Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/90f9a8-7a9a-47d7-8493-c94d393b8a97/1/z1b-jFDiGRcXHQ-2Pk8ZGy8yZyE.roa
File: z1b-jFDiGRcXHQ-2Pk8ZGy8yZyE.roa (raw, json)
Hash identifier: BBbfXSHHcwvaXAWAKr8IESe/tRXlDkAfk75lrw0Eshc=
Subject key identifier: CF:56:FE:8C:50:E2:19:17:17:1D:0F:B6:3E:4F:19:1B:2F:32:67:21
Certificate issuer: /CN=a4b6446b0c6dcdcdf7f3b9ac411787c6f2eb7b24
Certificate serial: 018A0336239EE73CE83F910D3E9E5D460D9C
Authority key identifier: A4:B6:44:6B:0C:6D:CD:CD:F7:F3:B9:AC:41:17:87:C6:F2:EB:7B:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZEawxtzc3387msQReHxvLreyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/90f9a8-7a9a-47d7-8493-c94d393b8a97/1/z1b-jFDiGRcXHQ-2Pk8ZGy8yZyE.roa
Signing time: Thu 17 Aug 2023 11:16:34 +0000
ROA not before: Thu 17 Aug 2023 11:16:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 91.229.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:36:23:9e:e7:3c:e8:3f:91:0d:3e:9e:5d:46:0d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b6446b0c6dcdcdf7f3b9ac411787c6f2eb7b24
Validity
Not Before: Aug 17 11:16:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf56fe8c50e21917171d0fb63e4f191b2f326721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c4:01:df:34:6f:ce:ec:b5:a3:ca:85:6e:19:
85:13:07:47:e4:95:e0:7b:4a:d2:ff:b1:06:02:84:
75:09:6c:e3:5d:d7:28:f9:18:c0:77:d8:98:51:c0:
8c:4e:a6:2d:0e:bb:57:3e:94:de:16:25:71:6a:27:
a2:5a:68:23:a8:70:06:d5:2c:03:c5:fa:46:11:22:
d9:b4:3d:04:c5:e9:01:84:a7:d5:88:8c:18:b5:1e:
4a:90:5f:d8:a4:55:e7:3f:05:f9:ae:79:6c:cb:0c:
9a:97:e9:f4:64:1f:10:f0:94:19:6e:52:2a:be:f7:
ae:3d:15:af:26:a1:84:1f:47:e2:40:aa:53:af:2e:
b8:99:b3:7e:a0:89:bf:f2:52:18:e6:53:71:d8:74:
2b:21:7c:9e:b8:6b:d4:bf:ce:d7:83:e3:29:80:f1:
2d:39:30:34:c8:38:a2:44:c6:44:53:76:79:c6:40:
10:ac:95:0d:23:b1:ae:73:b0:ca:14:44:09:be:31:
bc:84:ad:38:78:5f:cd:d4:ee:57:2b:57:d8:a9:5a:
d9:1e:95:87:92:60:a9:f4:eb:bf:87:4f:13:98:b6:
f8:f8:fd:58:c2:d7:41:6b:4d:bd:85:35:b5:c9:b0:
54:9d:e2:08:59:51:72:a5:97:2d:4b:da:e5:c2:64:
64:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:56:FE:8C:50:E2:19:17:17:1D:0F:B6:3E:4F:19:1B:2F:32:67:21
X509v3 Authority Key Identifier:
keyid:A4:B6:44:6B:0C:6D:CD:CD:F7:F3:B9:AC:41:17:87:C6:F2:EB:7B:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZEawxtzc3387msQReHxvLreyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/90f9a8-7a9a-47d7-8493-c94d393b8a97/1/z1b-jFDiGRcXHQ-2Pk8ZGy8yZyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/90f9a8-7a9a-47d7-8493-c94d393b8a97/1/pLZEawxtzc3387msQReHxvLreyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.220.0/24
