Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/ZW6exFN2b0_t8zGTFe98mip9Cdk.roa
File: ZW6exFN2b0_t8zGTFe98mip9Cdk.roa (raw, json)
Hash identifier: QURmjLavxZ/XG6gs+0NIn857zR7ucXRmuxaewo0tBxA=
Subject key identifier: 65:6E:9E:C4:53:76:6F:4F:ED:F3:31:93:15:EF:7C:9A:2A:7D:09:D9
Certificate issuer: /CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Certificate serial: 01876EF4AFBB01B50D4569E857CDCC1533A2
Authority key identifier: B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/ZW6exFN2b0_t8zGTFe98mip9Cdk.roa
Signing time: Tue 11 Apr 2023 06:15:42 +0000
ROA not before: Tue 11 Apr 2023 06:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21067
IP address blocks: 185.110.148.0/22 maxlen: 24
2a06:5840::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:f4:af:bb:01:b5:0d:45:69:e8:57:cd:cc:15:33:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Validity
Not Before: Apr 11 06:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=656e9ec453766f4fedf3319315ef7c9a2a7d09d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ef:e7:dd:9d:28:0b:3f:da:c2:06:a5:f2:5d:
4a:00:83:8a:65:5b:be:e4:1a:c7:c7:df:00:b0:7d:
18:f9:9a:f7:86:97:3a:39:6d:2c:bc:3e:55:ab:b1:
6a:a5:b8:ce:5e:3c:00:14:57:89:17:30:5d:3f:ea:
51:d2:1d:20:ee:a9:f1:ec:ac:1e:7a:eb:45:3f:e7:
4c:e4:da:e3:6f:6e:7c:d1:57:13:c8:1c:4d:00:ec:
2f:4f:23:e5:53:31:2f:f1:24:89:d2:d5:6a:78:97:
0b:6c:a3:7c:74:4b:1d:70:67:a1:c0:fb:fa:d9:2a:
1c:4f:27:91:d5:40:c8:91:d8:4d:74:12:de:24:9f:
74:54:2c:a4:7d:a4:1a:c9:e9:04:00:5d:15:06:b5:
05:5e:8d:06:05:8c:31:b1:be:41:fd:de:12:6f:cb:
82:3f:83:3d:c4:24:12:f1:7e:f9:bf:50:88:a0:14:
f0:e0:a5:4f:26:22:4c:38:50:5b:1e:03:0a:28:45:
78:eb:fd:22:4f:18:57:39:cd:46:45:8a:fd:b3:b2:
be:8c:ee:f1:4c:26:a9:ab:e4:71:a9:30:f4:1d:ec:
70:d0:aa:6b:02:29:02:ed:4c:e9:be:29:26:4c:04:
c8:31:b7:ea:81:5d:db:6e:50:ef:4c:58:c2:c0:4f:
85:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6E:9E:C4:53:76:6F:4F:ED:F3:31:93:15:EF:7C:9A:2A:7D:09:D9
X509v3 Authority Key Identifier:
keyid:B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/ZW6exFN2b0_t8zGTFe98mip9Cdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/sKclKqZD0NvELaQQ6cIPVwM2jNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.148.0/22
IPv6:
2a06:5840::/29
Signature Algorithm: sha256WithRSAEncryption
bf:d4:1e:d3:b0:74:5c:d3:7a:c2:81:ad:bd:38:28:5c:a6:9d:
63:b6:31:17:3e:6c:79:41:2b:c6:52:a3:06:dc:22:95:0d:ce:
