Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/ZfChnQ2PzcuJ3WiRr4dK5pC_XVU.roa
File: ZfChnQ2PzcuJ3WiRr4dK5pC_XVU.roa (raw, json)
Hash identifier: C7/Gs8mbKeEhKxsJqi4pOZ0usO8dT5RaveQdDlEJF0c=
Subject key identifier: 65:F0:A1:9D:0D:8F:CD:CB:89:DD:68:91:AF:87:4A:E6:90:BF:5D:55
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 01856E389F200EE57FDF3F70C643930167BA
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/ZfChnQ2PzcuJ3WiRr4dK5pC_XVU.roa
Signing time: Sun 01 Jan 2023 16:44:42 +0000
ROA not before: Sun 01 Jan 2023 16:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41926
IP address blocks: 193.34.101.0/24 maxlen: 24
193.34.103.0/24 maxlen: 24
193.34.100.0/24 maxlen: 24
193.34.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:9f:20:0e:e5:7f:df:3f:70:c6:43:93:01:67:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Jan 1 16:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f0a19d0d8fcdcb89dd6891af874ae690bf5d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5c:5f:19:1d:65:98:41:a1:7e:1a:ec:22:4d:
aa:43:38:4a:da:eb:52:ae:a2:59:cf:9f:65:10:4a:
70:df:ac:0f:b9:75:cb:0f:fd:d1:9d:39:3f:4c:a6:
f5:95:b0:81:a6:67:9a:33:c7:19:4b:b5:4e:96:c6:
2d:05:df:92:a0:69:32:a6:53:8a:25:d8:c7:75:50:
8f:ca:fe:59:84:2d:57:98:43:fe:59:46:93:d5:7d:
f9:fc:31:f7:a6:d0:65:2a:b3:a2:03:89:b3:77:86:
da:5b:59:53:57:a6:08:9d:1d:e4:98:cd:34:f6:c9:
13:d6:ed:63:ea:0d:b1:a2:8a:7a:0f:48:53:f0:9b:
fb:8e:bb:6e:95:b6:dd:9a:54:d1:cd:a3:7a:fe:21:
bf:f5:69:41:7c:c4:48:35:24:58:5a:53:23:ae:d5:
87:43:b8:be:39:c2:f9:53:fc:e5:de:d0:a9:d4:dc:
83:17:1e:cf:4d:e3:30:ef:e3:f7:c6:f4:bd:0f:44:
63:44:4e:aa:e4:a3:de:71:99:c9:7b:00:61:4e:89:
9c:4d:45:fd:b5:56:29:4e:85:89:5d:7b:d7:43:1f:
96:2b:75:d9:fb:44:5c:ac:30:a7:90:3d:81:b9:66:
af:4b:94:5f:78:53:83:ae:ab:85:ac:03:3c:4b:99:
76:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F0:A1:9D:0D:8F:CD:CB:89:DD:68:91:AF:87:4A:E6:90:BF:5D:55
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/ZfChnQ2PzcuJ3WiRr4dK5pC_XVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.100.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:95:9f:a9:2d:94:9e:9a:23:ad:34:96:54:c8:38:c7:7d:18:
a1:0b:48:eb:cb:6b:0b:ae:51:15:11:35:5e:7a:7a:ae:88:89:
f4:b9:74:1c:9d:83:a2:a2:15:05:aa:a1:b4:60:95:62:ef:bc:
66:5e:72:a5:b6:cc:b0:be:bf:38:38:67:4a:b7:cd:75:13:ed:
fd:e4:1c:af:a5:f8:21:f4:a3:c3:db:ef:d0:f1:01:bf:02:32:
d4:82:fd:e9:95:99:49:58:d7:1d:78:7f:19:bc:af:93:95:9f:
bd:68:b8:f8:f6:bb:a1:cc:f1:84:20:bf:ff:dc:bf:14:7f:c7:
be:4c:f3:eb:99:e7:f6:62:84:3c:6d:f5:6e:e9:68:cc:32:7c:
8f:55:17:89:f7:de:8f:a0:3a:76:12:73:74:d1:70:84:03:6e:
2c:38:f9:c8:2e:35:8d:1b:68:fa:39:31:18:62:e9:f7:c2:e7:
dc:83:03:a0:7c:5f:ea:f8:c4:6e:ad:87:ae:64:11:be:d5:7d:
72:d6:8b:89:2f:34:43:cc:07:9b:96:32:0d:13:22:f8:01:b3:
4c:65:4b:20:7c:81:8a:68:d5:03:ca:c8:fd:8a:77:28:01:26:
58:2a:65:c9:2a:b1:fa:89:d6:bc:3f:d4:98:4a:b2:27:80:38:
e8:12:ba:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOJ8gDuV/3z9wxkOTAWe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjMwMTAxMTY0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWYwYTE5ZDBkOGZjZGNiODlkZDY4OTFhZjg3NGFlNjkwYmY1ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVxfGR1lmEGhfhrsIk2qQzhK2utS
rqJZz59lEEpw36wPuXXLD/3RnTk/TKb1lbCBpmeaM8cZS7VOlsYtBd+SoGkyplOK
JdjHdVCPyv5ZhC1XmEP+WUaT1X35/DH3ptBlKrOiA4mzd4baW1lTV6YInR3kmM00
9skT1u1j6g2xoop6D0hT8Jv7jrtulbbdmlTRzaN6/iG/9WlBfMRINSRYWlMjrtWH
Q7i+OcL5U/zl3tCp1NyDFx7PTeMw7+P3xvS9D0RjRE6q5KPecZnJewBhTomcTUX9
tVYpToWJXXvXQx+WK3XZ+0RcrDCnkD2BuWavS5RfeFODrquFrAM8S5l2qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXwoZ0Nj83Lid1oka+HSuaQv11VMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvWmZDaG5RMlB6Y3VKM1dpUnI0ZEs1cENfWFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSJkMA0G
CSqGSIb3DQEBCwUAA4IBAQAulZ+pLZSemiOtNJZUyDjHfRihC0jry2sLrlEVETVe
enquiIn0uXQcnYOiohUFqqG0YJVi77xmXnKltsywvr84OGdKt811E+395Byvpfgh
9KPD2+/Q8QG/AjLUgv3plZlJWNcdeH8ZvK+TlZ+9aLj49ruhzPGEIL//3L8Uf8e+
TPPrmef2YoQ8bfVu6WjMMnyPVReJ996PoDp2EnN00XCEA24sOPnILjWNG2j6OTEY
Yun3wufcgwOgfF/q+MRurYeuZBG+1X1y1ouJLzRDzAebljINEyL4AbNMZUsgfIGK
aNUDysj9incoASZYKmXJKrH6ida8P9SYSrIngDjoErpt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:05 2025 by rpki-client