Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/zpxPi1mR7yLu_0dBMZ6IBh0xDxo.roa
File: zpxPi1mR7yLu_0dBMZ6IBh0xDxo.roa (raw, json)
Hash identifier: dIUfu/LOTA0OtpZwjrtRiI3YN9deFRg956qCzq7nYJc=
Subject key identifier: CE:9C:4F:8B:59:91:EF:22:EE:FF:47:41:31:9E:88:06:1D:31:0F:1A
Certificate issuer: /CN=87e64170f9d82c51670b9a44f329b20613a8082d
Certificate serial: 0185711E64FE7A6E72470FAF2B3D9A0D346F
Authority key identifier: 87:E6:41:70:F9:D8:2C:51:67:0B:9A:44:F3:29:B2:06:13:A8:08:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/zpxPi1mR7yLu_0dBMZ6IBh0xDxo.roa
Signing time: Mon 02 Jan 2023 06:14:55 +0000
ROA not before: Mon 02 Jan 2023 06:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51942
IP address blocks: 195.72.120.0/23 maxlen: 23
2001:678:56c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:64:fe:7a:6e:72:47:0f:af:2b:3d:9a:0d:34:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e64170f9d82c51670b9a44f329b20613a8082d
Validity
Not Before: Jan 2 06:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce9c4f8b5991ef22eeff4741319e88061d310f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b7:d6:48:5f:fd:3f:31:d6:11:16:a3:e1:f0:
f2:0f:81:c4:84:83:ce:49:7c:4a:ad:fb:e6:bb:66:
bf:29:9d:db:83:6e:d1:83:97:ee:63:ab:07:c1:91:
c1:a0:03:d6:a9:d1:a5:10:81:76:54:14:62:17:ec:
51:b0:0c:c0:14:08:58:c9:b0:e1:1a:c9:e0:82:b5:
2f:6f:d9:dc:09:1c:90:d8:42:3f:67:d3:01:45:1c:
ec:b2:b6:5b:3c:e5:34:be:fb:69:68:33:f4:2e:6b:
a8:22:73:47:d0:4c:1a:e8:7b:d0:69:50:9b:26:2a:
40:15:b3:7c:89:1f:7e:b2:86:64:f5:e4:fe:2d:e2:
e9:b1:fe:ac:8c:81:55:09:04:a3:5d:80:ab:e5:90:
b8:29:01:5e:da:3a:5c:26:51:63:bd:0f:bb:ac:6b:
3d:68:ee:44:6b:2c:c3:33:18:a7:d8:d7:7e:ed:12:
d0:20:45:59:13:1a:18:d7:0c:fc:ec:ac:9f:c7:d4:
2d:e6:88:25:60:d2:cc:da:02:1d:8e:62:da:05:46:
47:d9:83:e3:33:54:f6:7e:a1:ef:2e:61:cd:85:b0:
bc:55:df:ac:77:4a:21:3e:57:30:f9:8e:e5:1e:84:
8d:bd:b6:b6:0c:d3:fc:31:fa:34:2c:9f:74:45:a5:
cc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9C:4F:8B:59:91:EF:22:EE:FF:47:41:31:9E:88:06:1D:31:0F:1A
X509v3 Authority Key Identifier:
keyid:87:E6:41:70:F9:D8:2C:51:67:0B:9A:44:F3:29:B2:06:13:A8:08:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/zpxPi1mR7yLu_0dBMZ6IBh0xDxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.72.120.0/23
IPv6:
2001:678:56c::/48
Signature Algorithm: sha256WithRSAEncryption
a4:02:c1:25:60:e9:6b:47:0c:f5:01:09:ae:f6:fb:a8:a5:27:
