Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/RZJ_zap47JR0NilfcZxBxTjun-Q.roa
File: RZJ_zap47JR0NilfcZxBxTjun-Q.roa (raw, json)
Hash identifier: uTcKPoC13Cwr+xUeB5gni8me09PRVO7HgjCha2vIiUE=
Subject key identifier: 45:92:7F:CD:AA:78:EC:94:74:36:29:5F:71:9C:41:C5:38:EE:9F:E4
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 0185FA268BFFB1D1ADB20621454AD7EAB603
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/RZJ_zap47JR0NilfcZxBxTjun-Q.roa
Signing time: Sat 28 Jan 2023 20:51:48 +0000
ROA not before: Sat 28 Jan 2023 20:51:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210951
IP address blocks: 2a04:ff00:700::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fa:26:8b:ff:b1:d1:ad:b2:06:21:45:4a:d7:ea:b6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 28 20:51:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45927fcdaa78ec947436295f719c41c538ee9fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2c:3e:dc:f7:76:09:10:4e:79:8b:ec:b0:d5:
04:0c:ff:19:c6:55:e6:24:76:f1:cb:ea:90:d0:cb:
e4:6d:67:f8:58:9c:e0:71:fa:93:05:68:ae:48:a2:
14:a3:0f:89:ed:99:9c:9e:6d:a9:4f:3d:80:4d:8a:
e5:b9:36:39:ea:fe:99:b0:f1:05:5a:10:e5:54:85:
a4:33:5a:42:f9:50:d2:99:6b:38:5d:1c:b8:ee:10:
b7:db:ff:79:7b:7b:78:39:85:9b:40:3c:b4:d5:05:
96:f9:3f:bd:25:ca:27:ee:1d:30:a6:92:0a:f2:6f:
c9:18:ec:3e:59:1f:55:98:fd:f0:ed:83:be:61:15:
69:78:e4:29:b8:f8:69:be:40:ce:9c:44:43:0f:95:
c4:dc:d3:f6:41:94:44:3e:c7:e9:ea:ed:9f:45:0d:
29:ac:18:ce:8b:f8:de:61:b6:f3:c6:63:bd:28:5e:
aa:7f:ad:59:8a:ba:d7:58:9b:01:18:5a:2d:fa:9d:
d3:98:16:52:1c:c6:17:ab:b1:74:88:15:b5:7f:6d:
ed:17:de:2c:92:d7:98:95:4f:42:db:d7:65:6b:6b:
b3:bc:2b:ca:c7:3d:04:1b:fc:e4:3d:e8:3c:b4:17:
9e:5a:a2:51:37:7b:15:d4:ec:b5:dd:22:96:6a:02:
79:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:92:7F:CD:AA:78:EC:94:74:36:29:5F:71:9C:41:C5:38:EE:9F:E4
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/RZJ_zap47JR0NilfcZxBxTjun-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:700::/40
Signature Algorithm: sha256WithRSAEncryption
45:46:7c:73:92:83:5d:82:b6:98:55:b6:a1:8a:0d:41:af:18:
1f:5c:34:5e:2a:46:02:82:ee:64:06:c1:f3:bd:08:73:9d:ee:
1b:80:6f:2c:88:6b:2a:f0:09:cd:07:9e:cc:2e:e9:ba:dc:f2:
df:19:b4:cc:7b:8a:28:2e:8f:78:1d:25:69:da:07:9c:41:29:
7b:b3:dc:55:35:2d:c5:6e:98:79:4b:28:49:d4:1a:1c:86:ed:
12:b1:f9:b7:7f:2c:f7:97:6a:06:61:60:ae:c2:50:cd:2f:b8:
96:87:f1:bc:b8:ba:55:da:47:a1:3b:0b:4a:e7:61:76:08:c9:
e5:10:87:88:91:87:f8:a2:45:8e:7c:9a:b1:90:f7:87:68:c6:
43:f6:3c:97:9c:37:2c:fb:df:8c:4f:37:45:44:b4:87:8e:56:
3b:e1:c8:d6:a0:6b:0d:9f:34:e3:c6:da:ae:76:12:9d:9b:3d:
40:75:20:bf:fc:dd:44:89:e0:ff:d9:31:7c:34:0b:c1:14:60:
4d:34:f8:56:12:1d:b3:c7:6a:af:b0:ad:13:08:b0:5c:7b:d6:
84:06:37:78:30:0d:ac:03:cb:cd:60:c3:61:58:ea:fd:25:25:
04:33:d8:f1:8f:b9:20:13:2b:3b:ee:36:39:4a:5a:8a:b0:c0:
20:9e:b1:f3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYX6Jov/sdGtsgYhRUrX6rYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjMwMTI4MjA1MTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTkyN2ZjZGFhNzhlYzk0NzQzNjI5NWY3MTljNDFjNTM4ZWU5ZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCw+3Pd2CRBOeYvssNUEDP8ZxlXm
JHbxy+qQ0MvkbWf4WJzgcfqTBWiuSKIUow+J7Zmcnm2pTz2ATYrluTY56v6ZsPEF
WhDlVIWkM1pC+VDSmWs4XRy47hC32/95e3t4OYWbQDy01QWW+T+9Jcon7h0wppIK
8m/JGOw+WR9VmP3w7YO+YRVpeOQpuPhpvkDOnERDD5XE3NP2QZREPsfp6u2fRQ0p
rBjOi/jeYbbzxmO9KF6qf61ZirrXWJsBGFot+p3TmBZSHMYXq7F0iBW1f23tF94s
kteYlU9C29dla2uzvCvKxz0EG/zkPeg8tBeeWqJRN3sV1Oy13SKWagJ5SwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEWSf82qeOyUdDYpX3GcQcU47p/kMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvUlpKX3phcDQ3SlIwTmlsZmNaeEJ4VGp1bi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgT/AAcw
DQYJKoZIhvcNAQELBQADggEBAEVGfHOSg12CtphVtqGKDUGvGB9cNF4qRgKC7mQG
wfO9CHOd7huAbyyIayrwCc0Hnswu6brc8t8ZtMx7iiguj3gdJWnaB5xBKXuz3FU1
LcVumHlLKEnUGhyG7RKx+bd/LPeXagZhYK7CUM0vuJaH8by4ulXaR6E7C0rnYXYI
yeUQh4iRh/iiRY58mrGQ94doxkP2PJecNyz734xPN0VEtIeOVjvhyNagaw2fNOPG
2q52Ep2bPUB1IL/83USJ4P/ZMXw0C8EUYE00+FYSHbPHaq+wrRMIsFx71oQGN3gw
DawDy81gw2FY6v0lJQQz2PGPuSATKzvuNjlKWoqwwCCesfM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:53 2025 by rpki-client