Signature Algorithm: sha256WithRSAEncryption
94:30:9d:a7:86:a5:33:89:6d:ab:44:16:e8:a5:0d:bf:ca:7a:
90:a0:39:4f:26:39:20:b8:b2:ab:e6:1c:67:b7:a6:5b:fd:e5:
70:f3:3f:3c:00:60:95:41:46:53:de:1b:9b:bb:73:73:79:83:
f5:1d:9b:2e:e3:4b:82:2a:3b:b3:39:5b:11:fd:cf:15:83:15:
12:f7:9b:06:d8:58:e6:92:e8:df:a4:a3:44:c6:54:76:3a:fb:
48:31:dd:01:1b:1f:3e:9b:a9:70:fe:cb:bb:bc:52:a5:39:83:
4b:2d:42:46:c1:90:ca:51:c6:a4:3f:66:77:b9:28:b2:47:0e:
a7:fd:09:2d:e5:f0:ad:83:0f:f2:f2:ae:3b:d8:e6:85:93:b0:
66:f3:41:92:a3:91:11:e8:88:67:45:37:34:17:89:b4:ac:86:
0e:4a:6f:7b:6f:d8:20:01:ad:53:18:74:43:8b:56:34:46:d0:
a8:93:d6:46:de:ce:0a:4a:c9:8a:5f:77:89:9c:20:46:4b:18:
fb:ce:81:3b:be:85:4e:0c:20:b8:0f:d9:d4:c9:1b:fc:3e:3c:
e1:79:27:17:63:d1:3b:de:f4:f4:c9:21:03:8d:4f:16:64:29:
5f:63:38:30:71:36:9f:f5:cf:b0:e1:e0:64:7d:11:f2:88:e3:
9b:3a:b0:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoDNiOe5zzoP5ENPp5dRg2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjY0NDZiMGM2ZGNkY2RmN2YzYjlhYzQxMTc4N2M2ZjJl
YjdiMjQwHhcNMjMwODE3MTExNjM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjU2ZmU4YzUwZTIxOTE3MTcxZDBmYjYzZTRmMTkxYjJmMzI2NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8QB3zRvzuy1o8qFbhmFEwdH5JXg
e0rS/7EGAoR1CWzjXdco+RjAd9iYUcCMTqYtDrtXPpTeFiVxaieiWmgjqHAG1SwD
xfpGESLZtD0ExekBhKfViIwYtR5KkF/YpFXnPwX5rnlsywyal+n0ZB8Q8JQZblIq
vveuPRWvJqGEH0fiQKpTry64mbN+oIm/8lIY5lNx2HQrIXyeuGvUv87Xg+MpgPEt
OTA0yDiiRMZEU3Z5xkAQrJUNI7Guc7DKFEQJvjG8hK04eF/N1O5XK1fYqVrZHpWH
kmCp9Ou/h08TmLb4+P1YwtdBa029hTW1ybBUneIIWVFypZctS9rlwmRkdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9W/oxQ4hkXFx0Ptj5PGRsvMmchMB8GA1UdIwQY
MBaAFKS2RGsMbc3N9/O5rEEXh8by63skMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExaRWF3eHR6YzMzODdtc1FSZUh4dkxyZXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS85MGY5YTgtN2E5YS00N2Q3LTg0OTMt
Yzk0ZDM5M2I4YTk3LzEvejFiLWpGRGlHUmNYSFEtMlBrOFpHeTh5WnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS85MGY5YTgtN2E5YS00N2Q3LTg0OTMtYzk0ZDM5M2I4YTk3
LzEvcExaRWF3eHR6YzMzODdtc1FSZUh4dkxyZXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+XcMA0G
CSqGSIb3DQEBCwUAA4IBAQCUMJ2nhqUziW2rRBbopQ2/ynqQoDlPJjkguLKr5hxn
t6Zb/eVw8z88AGCVQUZT3hubu3NzeYP1HZsu40uCKjuzOVsR/c8VgxUS95sG2Fjm
kujfpKNExlR2OvtIMd0BGx8+m6lw/su7vFKlOYNLLUJGwZDKUcakP2Z3uSiyRw6n
/Qkt5fCtgw/y8q472OaFk7Bm80GSo5ER6IhnRTc0F4m0rIYOSm97b9ggAa1TGHRD
i1Y0RtCok9ZG3s4KSsmKX3eJnCBGSxj7zoE7voVODCC4D9nUyRv8PjzheScXY9E7
3vT0ySEDjU8WZClfYzgwcTaf9c+w4eBkfRHyiOObOrB9
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:32 2025 by rpki-client