Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/zie9TqNnSmaIG2onyn9uTocf2zw.roa
File: zie9TqNnSmaIG2onyn9uTocf2zw.roa (raw, json)
Hash identifier: zUcclgaJY2C76uxwC/YJgi76EzMM+v2oXQrvaTBzzes=
Subject key identifier: CE:27:BD:4E:A3:67:4A:66:88:1B:6A:27:CA:7F:6E:4E:87:1F:DB:3C
Certificate issuer: /CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
Certificate serial: 01856CAF39ADD65489EBF721A784353F1E5B
Authority key identifier: 69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/zie9TqNnSmaIG2onyn9uTocf2zw.roa
Signing time: Sun 01 Jan 2023 09:35:00 +0000
ROA not before: Sun 01 Jan 2023 09:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51101
IP address blocks: 195.43.66.0/23 maxlen: 23
185.230.224.0/22 maxlen: 22
178.217.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:39:ad:d6:54:89:eb:f7:21:a7:84:35:3f:1e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
Validity
Not Before: Jan 1 09:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce27bd4ea3674a66881b6a27ca7f6e4e871fdb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:96:b6:1c:31:bd:97:f1:30:5c:f8:96:f7:83:
2d:5b:02:06:34:2c:f0:36:d2:23:27:6e:c4:09:5f:
1f:16:60:5d:23:f8:f4:a9:1e:15:33:94:a9:02:cb:
ba:10:7c:06:22:80:6b:1e:57:11:dd:64:bb:e1:7e:
05:3e:41:35:12:04:66:83:74:b7:05:02:4d:07:88:
f6:1a:1e:d2:4f:d5:2f:06:80:61:c0:b9:91:2d:33:
78:32:98:5a:88:72:47:84:0a:31:8f:53:9c:36:d9:
4d:c0:ec:47:a8:5c:c8:cf:f7:e2:4a:85:cc:67:8a:
d0:01:62:07:cb:0b:d3:9c:7a:72:b6:ff:ef:ed:d2:
6e:63:65:57:d1:49:59:a9:df:ae:a1:bd:c3:58:96:
1e:5f:93:5b:62:48:69:fc:cc:8b:c1:ba:ee:62:53:
be:33:48:4b:3e:28:7a:32:3d:6e:9a:53:57:82:1e:
e7:02:ac:a5:9d:18:73:07:f9:19:8b:ab:b2:07:d9:
ed:70:81:c5:00:4d:bf:da:af:60:04:ed:82:df:fe:
0e:83:a6:c3:78:0e:4f:23:2a:f9:68:2e:14:72:61:
6e:ab:38:12:1f:e4:59:4f:e1:5d:d7:45:8d:5f:71:
ca:03:64:02:c0:17:4a:da:b4:b5:37:3b:03:52:ea:
78:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:27:BD:4E:A3:67:4A:66:88:1B:6A:27:CA:7F:6E:4E:87:1F:DB:3C
X509v3 Authority Key Identifier:
keyid:69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/zie9TqNnSmaIG2onyn9uTocf2zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.112.0/21
185.230.224.0/22
195.43.66.0/23
Signature Algorithm: sha256WithRSAEncryption
25:c2:e9:dd:63:83:f0:33:18:d6:20:c4:39:3f:fb:85:e2:01:
8c:5a:af:76:9f:21:6d:0e:92:15:b8:d1:a6:e8:e4:d3:1e:a7:
b3:24:f5:57:15:8b:76:c8:6d:49:e6:3b:fa:7b:f3:ac:60:49:
5c:5f:7d:7c:3b:7f:82:66:93:16:a2:65:49:46:f0:9e:8f:d7:
10:52:a3:1e:72:13:ef:45:f5:b2:30:4b:54:87:3b:f2:f9:96:
41:61:10:14:14:40:de:7e:e3:92:1c:08:61:5d:4a:e4:b0:be:
8b:f0:67:87:a2:f7:98:b1:61:d2:b9:23:2e:e3:7e:11:1f:d5:
80:e6:ed:8c:50:e6:7f:0c:51:9b:e5:c1:b3:c2:6a:f5:11:b0:
63:f7:e1:22:86:aa:cf:69:b6:98:c4:2a:61:25:75:c2:47:6a:
15:f3:ab:ba:b3:21:a8:17:c5:fe:25:55:bf:40:db:e1:44:14:
3e:98:2b:72:77:c0:d6:cb:e3:94:81:da:34:93:2f:a6:ee:be:
dd:10:76:a8:2f:c1:77:86:51:e8:d0:84:a2:1c:7e:8c:01:90:
42:c4:4c:fa:f5:74:e2:8f:5e:7f:28:b3:21:5a:ae:99:5f:4b:
fa:b3:b6:de:09:94:43:cd:84:0c:12:7b:3a:15:0a:c3:dd:77:
55:f9:72:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsrzmt1lSJ6/chp4Q1Px5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGU1MTVjYzViZTRlMjdlOWQzZDEzZTVlMWMxMWRjNzUy
OTI3NGIwHhcNMjMwMTAxMDkzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTI3YmQ0ZWEzNjc0YTY2ODgxYjZhMjdjYTdmNmU0ZTg3MWZkYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pa2HDG9l/EwXPiW94MtWwIGNCzw
NtIjJ27ECV8fFmBdI/j0qR4VM5SpAsu6EHwGIoBrHlcR3WS74X4FPkE1EgRmg3S3
BQJNB4j2Gh7ST9UvBoBhwLmRLTN4MphaiHJHhAoxj1OcNtlNwOxHqFzIz/fiSoXM
Z4rQAWIHywvTnHpytv/v7dJuY2VX0UlZqd+uob3DWJYeX5NbYkhp/MyLwbruYlO+
M0hLPih6Mj1umlNXgh7nAqylnRhzB/kZi6uyB9ntcIHFAE2/2q9gBO2C3/4Og6bD
eA5PIyr5aC4UcmFuqzgSH+RZT+Fd10WNX3HKA2QCwBdK2rS1NzsDUup4ZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM4nvU6jZ0pmiBtqJ8p/bk6HH9s8MB8GA1UdIwQY
MBaAFGlOUVzFvk4n6dPRPl4cEdx1KSdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYt
NTFjNzdjYzQ5MTQ2LzEvemllOVRxTm5TbWFJRzJvbnluOXVUb2NmMnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYtNTFjNzdjYzQ5MTQ2
LzEvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDstlwAwQC
uebgAwQBwytCMA0GCSqGSIb3DQEBCwUAA4IBAQAlwundY4PwMxjWIMQ5P/uF4gGM
Wq92nyFtDpIVuNGm6OTTHqezJPVXFYt2yG1J5jv6e/OsYElcX318O3+CZpMWomVJ
RvCej9cQUqMechPvRfWyMEtUhzvy+ZZBYRAUFEDefuOSHAhhXUrksL6L8GeHoveY
sWHSuSMu434RH9WA5u2MUOZ/DFGb5cGzwmr1EbBj9+EihqrPabaYxCphJXXCR2oV
86u6syGoF8X+JVW/QNvhRBQ+mCtyd8DWy+OUgdo0ky+m7r7dEHaoL8F3hlHo0ISi
HH6MAZBCxEz69XTij15/KLMhWq6ZX0v6s7beCZRDzYQMEns6FQrD3XdV+XJS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:33 2025 by rpki-client