45:75:6d:89:21:56:ea:fb:04:96:23:61:48:c7:33:08:af:16:
d8:e1:86:42:34:04:09:2d:90:bb:dc:1f:9d:b5:34:92:c3:5d:
fd:08:b3:a3:ac:08:8e:ce:5d:b5:e1:ac:b0:c2:d1:f7:6d:be:
ac:43:95:9a:f3:28:ec:0e:29:bc:17:20:94:8d:84:3c:db:8a:
fb:da:bc:c5:3d:6e:1d:98:92:dd:39:fe:6f:a6:8f:eb:1e:8e:
d7:de:36:34:8e:67:19:b4:3e:c5:5e:ea:9b:0d:bf:c8:79:44:
db:f9:57:70:89:5e:79:7d:5e:0e:dc:d0:a6:ee:01:02:79:6b:
04:4d:01:60:0a:5f:3a:74:37:2a:f6:52:42:f2:05:40:0d:72:
11:26:33:09:33:cd:b4:f4:e9:4d:a8:ef:4f:42:77:ed:34:f0:
4b:7e:df:62:bf:bc:24:b7:5b:64:8a:eb:0b:09:22:70:39:fd:
26:82:59:f3:b0:7d:bc:0e:ae:d4:1e:37:5f:1f:33:b5:bd:c5:
d8:c5:aa:83:db:96:95:76:22:86:bf:31:ad:5c:9b:da:04:15:
6c:6b:44:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdu9K+7AbUNRWnoV83MFTOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTcyNTJhYTY0M2QwZGJjNDJkYTQxMGU5YzIwZjU3MDMz
NjhjZDgwHhcNMjMwNDExMDYxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTZlOWVjNDUzNzY2ZjRmZWRmMzMxOTMxNWVmN2M5YTJhN2QwOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2e/n3Z0oCz/awgal8l1KAIOKZVu+
5BrHx98AsH0Y+Zr3hpc6OW0svD5Vq7FqpbjOXjwAFFeJFzBdP+pR0h0g7qnx7Kwe
eutFP+dM5Nrjb2580VcTyBxNAOwvTyPlUzEv8SSJ0tVqeJcLbKN8dEsdcGehwPv6
2SocTyeR1UDIkdhNdBLeJJ90VCykfaQayekEAF0VBrUFXo0GBYwxsb5B/d4Sb8uC
P4M9xCQS8X75v1CIoBTw4KVPJiJMOFBbHgMKKEV46/0iTxhXOc1GRYr9s7K+jO7x
TCapq+RxqTD0Hexw0KprAikC7UzpvikmTATIMbfqgV3bblDvTFjCwE+FAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGVunsRTdm9P7fMxkxXvfJoqfQnZMB8GA1UdIwQY
MBaAFLCnJSqmQ9DbxC2kEOnCD1cDNozYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tjbEtxWkQwTnZFTGFRUTZjSVBWd00yak5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lNGYzZWYtN2JmYy00MDU1LWI3OTgt
MDI4YTJiMGE1M2Q1LzEvWlc2ZXhGTjJiMF90OHpHVEZlOThtaXA5Q2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lNGYzZWYtN2JmYy00MDU1LWI3OTgtMDI4YTJiMGE1M2Q1
LzEvc0tjbEtxWkQwTnZFTGFRUTZjSVBWd00yak5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW6UMA0E
AgACMAcDBQMqBlhAMA0GCSqGSIb3DQEBCwUAA4IBAQC/1B7TsHRc03rCga29OChc
pp1jtjEXPmx5QSvGUqMG3CKVDc5FdW2JIVbq+wSWI2FIxzMIrxbY4YZCNAQJLZC7
3B+dtTSSw139CLOjrAiOzl214aywwtH3bb6sQ5Wa8yjsDim8FyCUjYQ824r72rzF
PW4dmJLdOf5vpo/rHo7X3jY0jmcZtD7FXuqbDb/IeUTb+VdwiV55fV4O3NCm7gEC
eWsETQFgCl86dDcq9lJC8gVADXIRJjMJM8209OlNqO9PQnftNPBLft9iv7wkt1tk
iusLCSJwOf0mglnzsH28Dq7UHjdfHzO1vcXYxaqD25aVdiKGvzGtXJvaBBVsa0Su
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:46 2025 by rpki-client