Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/DCZVZeCNxspEe19MZ1e0f9wlit4.roa
File: DCZVZeCNxspEe19MZ1e0f9wlit4.roa (raw, json)
Hash identifier: WSOKtcV03+ReiJqCDi+a8KzgoYNhZLMXNvGkrefoscw=
Subject key identifier: 0C:26:55:65:E0:8D:C6:CA:44:7B:5F:4C:67:57:B4:7F:DC:25:8A:DE
Certificate issuer: /CN=ea55dfd13021d5855ff194534933cd7d6cacd6cf
Certificate serial: 110F01BC
Authority key identifier: EA:55:DF:D1:30:21:D5:85:5F:F1:94:53:49:33:CD:7D:6C:AC:D6:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6lXf0TAh1YVf8ZRTSTPNfWys1s8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/DCZVZeCNxspEe19MZ1e0f9wlit4.roa
Signing time: Sat 01 Jan 2022 10:02:15 +0000
ROA not before: Sat 01 Jan 2022 10:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41753
IP address blocks: 185.102.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286196156 (0x110f01bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea55dfd13021d5855ff194534933cd7d6cacd6cf
Validity
Not Before: Jan 1 10:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c265565e08dc6ca447b5f4c6757b47fdc258ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fe:78:f9:5a:2d:b8:ba:da:e4:61:5e:0d:7c:
c7:ad:ff:14:9c:bf:0b:9c:52:57:d0:85:7c:2f:b9:
66:03:55:42:9c:00:2e:cf:6a:5a:7e:4c:35:da:4f:
d3:67:3c:91:78:4d:d0:d8:02:ca:27:be:a4:6b:94:
00:20:ec:f9:c3:03:e5:e6:0b:38:c9:ec:81:ab:22:
22:5a:9c:87:8e:e0:86:30:37:fb:5d:b4:cf:69:a8:
de:1f:64:4b:a0:1a:fe:97:4e:64:8a:a1:ac:03:e1:
a8:2c:56:1d:32:b9:6b:96:ca:7c:61:2e:a7:6e:3c:
91:91:ff:3d:08:55:0d:bc:7d:76:5c:ea:a3:1f:5c:
67:44:6e:a6:e2:ef:41:1d:a7:19:37:86:64:f1:be:
cd:6c:4b:50:10:e0:5e:a4:66:af:0c:6e:d8:20:c7:
cb:fc:79:01:14:d6:2e:cf:57:f0:d0:54:05:59:19:
15:21:8e:f1:e8:24:4c:c1:b3:7a:f7:f3:e5:b1:1f:
70:cd:f9:55:dc:e2:9e:e6:2b:91:8e:66:c4:43:88:
fd:6c:3b:e4:96:47:21:cd:d3:49:25:97:7c:f8:25:
cf:89:66:08:ab:4b:1c:a0:ec:12:6e:f6:6c:1a:20:
ed:da:67:73:ec:73:5d:2b:19:f0:d6:fb:41:4e:90:
7c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:26:55:65:E0:8D:C6:CA:44:7B:5F:4C:67:57:B4:7F:DC:25:8A:DE
X509v3 Authority Key Identifier:
keyid:EA:55:DF:D1:30:21:D5:85:5F:F1:94:53:49:33:CD:7D:6C:AC:D6:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lXf0TAh1YVf8ZRTSTPNfWys1s8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/DCZVZeCNxspEe19MZ1e0f9wlit4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/6lXf0TAh1YVf8ZRTSTPNfWys1s8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.16.0/22
Signature Algorithm: sha256WithRSAEncryption