13:d0:f6:38:d5:98:14:cf:aa:42:27:fa:76:e5:ad:7f:8c:30:
cf:ea:34:9b:7d:8f:aa:d8:98:08:42:07:90:27:76:60:0c:4b:
18:38:7b:98:86:74:82:cb:69:89:24:77:ff:66:34:78:25:65:
ca:ad:57:be:c0:a0:ea:10:b4:ee:0b:87:2c:eb:28:07:71:05:
14:cd:d9:4e:e6:c5:92:30:c3:96:56:d6:c3:54:c5:c6:3d:63:
c8:b4:44:0d:8c:c3:0e:ea:83:55:1b:fe:a3:6f:b0:2c:c9:68:
bd:60:fa:d5:37:08:77:71:40:00:dc:b7:5a:b9:95:43:44:c8:
4a:ff:0c:25:a3:36:5c:48:0b:6d:84:9c:8e:8c:e4:d8:b9:e8:
46:c9:8a:43:b6:10:47:0a:8c:14:cd:d4:1d:f5:c5:0c:1e:b0:
21:01:84:ae:68:89:dc:b8:8f:07:85:3c:0c:90:9a:e2:99:ff:
7c:ce:5a:f6:1b:55:12:5a:15:93:0d:37:78:f1:da:4b:63:90:
d2:ca:56:d6:ae:16:6b:ae:c2:9a:d6:91:80:43:1b:af:a4:85:
3f:46:26:6c:18:d8:5f:ae:ec:21:df:05:22:cc:66:ae:e6:8b:
ae:19:08:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxHmT+em5yRw+vKz2aDTRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTY0MTcwZjlkODJjNTE2NzBiOWE0NGYzMjliMjA2MTNh
ODA4MmQwHhcNMjMwMTAyMDYxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTljNGY4YjU5OTFlZjIyZWVmZjQ3NDEzMTllODgwNjFkMzEwZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLfWSF/9PzHWERaj4fDyD4HEhIPO
SXxKrfvmu2a/KZ3bg27Rg5fuY6sHwZHBoAPWqdGlEIF2VBRiF+xRsAzAFAhYybDh
GsnggrUvb9ncCRyQ2EI/Z9MBRRzssrZbPOU0vvtpaDP0LmuoInNH0Ewa6HvQaVCb
JipAFbN8iR9+soZk9eT+LeLpsf6sjIFVCQSjXYCr5ZC4KQFe2jpcJlFjvQ+7rGs9
aO5EayzDMxin2Nd+7RLQIEVZExoY1wz87Kyfx9Qt5oglYNLM2gIdjmLaBUZH2YPj
M1T2fqHvLmHNhbC8Vd+sd0ohPlcw+Y7lHoSNvba2DNP8Mfo0LJ90RaXMpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM6cT4tZke8i7v9HQTGeiAYdMQ8aMB8GA1UdIwQY
MBaAFIfmQXD52CxRZwuaRPMpsgYTqAgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1aQmNQbllMRkZuQzVwRTh5bXlCaE9vQ0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9iZWIyOWQtZjBlZS00MDdhLTk3MDIt
NmUxM2NjYmY0OTA2LzEvenB4UGkxbVI3eUx1XzBkQk1aNklCaDB4RHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9iZWIyOWQtZjBlZS00MDdhLTk3MDItNmUxM2NjYmY0OTA2
LzEvaC1aQmNQbllMRkZuQzVwRTh5bXlCaE9vQ0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw0h4MA8E
AgACMAkDBwAgAQZ4BWwwDQYJKoZIhvcNAQELBQADggEBAKQCwSVg6WtHDPUBCa72
+6ilJxPQ9jjVmBTPqkIn+nblrX+MMM/qNJt9j6rYmAhCB5AndmAMSxg4e5iGdILL
aYkkd/9mNHglZcqtV77AoOoQtO4LhyzrKAdxBRTN2U7mxZIww5ZW1sNUxcY9Y8i0
RA2Mww7qg1Ub/qNvsCzJaL1g+tU3CHdxQADct1q5lUNEyEr/DCWjNlxIC22EnI6M
5Ni56EbJikO2EEcKjBTN1B31xQwesCEBhK5oidy4jweFPAyQmuKZ/3zOWvYbVRJa
FZMNN3jx2ktjkNLKVtauFmuuwprWkYBDG6+khT9GJmwY2F+u7CHfBSLMZq7mi64Z
CIc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:41 2025 by rpki-client