Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/ZVPWiXwglQoqh-P1DcO_MdP0-Jc.roa
File: ZVPWiXwglQoqh-P1DcO_MdP0-Jc.roa (raw, json)
Hash identifier: MHMYMz9F7OV60JmCOJ8hnVeUruHj3tHaeh8C35fKpEE=
Subject key identifier: 65:53:D6:89:7C:20:95:0A:2A:87:E3:F5:0D:C3:BF:31:D3:F4:F8:97
Certificate issuer: /CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Certificate serial: 018571278D6A5C83F89BD0DA5BED78CC1ACF
Authority key identifier: C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/ZVPWiXwglQoqh-P1DcO_MdP0-Jc.roa
Signing time: Mon 02 Jan 2023 06:24:55 +0000
ROA not before: Mon 02 Jan 2023 06:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197889
IP address blocks: 85.119.8.0/21 maxlen: 21
185.223.16.0/23 maxlen: 23
185.223.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:8d:6a:5c:83:f8:9b:d0:da:5b:ed:78:cc:1a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Validity
Not Before: Jan 2 06:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6553d6897c20950a2a87e3f50dc3bf31d3f4f897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:4e:d7:17:c0:50:71:04:98:c6:ed:3c:d4:
21:1a:f5:51:52:8e:c1:0a:39:05:da:9e:6f:12:cc:
4b:54:a0:14:bc:5e:9c:bf:dd:d6:cf:50:c7:84:d3:
dd:c1:14:f7:7b:eb:fd:53:ff:08:4a:47:d0:3d:ee:
dc:bc:e3:dc:cf:ed:e6:33:00:8e:44:ae:12:7d:e5:
7d:15:7e:fe:3f:41:6d:cc:df:68:cc:78:81:82:f1:
1c:86:a4:35:13:f4:fb:0a:56:68:8b:bc:e8:e5:d8:
fb:d5:bc:dc:d9:11:fb:ae:1a:8e:f0:2b:02:a1:83:
76:11:5f:19:ed:f1:22:46:6b:0f:da:f6:f3:50:ab:
27:97:df:79:3c:0a:a1:a8:86:8e:78:59:87:5e:f7:
d5:8d:7b:fc:66:8e:6c:63:dd:28:d9:44:d2:fe:ed:
76:f7:36:b2:52:6d:83:ea:d9:e5:10:ed:00:62:aa:
6f:e2:3b:b0:42:32:aa:1b:a6:24:0d:2b:42:c6:60:
2b:9d:05:3e:eb:c3:6b:60:e6:88:eb:e2:d3:8a:8f:
18:25:8c:27:52:f9:21:04:c7:6e:bc:21:5d:4c:a3:
0b:0d:79:26:1c:c4:c8:f9:ea:4a:67:47:a6:03:3f:
ee:e0:9a:6c:64:f8:2d:c6:bc:86:63:75:4e:fe:be:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:53:D6:89:7C:20:95:0A:2A:87:E3:F5:0D:C3:BF:31:D3:F4:F8:97
X509v3 Authority Key Identifier:
keyid:C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/ZVPWiXwglQoqh-P1DcO_MdP0-Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/yNWqcDQlCrGoeJrIbMDu87_J218.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.8.0/21
185.223.16.0/22
Signature Algorithm: sha256WithRSAEncryption
39:c9:5d:fe:9e:d8:8f:4f:7e:46:33:54:4f:d1:74:60:32:0f:
b1:68:9c:4c:94:aa:42:17:e6:84:05:c3:3c:17:7c:71:5b:83:
29:c3:30:47:32:27:aa:1f:e5:71:b5:b9:d5:7b:b5:42:a6:a3:
ad:50:9c:61:77:bc:4a:cb:6f:09:2d:b8:d9:10:29:75:cb:09:
b1:04:50:98:1f:c2:b3:66:df:28:49:c5:bf:cb:63:4d:5c:18:
c2:36:f1:55:da:b8:32:0e:cb:33:79:13:e0:49:f8:49:5b:02:
32:bc:59:ec:ed:d7:ed:95:20:c8:6a:ae:1b:9f:e3:10:ce:23:
98:7c:f3:78:be:59:ba:c3:dc:9e:51:e6:15:ee:c7:36:be:8c:
52:8b:72:b0:de:71:eb:21:3a:1c:cb:87:d4:a4:a0:04:15:c8:
10:61:4d:b7:7e:27:55:34:60:23:0b:e3:27:17:80:a0:10:45:
2a:40:b3:e4:d3:ee:f9:5a:5c:d6:ad:6f:fd:71:92:52:c5:37:
b2:6c:d6:0a:cc:da:52:f2:ff:cc:06:59:ac:82:a1:13:02:28:
f2:42:90:cf:e1:5a:12:19:ce:a0:a9:fc:d8:31:2c:7e:b7:e2:
a0:dd:04:90:8a:73:e4:86:79:fa:05:ad:be:b6:65:ce:5a:40:
25:78:10:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxJ41qXIP4m9DaW+14zBrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVhYTcwMzQyNTBhYjFhODc4OWFjODZjYzBlZWYzYmZj
OWRiNWYwHhcNMjMwMTAyMDYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTUzZDY4OTdjMjA5NTBhMmE4N2UzZjUwZGMzYmYzMWQzZjRmODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPpO1xfAUHEEmMbtPNQhGvVRUo7B
CjkF2p5vEsxLVKAUvF6cv93Wz1DHhNPdwRT3e+v9U/8ISkfQPe7cvOPcz+3mMwCO
RK4SfeV9FX7+P0FtzN9ozHiBgvEchqQ1E/T7ClZoi7zo5dj71bzc2RH7rhqO8CsC
oYN2EV8Z7fEiRmsP2vbzUKsnl995PAqhqIaOeFmHXvfVjXv8Zo5sY90o2UTS/u12
9zayUm2D6tnlEO0AYqpv4juwQjKqG6YkDStCxmArnQU+68NrYOaI6+LTio8YJYwn
UvkhBMduvCFdTKMLDXkmHMTI+epKZ0emAz/u4JpsZPgtxryGY3VO/r7CtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGVT1ol8IJUKKofj9Q3DvzHT9PiXMB8GA1UdIwQY
MBaAFMjVqnA0JQqxqHiayGzA7vO/ydtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5XcWNEUWxDckdvZUpySWJNRHU4N19KMjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yZDQ5MGMtNmZmOC00NzFkLTk3ZDIt
MmQ3MmYyMzE5M2RiLzEvWlZQV2lYd2dsUW9xaC1QMURjT19NZFAwLUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yZDQ5MGMtNmZmOC00NzFkLTk3ZDItMmQ3MmYyMzE5M2Ri
LzEveU5XcWNEUWxDckdvZUpySWJNRHU4N19KMjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVXcIAwQC
ud8QMA0GCSqGSIb3DQEBCwUAA4IBAQA5yV3+ntiPT35GM1RP0XRgMg+xaJxMlKpC
F+aEBcM8F3xxW4MpwzBHMieqH+VxtbnVe7VCpqOtUJxhd7xKy28JLbjZECl1ywmx
BFCYH8KzZt8oScW/y2NNXBjCNvFV2rgyDsszeRPgSfhJWwIyvFns7dftlSDIaq4b
n+MQziOYfPN4vlm6w9yeUeYV7sc2voxSi3Kw3nHrITocy4fUpKAEFcgQYU23fidV
NGAjC+MnF4CgEEUqQLPk0+75WlzWrW/9cZJSxTeybNYKzNpS8v/MBlmsgqETAijy
QpDP4VoSGc6gqfzYMSx+t+Kg3QSQinPkhnn6Ba2+tmXOWkAleBAi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:44 2025 by rpki-client