68:3a:a1:d7:2c:cb:36:5f:c3:3d:49:18:5d:83:bc:8d:54:0a:
25:b6:53:e5:6a:6b:87:52:b4:0f:af:b5:d1:f7:67:1e:44:ad:
88:91:17:a2:39:5e:e8:34:46:26:8e:91:39:c0:1f:56:b2:5b:
11:3b:6c:6c:61:f8:6e:89:c9:c0:0c:d9:9a:51:ad:9f:e3:94:
81:a9:55:fd:9e:a5:da:b2:24:58:a9:18:a9:6d:6c:cb:69:3f:
c5:5b:6f:b7:a0:db:d8:4f:27:13:ea:38:31:30:4f:80:e6:75:
a6:0a:f0:8f:c5:c5:f8:eb:ca:ab:50:c7:b5:42:72:57:53:fe:
03:12:0d:26:77:f8:56:cb:b3:3d:00:71:6b:48:b6:db:6d:af:
a3:19:c1:b6:eb:51:1c:32:cc:7a:f3:0e:60:b3:7d:7f:47:e1:
16:d3:da:b4:b8:b0:32:6d:9f:75:a0:b9:c0:8f:52:b1:d7:11:
ab:44:4a:d4:cd:ed:5a:a2:fe:61:28:b7:fc:be:c3:4a:1e:35:
41:ee:cc:a9:fe:77:3a:16:7d:69:dd:62:cf:21:6c:0f:84:ab:
dd:a9:bd:16:da:69:8f:22:e8:6b:43:9a:f3:b3:49:da:ba:0e:
1a:91:e3:2d:77:4e:b6:36:c7:14:f8:23:5d:97:ce:5c:3f:6d:
1d:45:33:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEQ8BvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTU1ZGZkMTMwMjFkNTg1NWZmMTk0NTM0OTMzY2Q3ZDZjYWNkNmNmMB4XDTIyMDEw
MTEwMDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMyNjU1NjVlMDhk
YzZjYTQ0N2I1ZjRjNjc1N2I0N2ZkYzI1OGFkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJj+ePlaLbi62uRhXg18x63/FJy/C5xSV9CFfC+5ZgNVQpwA
Ls9qWn5MNdpP02c8kXhN0NgCyie+pGuUACDs+cMD5eYLOMnsgasiIlqch47ghjA3
+120z2mo3h9kS6Aa/pdOZIqhrAPhqCxWHTK5a5bKfGEup248kZH/PQhVDbx9dlzq
ox9cZ0RupuLvQR2nGTeGZPG+zWxLUBDgXqRmrwxu2CDHy/x5ARTWLs9X8NBUBVkZ
FSGO8egkTMGzevfz5bEfcM35VdzinuYrkY5mxEOI/Ww75JZHIc3TSSWXfPglz4lm
CKtLHKDsEm72bBog7dpnc+xzXSsZ8Nb7QU6QfK8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMJlVl4I3GykR7X0xnV7R/3CWK3jAfBgNVHSMEGDAWgBTqVd/RMCHVhV/x
lFNJM819bKzWzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZsWGYwVEFoMVlWZjhaUlRTVFBOZld5czFzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvNmY0MzNiLWRjMzItNDVhMi05NzllLWZmMTQzMzY4NzUzZi8x
L0RDWlZaZUNOeHNwRWUxOU1aMWUwZjl3bGl0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
NmY0MzNiLWRjMzItNDVhMi05NzllLWZmMTQzMzY4NzUzZi8xLzZsWGYwVEFoMVlW
ZjhaUlRTVFBOZld5czFzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlmEDANBgkqhkiG9w0BAQsFAAOC
AQEAaDqh1yzLNl/DPUkYXYO8jVQKJbZT5Wprh1K0D6+10fdnHkStiJEXojle6DRG
Jo6ROcAfVrJbETtsbGH4bonJwAzZmlGtn+OUgalV/Z6l2rIkWKkYqW1sy2k/xVtv
t6Db2E8nE+o4MTBPgOZ1pgrwj8XF+OvKq1DHtUJyV1P+AxINJnf4VsuzPQBxa0i2
222voxnBtutRHDLMevMOYLN9f0fhFtPatLiwMm2fdaC5wI9SsdcRq0RK1M3tWqL+
YSi3/L7DSh41Qe7Mqf53OhZ9ad1izyFsD4Sr3am9FtppjyLoa0Oa87NJ2roOGpHj
LXdOtjbHFPgjXZfOXD9tHUUz+g==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:00 2025 by rpki-client