Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/zEqVbWxJhh_qij0ZWDLvmLfSkgk.roa
File: zEqVbWxJhh_qij0ZWDLvmLfSkgk.roa (raw, json)
Hash identifier: XkJIVd7NYZfoR+eRjUTea+Z706PKULtCA/aXLFDzJow=
Subject key identifier: CC:4A:95:6D:6C:49:86:1F:EA:8A:3D:19:58:32:EF:98:B7:D2:92:09
Certificate issuer: /CN=be43d2710aad7c98c10f4d945dabdeea21c49d31
Certificate serial: 018ACB7BB6FB538B22DEF265B40BD5DDA830
Authority key identifier: BE:43:D2:71:0A:AD:7C:98:C1:0F:4D:94:5D:AB:DE:EA:21:C4:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkPScQqtfJjBD02UXave6iHEnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/zEqVbWxJhh_qij0ZWDLvmLfSkgk.roa
Signing time: Mon 25 Sep 2023 08:36:37 +0000
ROA not before: Mon 25 Sep 2023 08:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198965
IP address blocks: 185.116.120.0/22 maxlen: 22
37.221.224.0/21 maxlen: 21
2a13:ea40::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:7b:b6:fb:53:8b:22:de:f2:65:b4:0b:d5:dd:a8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43d2710aad7c98c10f4d945dabdeea21c49d31
Validity
Not Before: Sep 25 08:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc4a956d6c49861fea8a3d195832ef98b7d29209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6c:10:ec:77:35:c5:94:9c:fb:6a:bf:fe:a7:
f9:d4:a6:d1:5e:57:db:61:1a:8f:29:04:0a:86:64:
98:70:47:e0:34:5b:82:71:57:51:23:c9:63:c7:9e:
fc:a6:87:a7:7c:03:af:63:6c:68:92:81:bd:76:69:
0d:8a:cd:d0:ec:79:95:65:38:63:c5:08:4f:96:cd:
f2:0c:c6:16:6c:90:39:00:8c:73:0d:83:77:9c:9a:
5d:26:23:5f:44:bd:c9:78:83:63:f3:e0:15:9c:73:
33:53:1b:cb:f4:f0:74:40:f5:4c:f2:83:80:b9:ed:
27:55:a4:60:70:7b:dc:55:d7:f5:f3:ca:6b:47:70:
18:d1:1c:b5:70:0a:d1:f2:60:b8:38:ab:24:2d:1c:
b6:3d:ae:5f:c0:08:32:b9:f4:36:85:3d:0d:ac:f8:
02:9f:7e:1e:4f:f9:df:dd:a6:96:42:42:31:a2:27:
f6:2b:52:22:3f:a4:60:35:ff:5f:3a:62:16:e9:35:
59:67:1e:73:09:07:00:2d:6c:7b:8c:31:1a:66:22:
56:ff:15:b5:e3:f8:30:7d:50:9f:8a:b5:f1:72:70:
1b:fd:63:de:20:63:5c:b0:c9:b5:34:4c:d5:b5:f3:
9d:fe:06:52:08:88:7a:7c:d2:ec:a9:45:d7:06:c5:
37:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4A:95:6D:6C:49:86:1F:EA:8A:3D:19:58:32:EF:98:B7:D2:92:09
X509v3 Authority Key Identifier:
keyid:BE:43:D2:71:0A:AD:7C:98:C1:0F:4D:94:5D:AB:DE:EA:21:C4:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkPScQqtfJjBD02UXave6iHEnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/zEqVbWxJhh_qij0ZWDLvmLfSkgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/vkPScQqtfJjBD02UXave6iHEnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.224.0/21
185.116.120.0/22
IPv6:
2a13:ea40::/29
