Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zQH-tscrNGEQ3lR1xS2-1mZq1D4.roa
File: zQH-tscrNGEQ3lR1xS2-1mZq1D4.roa (raw, json)
Hash identifier: EfGlXpnNn4CLi1bjhyLNeUYKrCaBQDrEfJ/jG1peHO0=
Subject key identifier: CD:01:FE:B6:C7:2B:34:61:10:DE:54:75:C5:2D:BE:D6:66:6A:D4:3E
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018BCFF3B7159BBA6351CF8ED9B958D98808
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zQH-tscrNGEQ3lR1xS2-1mZq1D4.roa
Signing time: Tue 14 Nov 2023 22:28:57 +0000
ROA not before: Tue 14 Nov 2023 22:28:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211288
IP address blocks: 95.164.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cf:f3:b7:15:9b:ba:63:51:cf:8e:d9:b9:58:d9:88:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 14 22:28:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd01feb6c72b346110de5475c52dbed6666ad43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f8:de:81:39:eb:12:b2:99:83:66:6a:c8:36:
dc:05:05:fc:2f:56:c5:86:1a:f5:4c:a7:95:bc:b5:
78:45:ae:2a:fb:b5:5b:a1:3f:1b:9b:0e:bd:9f:b9:
73:b2:30:c5:cd:0b:52:10:0d:f9:f1:63:f7:c0:a1:
3a:cc:3a:74:17:77:01:16:f6:51:96:f3:0b:3e:a3:
fe:01:3d:49:06:6c:ec:70:ba:68:57:30:46:c2:ee:
11:b2:46:57:52:75:9c:1b:c5:d5:44:8b:fd:9c:ca:
0e:07:96:17:c5:38:f4:ca:a8:93:36:21:24:7e:02:
a5:17:e7:be:06:22:7c:b0:bc:8f:13:94:61:88:43:
78:a2:9d:6a:45:b6:56:5f:80:fc:3e:4b:a9:8c:c4:
8e:df:b5:9f:2d:12:b4:81:65:8a:92:c1:6e:15:7a:
1d:20:3d:50:29:d8:85:ee:46:84:45:c0:05:06:2b:
ab:c2:5c:72:42:f0:13:d6:6d:51:b2:0f:19:ea:76:
1b:a5:05:08:fe:6d:f3:0c:8f:ca:76:d0:75:fc:0d:
cc:79:6d:60:9c:15:5f:8a:f5:ff:7d:a2:d2:c2:8c:
c3:46:14:a7:11:48:e7:fe:4c:10:4e:6d:61:8a:38:
f8:d6:0e:0e:ba:fb:bb:57:c7:6d:41:c2:87:39:52:
e4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:01:FE:B6:C7:2B:34:61:10:DE:54:75:C5:2D:BE:D6:66:6A:D4:3E
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zQH-tscrNGEQ3lR1xS2-1mZq1D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.250.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c5:d1:a4:ab:44:cf:80:fc:45:11:4f:98:05:75:de:92:5f:
c3:fb:ec:2f:c6:4c:e6:e3:48:5e:2c:89:ba:a1:5f:70:0f:66:
c4:85:b5:1e:f6:c9:1a:57:a1:88:88:c2:00:f3:b4:3a:1b:5f:
50:80:fa:e4:53:cd:b4:5f:db:6f:97:0c:90:de:68:0f:df:3e:
70:f8:ed:cb:5b:b8:74:2a:d4:4c:01:01:bf:63:97:cd:63:ad:
47:db:46:49:5c:1b:25:a8:26:d9:eb:a5:65:97:66:26:6d:7b:
4c:19:16:63:82:fa:6c:ef:3a:2e:f5:39:86:3e:2b:83:29:be:
22:4c:99:7b:c8:e8:a8:a6:cf:80:c1:b6:ea:24:0a:4a:c8:41:
02:76:1d:cf:0a:f5:54:20:66:f3:0b:dd:61:52:56:c6:2e:04:
10:84:07:de:7a:bb:64:6e:99:fb:6a:4a:4a:3c:56:96:8c:f5:
1b:19:cc:2b:06:84:3d:f0:24:58:01:d3:22:29:2b:70:10:47:
69:23:2d:09:4a:06:21:0c:ad:ae:9f:2b:f6:1a:5d:7c:6d:ad:
63:8d:55:e0:dc:3b:97:c4:38:2c:0c:f6:28:17:c1:60:01:80:
9d:c3:87:aa:48:79:8b:2e:52:96:5a:63:68:a2:a1:02:4c:9d:
66:ef:a9:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvP87cVm7pjUc+O2blY2YgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMTE0MjIyODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDAxZmViNmM3MmIzNDYxMTBkZTU0NzVjNTJkYmVkNjY2NmFkNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfjegTnrErKZg2ZqyDbcBQX8L1bF
hhr1TKeVvLV4Ra4q+7VboT8bmw69n7lzsjDFzQtSEA358WP3wKE6zDp0F3cBFvZR
lvMLPqP+AT1JBmzscLpoVzBGwu4RskZXUnWcG8XVRIv9nMoOB5YXxTj0yqiTNiEk
fgKlF+e+BiJ8sLyPE5RhiEN4op1qRbZWX4D8PkupjMSO37WfLRK0gWWKksFuFXod
ID1QKdiF7kaERcAFBiurwlxyQvAT1m1Rsg8Z6nYbpQUI/m3zDI/KdtB1/A3MeW1g
nBVfivX/faLSwozDRhSnEUjn/kwQTm1hijj41g4Ouvu7V8dtQcKHOVLklQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0B/rbHKzRhEN5UdcUtvtZmatQ+MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvelFILXRzY3JOR0VRM2xSMXhTMi0xbVpxMUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6T6MA0G
CSqGSIb3DQEBCwUAA4IBAQBjxdGkq0TPgPxFEU+YBXXekl/D++wvxkzm40heLIm6
oV9wD2bEhbUe9skaV6GIiMIA87Q6G19QgPrkU820X9tvlwyQ3mgP3z5w+O3LW7h0
KtRMAQG/Y5fNY61H20ZJXBslqCbZ66Vll2YmbXtMGRZjgvps7zou9TmGPiuDKb4i
TJl7yOiops+AwbbqJApKyEECdh3PCvVUIGbzC91hUlbGLgQQhAfeertkbpn7akpK
PFaWjPUbGcwrBoQ98CRYAdMiKStwEEdpIy0JSgYhDK2unyv2Gl18ba1jjVXg3DuX
xDgsDPYoF8FgAYCdw4eqSHmLLlKWWmNooqECTJ1m76nG
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:19 2025 by rpki-client