Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ZYIcgbxIIoqsyxaxAWOHH8Yh2-s.roa
File: ZYIcgbxIIoqsyxaxAWOHH8Yh2-s.roa (raw, json)
Hash identifier: Unbf/J0RDGuSDeP9qh9PQMk2Clm4v0j/+Dgh/qlT0/M=
Subject key identifier: 65:82:1C:81:BC:48:22:8A:AC:CB:16:B1:01:63:87:1F:C6:21:DB:EB
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01835503B9B8F2353C567A5189A352EC4C2B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ZYIcgbxIIoqsyxaxAWOHH8Yh2-s.roa
Signing time: Mon 19 Sep 2022 09:10:50 +0000
ROA not before: Mon 19 Sep 2022 09:10:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 37.49.144.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:03:b9:b8:f2:35:3c:56:7a:51:89:a3:52:ec:4c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 19 09:10:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65821c81bc48228aaccb16b10163871fc621dbeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7e:3a:30:e4:a9:35:ac:d7:b3:27:36:8a:80:
04:79:bd:30:56:f1:b9:2a:a8:c7:af:1a:5d:97:54:
c7:f7:44:7a:82:3d:30:3e:e0:5f:38:49:ec:29:a8:
d1:90:ec:72:05:73:d2:60:f1:36:65:a1:81:cc:ae:
25:7f:fb:c8:ea:32:4e:2a:7b:c6:d8:7e:3e:b1:94:
1e:bd:f8:99:44:7b:08:8f:80:30:c4:e7:f1:b7:9d:
96:b3:89:5f:f3:73:c7:35:e6:bb:04:42:8a:50:3b:
1a:49:2c:86:fb:ee:39:0b:51:c0:ba:4e:6b:aa:90:
83:23:3a:a9:39:c1:95:db:96:06:e8:6c:d0:59:df:
53:3e:55:70:75:75:f5:1a:58:6d:e5:c1:14:c2:35:
52:43:1a:20:b4:17:03:70:af:7f:89:39:5f:88:63:
93:c9:62:d0:d9:25:10:f6:56:ef:de:74:a2:32:97:
20:3d:ab:57:c9:bb:0e:eb:70:01:c1:d9:68:f8:bc:
92:1f:fc:9e:84:3c:6f:04:fb:cc:8a:17:65:b1:83:
66:77:6c:fe:b3:2c:5d:33:89:76:bf:60:a7:b9:fb:
cf:67:99:ed:ec:12:4d:92:28:c4:a9:75:20:0e:8d:
43:4e:4d:c0:fa:6d:36:11:96:12:07:e6:88:fd:1f:
0d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:82:1C:81:BC:48:22:8A:AC:CB:16:B1:01:63:87:1F:C6:21:DB:EB
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ZYIcgbxIIoqsyxaxAWOHH8Yh2-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:08:4e:b5:7f:29:0d:6b:82:10:f0:56:c8:bb:71:d6:1f:5f:
74:3e:80:6b:a6:5f:81:22:fd:16:92:c1:10:a5:38:7b:07:e3:
60:7b:06:a1:f3:fe:5f:a2:71:f5:e4:39:74:ec:c8:7f:61:4d:
75:f5:e1:9a:2a:3b:11:34:0f:b0:44:90:19:9a:1c:3c:7e:9f:
28:e0:23:cd:c1:01:89:e7:41:eb:aa:35:c4:17:db:29:bd:d7:
00:27:ba:b9:2e:94:75:19:71:a4:e1:76:d2:50:16:50:74:da:
df:de:73:b8:87:e4:b7:73:35:cb:f9:2d:dc:00:bb:77:6c:ba:
1c:39:7d:19:60:2f:b0:5b:86:33:5f:47:ac:31:73:e1:9d:4e:
e4:1a:24:4c:53:0b:d9:49:0d:b4:f3:7d:f4:a0:6c:a0:c5:13:
6a:94:86:23:57:95:e4:41:e5:9e:59:06:29:25:c8:a7:81:56:
2a:33:78:61:c1:c8:d3:a6:05:58:84:d4:55:5c:97:96:a7:a5:
08:ff:d0:8a:3e:aa:2d:64:46:eb:22:e6:9e:b4:ba:68:7a:6d:
48:78:23:26:5d:9d:53:c7:0a:aa:44:50:93:be:3f:96:94:86:
b2:75:4a:68:64:37:37:2a:55:16:72:7a:e2:a8:c1:06:9f:03:
92:9b:3d:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNVA7m48jU8VnpRiaNS7EwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIwOTE5MDkxMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTgyMWM4MWJjNDgyMjhhYWNjYjE2YjEwMTYzODcxZmM2MjFkYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi346MOSpNazXsyc2ioAEeb0wVvG5
KqjHrxpdl1TH90R6gj0wPuBfOEnsKajRkOxyBXPSYPE2ZaGBzK4lf/vI6jJOKnvG
2H4+sZQevfiZRHsIj4AwxOfxt52Ws4lf83PHNea7BEKKUDsaSSyG++45C1HAuk5r
qpCDIzqpOcGV25YG6GzQWd9TPlVwdXX1Glht5cEUwjVSQxogtBcDcK9/iTlfiGOT
yWLQ2SUQ9lbv3nSiMpcgPatXybsO63ABwdlo+LySH/yehDxvBPvMihdlsYNmd2z+
syxdM4l2v2CnufvPZ5nt7BJNkijEqXUgDo1DTk3A+m02EZYSB+aI/R8NOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWCHIG8SCKKrMsWsQFjhx/GIdvrMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWllJY2dieElJb3FzeXhheEFXT0hIOFloMi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTGQMA0G
CSqGSIb3DQEBCwUAA4IBAQBOCE61fykNa4IQ8FbIu3HWH190PoBrpl+BIv0WksEQ
pTh7B+Ngewah8/5fonH15Dl07Mh/YU119eGaKjsRNA+wRJAZmhw8fp8o4CPNwQGJ
50HrqjXEF9spvdcAJ7q5LpR1GXGk4XbSUBZQdNrf3nO4h+S3czXL+S3cALt3bLoc
OX0ZYC+wW4YzX0esMXPhnU7kGiRMUwvZSQ208330oGygxRNqlIYjV5XkQeWeWQYp
JcingVYqM3hhwcjTpgVYhNRVXJeWp6UI/9CKPqotZEbrIuaetLpoem1IeCMmXZ1T
xwqqRFCTvj+WlIaydUpoZDc3KlUWcnriqMEGnwOSmz0L
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:16 2025 by rpki-client