Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/ztdOERS6ExgHvX36KT8Cs6v5v78.roa
File: ztdOERS6ExgHvX36KT8Cs6v5v78.roa (raw, json)
Hash identifier: NXLBO8JtUePXCn+UTkZxwt3T5dXViqjqYMXBwSrFpRw=
Subject key identifier: CE:D7:4E:11:14:BA:13:18:07:BD:7D:FA:29:3F:02:B3:AB:F9:BF:BF
Certificate issuer: /CN=368e35a05f2707b5a741c2a72f5e4bb34c9b09a8
Certificate serial: 018572DEE83B3ABF995A032ECA543BD83349
Authority key identifier: 36:8E:35:A0:5F:27:07:B5:A7:41:C2:A7:2F:5E:4B:B3:4C:9B:09:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/No41oF8nB7WnQcKnL15Ls0ybCag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/ztdOERS6ExgHvX36KT8Cs6v5v78.roa
Signing time: Mon 02 Jan 2023 14:24:49 +0000
ROA not before: Mon 02 Jan 2023 14:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8596
IP address blocks: 185.74.0.0/22 maxlen: 22
82.150.192.0/19 maxlen: 19
2a02:5d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:e8:3b:3a:bf:99:5a:03:2e:ca:54:3b:d8:33:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368e35a05f2707b5a741c2a72f5e4bb34c9b09a8
Validity
Not Before: Jan 2 14:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ced74e1114ba131807bd7dfa293f02b3abf9bfbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:12:f6:e2:78:db:1b:68:46:47:5c:9c:bc:4a:
2c:44:ee:48:b0:14:69:98:76:8d:a0:ad:da:b6:26:
39:48:96:dd:06:6e:7b:fd:a1:46:da:64:ac:7a:b0:
a6:3e:6f:41:23:f3:cd:ca:35:eb:64:0a:0e:66:67:
66:e7:98:36:08:80:8c:b1:c3:e6:1f:1e:0f:50:94:
d7:16:ea:43:d1:11:4a:c0:80:7e:8f:b7:22:48:b0:
8d:72:6d:bd:29:5c:3f:86:3a:e5:24:ce:5a:25:14:
5a:58:01:28:f3:6b:b2:1e:17:7d:33:de:d0:94:6e:
5e:6e:bc:a7:2e:94:f5:7a:00:a8:76:00:ce:de:be:
19:5e:34:d0:a2:73:93:1e:65:53:a2:9e:ad:66:cd:
d5:f4:c3:3a:07:47:6c:f1:7c:86:51:33:b0:40:ce:
ad:d9:d5:1c:e7:70:57:15:c3:36:f5:49:0c:53:c2:
e2:15:4f:9c:53:e4:f0:0d:d8:b7:e6:c8:29:26:a5:
89:23:4d:4d:b4:39:bd:70:a7:a0:02:b5:f0:12:e5:
11:d4:cc:21:a2:e5:f3:87:1e:16:63:ff:dc:a3:dd:
67:4f:b7:aa:bc:70:91:ba:d4:ac:05:b4:57:7d:fc:
6e:08:10:23:dd:80:55:bf:f4:c8:7e:21:0e:aa:51:
74:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D7:4E:11:14:BA:13:18:07:BD:7D:FA:29:3F:02:B3:AB:F9:BF:BF
X509v3 Authority Key Identifier:
keyid:36:8E:35:A0:5F:27:07:B5:A7:41:C2:A7:2F:5E:4B:B3:4C:9B:09:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/No41oF8nB7WnQcKnL15Ls0ybCag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/ztdOERS6ExgHvX36KT8Cs6v5v78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/No41oF8nB7WnQcKnL15Ls0ybCag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.192.0/19
185.74.0.0/22
IPv6:
2a02:5d8::/32
