Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/hd7Cha6vDgWNnyjAse8ZzAZx1NA.roa
File: hd7Cha6vDgWNnyjAse8ZzAZx1NA.roa (raw, json)
Hash identifier: A6Lm7XKIbgeJ119+hafrp1WVKpw4pmAvbS6kkr8SmlU=
Subject key identifier: 85:DE:C2:85:AE:AF:0E:05:8D:9F:28:C0:B1:EF:19:CC:06:71:D4:D0
Certificate issuer: /CN=657ed6f5bba633d55269fdd056bcf60c68c7b2b8
Certificate serial: 0183D6114360E5D48E0D98E236D69BD22FE8
Authority key identifier: 65:7E:D6:F5:BB:A6:33:D5:52:69:FD:D0:56:BC:F6:0C:68:C7:B2:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZX7W9bumM9VSaf3QVrz2DGjHsrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/hd7Cha6vDgWNnyjAse8ZzAZx1NA.roa
Signing time: Fri 14 Oct 2022 10:36:39 +0000
ROA not before: Fri 14 Oct 2022 10:36:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12861
IP address blocks: 212.29.67.0/24 maxlen: 24
212.29.66.0/24 maxlen: 24
212.29.69.0/24 maxlen: 24
212.29.90.0/24 maxlen: 24
91.237.216.0/23 maxlen: 24
212.29.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:11:43:60:e5:d4:8e:0d:98:e2:36:d6:9b:d2:2f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=657ed6f5bba633d55269fdd056bcf60c68c7b2b8
Validity
Not Before: Oct 14 10:36:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85dec285aeaf0e058d9f28c0b1ef19cc0671d4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cc:7d:ae:5a:2c:e6:1b:58:93:6d:2d:72:2d:
95:43:bf:33:bb:22:ea:a9:28:f0:ca:1d:ef:ca:f0:
6f:37:15:d7:74:55:18:01:6e:bc:fd:28:43:99:95:
bb:6a:b6:b2:55:c6:ed:ff:ee:0f:48:01:22:8a:fe:
7b:75:30:c8:97:e9:60:8e:3d:08:f7:8b:39:d4:3f:
94:cb:ac:6f:f9:69:9c:46:6c:05:0b:41:a6:ee:cf:
4e:5d:fe:43:41:65:24:46:45:27:f4:1d:e1:b8:1c:
98:d0:a0:72:ae:d6:9a:96:9a:59:98:9e:6c:2b:b6:
99:e9:6f:db:b3:5b:66:b6:7b:01:03:28:19:22:28:
05:1b:2d:dd:9c:29:db:80:d5:48:ab:18:ca:72:40:
aa:c7:df:e7:29:13:c9:69:f6:4c:e5:c0:ce:2e:7c:
fa:31:3f:b1:59:cd:56:62:ea:35:de:43:5f:36:f6:
c2:62:61:8d:80:07:89:77:42:8c:d5:52:53:fe:26:
2e:e1:75:0d:17:3c:9f:dc:75:68:d0:51:e1:d6:e7:
a3:01:20:d4:7a:f9:a6:53:5b:98:5c:a0:f6:23:fe:
25:65:c4:98:7e:1e:90:19:54:f1:66:8d:3e:be:13:
1a:b8:e3:d0:dd:c5:11:11:47:09:64:35:42:83:08:
0c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DE:C2:85:AE:AF:0E:05:8D:9F:28:C0:B1:EF:19:CC:06:71:D4:D0
X509v3 Authority Key Identifier:
keyid:65:7E:D6:F5:BB:A6:33:D5:52:69:FD:D0:56:BC:F6:0C:68:C7:B2:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZX7W9bumM9VSaf3QVrz2DGjHsrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/hd7Cha6vDgWNnyjAse8ZzAZx1NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/ZX7W9bumM9VSaf3QVrz2DGjHsrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.216.0/23