Signature Algorithm: sha256WithRSAEncryption
8b:c9:d9:50:65:83:07:ec:15:ff:d3:4c:1c:ed:86:91:b0:01:
c0:6c:f6:01:86:ba:b0:a9:9e:fb:2f:7d:d4:9f:73:49:f9:e6:
0d:a7:a4:2e:77:a0:df:f7:42:ba:7d:f3:66:ad:0d:57:b2:c8:
7f:e1:05:93:89:df:c0:90:c6:0f:5c:d2:3d:c5:a8:3d:03:97:
ec:17:fe:0a:ae:22:4a:40:e2:60:65:88:2e:28:b1:35:a8:bf:
51:e5:ee:d8:a5:ae:c5:0f:b8:55:bd:67:fc:46:ce:6c:e0:4e:
35:d1:12:a5:0c:0e:c2:49:9b:b5:6a:a5:5d:43:4c:4f:c2:e0:
bd:f6:02:b0:4f:cb:0e:b4:4f:bb:a4:01:22:2d:90:55:cf:a7:
64:10:96:95:6e:f3:bb:d3:f9:f8:b7:0a:10:9d:d2:50:d6:0f:
ff:c9:f9:df:3a:15:53:52:77:f1:62:2c:96:45:ef:3b:26:fb:
37:f8:9b:c1:e1:1c:dc:19:94:2a:00:0e:b5:26:aa:b7:3b:a8:
aa:ba:db:6f:85:65:28:5d:fb:27:f1:e8:b4:1b:23:bf:7b:e7:
1b:88:a2:81:19:64:d9:a2:05:c1:ae:67:53:45:07:0b:ac:e7:
e8:45:fd:16:e5:8b:86:73:e7:e8:74:3a:1d:c7:43:d9:1a:12:
b1:fa:d1:e7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYrLe7b7U4si3vJltAvV3agwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDNkMjcxMGFhZDdjOThjMTBmNGQ5NDVkYWJkZWVhMjFj
NDlkMzEwHhcNMjMwOTI1MDgzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzRhOTU2ZDZjNDk4NjFmZWE4YTNkMTk1ODMyZWY5OGI3ZDI5MjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGwQ7Hc1xZSc+2q//qf51KbRXlfb
YRqPKQQKhmSYcEfgNFuCcVdRI8ljx578poenfAOvY2xokoG9dmkNis3Q7HmVZThj
xQhPls3yDMYWbJA5AIxzDYN3nJpdJiNfRL3JeINj8+AVnHMzUxvL9PB0QPVM8oOA
ue0nVaRgcHvcVdf188prR3AY0Ry1cArR8mC4OKskLRy2Pa5fwAgyufQ2hT0NrPgC
n34eT/nf3aaWQkIxoif2K1IiP6RgNf9fOmIW6TVZZx5zCQcALWx7jDEaZiJW/xW1
4/gwfVCfirXxcnAb/WPeIGNcsMm1NEzVtfOd/gZSCIh6fNLsqUXXBsU3TwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMxKlW1sSYYf6oo9GVgy75i30pIJMB8GA1UdIwQY
MBaAFL5D0nEKrXyYwQ9NlF2r3uohxJ0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtQU2NRcXRmSmpCRDAyVVhhdmU2aUhFblRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZjQ3OTQtOWU1My00ZjMwLWE5ODct
OGFmN2FlMGE5YWM3LzEvekVxVmJXeEpoaF9xaWowWldETHZtTGZTa2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZjQ3OTQtOWU1My00ZjMwLWE5ODctOGFmN2FlMGE5YWM3
LzEvdmtQU2NRcXRmSmpCRDAyVVhhdmU2aUhFblRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJd3gAwQC
uXR4MA0EAgACMAcDBQMqE+pAMA0GCSqGSIb3DQEBCwUAA4IBAQCLydlQZYMH7BX/
00wc7YaRsAHAbPYBhrqwqZ77L33Un3NJ+eYNp6Qud6Df90K6ffNmrQ1Xssh/4QWT
id/AkMYPXNI9xag9A5fsF/4KriJKQOJgZYguKLE1qL9R5e7Ypa7FD7hVvWf8Rs5s
4E410RKlDA7CSZu1aqVdQ0xPwuC99gKwT8sOtE+7pAEiLZBVz6dkEJaVbvO70/n4
twoQndJQ1g//yfnfOhVTUnfxYiyWRe87Jvs3+JvB4RzcGZQqAA61Jqq3O6iquttv
hWUoXfsn8ei0GyO/e+cbiKKBGWTZogXBrmdTRQcLrOfoRf0W5YuGc+fodDodx0PZ
GhKx+tHn
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:37 2025 by rpki-client