Signature Algorithm: sha256WithRSAEncryption
c4:a0:1f:58:3c:57:a7:67:5c:ba:29:ca:1c:c5:4f:71:b4:2c:
77:80:a3:fe:5e:58:54:50:9c:7e:b4:6c:e6:54:5a:bf:7f:64:
54:56:ca:40:50:4d:6c:86:53:c2:6e:34:4c:3f:7a:52:5a:93:
e3:21:97:10:67:fb:e5:aa:2b:1b:6c:fb:3b:4d:18:f8:0d:ae:
10:d5:14:4d:a6:8a:01:a3:ae:7d:33:9e:91:d2:41:bd:3d:bb:
b3:96:65:33:48:70:e3:52:d2:4c:19:32:08:05:26:6c:67:20:
b1:f2:59:a3:b1:60:df:f9:a2:59:ec:05:2e:f5:64:6f:02:42:
8d:aa:4a:f9:9b:0f:ad:81:64:2b:92:4d:04:88:e9:7a:74:a3:
9c:80:ae:c2:4e:c5:0a:38:df:c7:b9:a7:00:e2:f8:3f:b6:08:
ae:61:ad:0f:bf:29:c7:f9:39:9c:79:14:ed:69:84:d1:c3:17:
4c:ed:da:1a:d3:e1:e2:91:f2:4d:f9:33:5a:7a:e7:4f:9e:40:
13:84:93:dc:7b:cc:70:51:a5:8f:f5:b8:80:83:7c:af:b0:27:
61:d9:99:aa:09:9f:bc:6d:de:0a:a2:bb:9a:df:df:f5:1c:0e:
7a:5a:1c:9c:fa:80:7c:8b:48:45:aa:97:6c:3c:54:55:2e:c1:
d4:a7:e2:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVy3ug7Or+ZWgMuylQ72DNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGUzNWEwNWYyNzA3YjVhNzQxYzJhNzJmNWU0YmIzNGM5
YjA5YTgwHhcNMjMwMTAyMTQyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQ3NGUxMTE0YmExMzE4MDdiZDdkZmEyOTNmMDJiM2FiZjliZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRL24njbG2hGR1ycvEosRO5IsBRp
mHaNoK3atiY5SJbdBm57/aFG2mSserCmPm9BI/PNyjXrZAoOZmdm55g2CICMscPm
Hx4PUJTXFupD0RFKwIB+j7ciSLCNcm29KVw/hjrlJM5aJRRaWAEo82uyHhd9M97Q
lG5ebrynLpT1egCodgDO3r4ZXjTQonOTHmVTop6tZs3V9MM6B0ds8XyGUTOwQM6t
2dUc53BXFcM29UkMU8LiFU+cU+TwDdi35sgpJqWJI01NtDm9cKegArXwEuUR1Mwh
ouXzhx4WY//co91nT7eqvHCRutSsBbRXffxuCBAj3YBVv/TIfiEOqlF0pwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM7XThEUuhMYB719+ik/ArOr+b+/MB8GA1UdIwQY
MBaAFDaONaBfJwe1p0HCpy9eS7NMmwmoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm80MW9GOG5CN1duUWNLbkwxNUxzMHliQ2FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9iYjU0ZDEtODkyZC00NzExLWE5Y2Yt
NzZmMTM1YzRmMzExLzEvenRkT0VSUzZFeGdIdlgzNktUOENzNnY1djc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9iYjU0ZDEtODkyZC00NzExLWE5Y2YtNzZmMTM1YzRmMzEx
LzEvTm80MW9GOG5CN1duUWNLbkwxNUxzMHliQ2FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUpbAAwQC
uUoAMA0EAgACMAcDBQAqAgXYMA0GCSqGSIb3DQEBCwUAA4IBAQDEoB9YPFenZ1y6
KcocxU9xtCx3gKP+XlhUUJx+tGzmVFq/f2RUVspAUE1shlPCbjRMP3pSWpPjIZcQ
Z/vlqisbbPs7TRj4Da4Q1RRNpooBo659M56R0kG9PbuzlmUzSHDjUtJMGTIIBSZs
ZyCx8lmjsWDf+aJZ7AUu9WRvAkKNqkr5mw+tgWQrkk0EiOl6dKOcgK7CTsUKON/H
uacA4vg/tgiuYa0PvynH+TmceRTtaYTRwxdM7doa0+HikfJN+TNaeudPnkAThJPc
e8xwUaWP9biAg3yvsCdh2ZmqCZ+8bd4Korua39/1HA56Whyc+oB8i0hFqpdsPFRV
LsHUp+LT
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:19:53 2025 by rpki-client