Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/pzlmQ-yTvibw5rRLTnAhPI2GJgU.roa
File: pzlmQ-yTvibw5rRLTnAhPI2GJgU.roa (raw, json)
Hash identifier: 5Snn75P4YHhfXxYUGFx2vl6hpahnzOOjCAmq1OReNCs=
Subject key identifier: A7:39:66:43:EC:93:BE:26:F0:E6:B4:4B:4E:70:21:3C:8D:86:26:05
Certificate issuer: /CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Certificate serial: 01822D10AAA5745472D2DBA0BEC43D125C75
Authority key identifier: 6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/pzlmQ-yTvibw5rRLTnAhPI2GJgU.roa
Signing time: Sat 23 Jul 2022 21:57:23 +0000
ROA not before: Sat 23 Jul 2022 21:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201502
IP address blocks: 185.253.80.0/22 maxlen: 24
185.13.220.0/22 maxlen: 24
2a03:a6c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2d:10:aa:a5:74:54:72:d2:db:a0:be:c4:3d:12:5c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Validity
Not Before: Jul 23 21:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7396643ec93be26f0e6b44b4e70213c8d862605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:96:20:31:5a:36:18:36:54:d9:95:8b:ca:82:
ea:a2:93:e5:8e:00:ec:59:b7:c9:9f:a5:0e:ff:45:
a0:51:8e:e2:59:94:79:f9:a0:eb:5d:27:be:7e:83:
24:0f:30:83:66:0b:52:70:41:9c:c1:c7:4c:d5:bd:
7d:8f:08:d9:f5:68:b0:53:89:e7:b5:67:33:5b:fe:
d0:24:f1:01:87:dd:f6:2f:84:2f:91:ba:2c:19:7c:
36:61:7c:d1:3b:af:e2:d9:3f:86:a5:eb:43:9a:eb:
e6:89:ab:b7:e6:12:e7:79:e4:fc:c3:3e:e7:d7:86:
ec:e0:61:19:94:96:42:9f:e4:e2:94:d7:29:97:c9:
6e:ed:7d:45:5e:9e:7b:da:f3:49:41:ef:c4:86:a7:
db:55:f3:24:83:e5:e4:8c:57:35:6d:d4:8d:49:95:
1b:bf:a1:59:78:28:5d:f5:ee:59:d2:fa:f6:65:93:
2d:98:f9:16:60:0e:91:15:e1:bc:ec:b7:90:1e:89:
9c:e8:2e:70:78:db:b0:85:16:1f:16:40:53:a9:d1:
e3:86:ab:4d:74:07:90:bb:ae:27:98:11:58:84:b6:
44:17:71:e3:c9:b6:24:22:0d:60:ca:b2:b3:da:65:
ec:61:6d:68:65:30:1e:8c:f9:b3:9b:06:04:f5:cc:
50:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:39:66:43:EC:93:BE:26:F0:E6:B4:4B:4E:70:21:3C:8D:86:26:05
X509v3 Authority Key Identifier:
keyid:6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/pzlmQ-yTvibw5rRLTnAhPI2GJgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/a7ptDw-bGff0POtD5zWaPYTpnZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.220.0/22
185.253.80.0/22
IPv6:
2a03:a6c0::/32
Signature Algorithm: sha256WithRSAEncryption
5d:03:74:fa:18:cf:d8:0d:2a:0a:db:9d:32:f5:7c:4f:c6:57:
44:0a:d3:67:5e:38:32:67:db:4a:d4:eb:18:d9:2a:30:a5:61:
0b:bc:d6:4a:ca:b0:55:37:20:82:1b:86:6e:4a:8e:61:31:8c:
99:ea:d6:1e:e0:5f:22:bd:1a:91:5b:1e:f8:a0:e5:c8:4e:00:
68:c5:c1:9c:28:6d:b3:58:dc:fc:4b:82:d4:af:fb:ff:d7:d3:
f9:21:8f:40:96:03:38:e4:9d:0f:ce:42:d8:07:f0:9a:82:96:
6d:c8:3e:9c:17:d4:66:c2:64:8c:79:dc:58:15:9e:68:2e:60:
08:66:ff:c3:cc:08:b2:91:90:b9:96:cd:95:c4:9b:73:db:45:
29:16:a5:e0:02:aa:ec:4e:47:ad:64:2a:3d:b2:f1:a6:0b:bb:
96:14:01:c0:5e:30:03:a0:99:db:a1:bc:26:4f:8a:96:fc:1f:
93:57:8c:f6:f8:fd:d6:44:dd:6b:b7:98:1f:2d:53:51:15:32:
bc:71:01:d2:c6:a0:6b:56:46:c8:29:75:9a:a7:1d:a8:02:5a:
f7:b7:0b:57:7b:c2:ff:79:2d:35:45:25:fa:9d:d0:21:f6:ec:
df:46:2b:0d:3a:44:9b:2c:87:9b:09:df:76:2a:9a:7c:31:87:
c8:53:ba:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYItEKqldFRy0tugvsQ9Elx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYmE2ZDBmMGY5YjE5ZjdmNDNjZWI0M2U3MzU5YTNkODRl
OTlkOTkwHhcNMjIwNzIzMjE1NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM5NjY0M2VjOTNiZTI2ZjBlNmI0NGI0ZTcwMjEzYzhkODYyNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5YgMVo2GDZU2ZWLyoLqopPljgDs
WbfJn6UO/0WgUY7iWZR5+aDrXSe+foMkDzCDZgtScEGcwcdM1b19jwjZ9WiwU4nn
tWczW/7QJPEBh932L4QvkbosGXw2YXzRO6/i2T+GpetDmuvmiau35hLneeT8wz7n
14bs4GEZlJZCn+TilNcpl8lu7X1FXp572vNJQe/EhqfbVfMkg+XkjFc1bdSNSZUb
v6FZeChd9e5Z0vr2ZZMtmPkWYA6RFeG87LeQHomc6C5weNuwhRYfFkBTqdHjhqtN
dAeQu64nmBFYhLZEF3HjybYkIg1gyrKz2mXsYW1oZTAejPmzmwYE9cxQ8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKc5ZkPsk74m8Oa0S05wITyNhiYFMB8GA1UdIwQY
MBaAFGu6bQ8Pmxn39DzrQ+c1mj2E6Z2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2Yt
MmFlYWRiOTY2Yjc2LzEvcHpsbVEteVR2aWJ3NXJSTFRuQWhQSTJHSmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2YtMmFlYWRiOTY2Yjc2
LzEvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQ3cAwQC
uf1QMA0EAgACMAcDBQAqA6bAMA0GCSqGSIb3DQEBCwUAA4IBAQBdA3T6GM/YDSoK
250y9XxPxldECtNnXjgyZ9tK1OsY2SowpWELvNZKyrBVNyCCG4ZuSo5hMYyZ6tYe
4F8ivRqRWx74oOXITgBoxcGcKG2zWNz8S4LUr/v/19P5IY9AlgM45J0PzkLYB/Ca
gpZtyD6cF9RmwmSMedxYFZ5oLmAIZv/DzAiykZC5ls2VxJtz20UpFqXgAqrsTket
ZCo9svGmC7uWFAHAXjADoJnbobwmT4qW/B+TV4z2+P3WRN1rt5gfLVNRFTK8cQHS
xqBrVkbIKXWapx2oAlr3twtXe8L/eS01RSX6ndAh9uzfRisNOkSbLIebCd92Kpp8
MYfIU7rL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:25 2025 by rpki-client