4buj/fOxKvdflXcjeALqxE/1vIKxoN5zJG2l
VU+z2n+JKKqK0kQ2yFiadNzNXDIXupu2GeWrd4w1VKL2X3mn0JRT8v1QMYXttSu9
ugApXr24U+edoLAToUxX6S/pmyjtIywo2w8ZDvEeuUBJl0V93Wjy51OZf/YQLmoM
rroeUOaLFbMHEEWh8jQjEcJo6bB7jP1uEVNz9alKKU18zKhdERFGYxAnAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGfN6xdaNPa/FhaUoV/Z6tnyKTyNMB8GA1UdIwQY
MBaAFDF7gUdQPqGfWBygDSjb7l5Yy49IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVh1QlIxQS1vWjlZSEtBTktOdnVYbGpMajBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yZTRlNTQtMDU0OC00ZDBjLTkzZjEt
NzU0NjFhYmJiNWE0LzEvWjgzckYxbzA5cjhXRnBTaFg5bnEyZklwUEkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yZTRlNTQtMDU0OC00ZDBjLTkzZjEtNzU0NjFhYmJiNWE0
LzEvTVh1QlIxQS1vWjlZSEtBTktOdnVYbGpMajBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuV3UMA0E
AgACMAcDBQAqANkAMA0GCSqGSIb3DQEBCwUAA4IBAQC+cz/++Evy+AWX1YyhraIQ
rRDUFSB1l/H0dne5TL3U/L8/KdtwdLl9RjtIjDgK4jQHoRYWxhQ8kOkMEVwJu1AH
fyNh1WV+giu6+DvVWZVJq6NqHc8ksTY9ZaKJuCxfT/NwvYLA0RSegswm6yq1rPp5
dQcAGcg/xnVnaMbDt6XtP9bwlN+O4Xc+eFjDAzB1Oj35Lb4Xk3QxOH7aK/jwjFFq
uEM9lB6Jecsj2KBNnF7M/CmQQEanLSZqNF5Hgu20iIErmTNHw51A302TZBjfo7E8
pw78Myko1Ky2Jyjlr1rYvvHlKn6aHTkp2ZTygZB5WlnMgKW4+nahpA3tjBg0nMem
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:55:54 2025 by rpki-client