212.29.64.0/24
212.29.66.0/23
212.29.69.0/24
212.29.90.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5f:ea:63:00:a4:7b:69:13:90:1c:81:5a:b1:e9:01:56:68:
ac:bd:2b:b2:44:7a:af:a5:0c:08:e4:23:f2:a7:96:59:53:7d:
0b:ec:c3:86:98:ed:b6:32:58:6e:95:58:b3:61:1f:fc:84:35:
39:33:d1:ab:0e:bc:2e:5b:e2:2b:0e:61:c6:61:c7:3a:8d:3f:
c2:8a:c4:aa:29:8b:14:0f:2d:23:a4:f8:11:73:23:ed:13:b1:
04:4b:6e:b9:53:6a:7c:db:42:ac:5a:f6:15:85:71:3f:59:3e:
2c:4f:ca:e4:49:05:63:d6:5d:ac:aa:13:74:70:5a:fe:c0:af:
f8:3a:c1:46:4b:18:38:95:38:20:f8:74:28:d8:5a:89:3e:60:
a4:e8:40:38:d0:f5:3d:be:3a:81:ad:18:c0:ad:f2:e2:2a:61:
50:91:92:b9:71:9b:c7:ca:b1:25:fd:8f:a7:f0:e8:7c:03:10:
1f:a4:e2:c9:9f:f0:8c:7b:24:50:30:95:86:2b:bc:80:b3:a0:
49:d4:94:5c:5a:68:db:10:e7:9a:aa:31:44:f9:8f:de:ae:1a:
dd:9e:46:2c:f8:d4:11:0c:51:6f:49:b1:c7:09:ea:b6:73:63:
4f:1e:af:70:f4:80:a8:22:cf:65:c7:4d:fa:56:85:a7:ce:cc:
bd:c7:01:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPWEUNg5dSODZjiNtab0i/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1N2VkNmY1YmJhNjMzZDU1MjY5ZmRkMDU2YmNmNjBjNjhj
N2IyYjgwHhcNMjIxMDE0MTAzNjM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRlYzI4NWFlYWYwZTA1OGQ5ZjI4YzBiMWVmMTljYzA2NzFkNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycx9rlos5htYk20tci2VQ78zuyLq
qSjwyh3vyvBvNxXXdFUYAW68/ShDmZW7arayVcbt/+4PSAEiiv57dTDIl+lgjj0I
94s51D+Uy6xv+WmcRmwFC0Gm7s9OXf5DQWUkRkUn9B3huByY0KByrtaalppZmJ5s
K7aZ6W/bs1tmtnsBAygZIigFGy3dnCnbgNVIqxjKckCqx9/nKRPJafZM5cDOLnz6
MT+xWc1WYuo13kNfNvbCYmGNgAeJd0KM1VJT/iYu4XUNFzyf3HVo0FHh1uejASDU
evmmU1uYXKD2I/4lZcSYfh6QGVTxZo0+vhMauOPQ3cUREUcJZDVCgwgMcwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIXewoWurw4FjZ8owLHvGcwGcdTQMB8GA1UdIwQY
MBaAFGV+1vW7pjPVUmn90Fa89gxox7K4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlg3VzlidW1NOVZTYWYzUVZyejJER2pIc3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8wNjRmYWMtZWRkZC00OTAzLWExM2Qt
MGI5Yzc2YzBkOTFjLzEvaGQ3Q2hhNnZEZ1dObnlqQXNlOFp6QVp4MU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8wNjRmYWMtZWRkZC00OTAzLWExM2QtMGI5Yzc2YzBkOTFj
LzEvWlg3VzlidW1NOVZTYWYzUVZyejJER2pIc3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW+3YAwQA
1B1AAwQB1B1CAwQA1B1FAwQA1B1aMA0GCSqGSIb3DQEBCwUAA4IBAQBxX+pjAKR7
aROQHIFasekBVmisvSuyRHqvpQwI5CPyp5ZZU30L7MOGmO22MlhulVizYR/8hDU5
M9GrDrwuW+IrDmHGYcc6jT/CisSqKYsUDy0jpPgRcyPtE7EES265U2p820KsWvYV
hXE/WT4sT8rkSQVj1l2sqhN0cFr+wK/4OsFGSxg4lTgg+HQo2FqJPmCk6EA40PU9
vjqBrRjArfLiKmFQkZK5cZvHyrEl/Y+n8Oh8AxAfpOLJn/CMeyRQMJWGK7yAs6BJ
1JRcWmjbEOeaqjFE+Y/erhrdnkYs+NQRDFFvSbHHCeq2c2NPHq9w9ICoIs9lx036
VoWnzsy9xwFH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:13 2025 by rpki-client