Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/zSuwHNkrZdmHi_JdyCXXWxnl4VA.roa
File: zSuwHNkrZdmHi_JdyCXXWxnl4VA.roa (raw, json)
Hash identifier: YA70k8kCJDEKq6AKut5pXBASunEdCyblHd7X/WcpswI=
Subject key identifier: CD:2B:B0:1C:D9:2B:65:D9:87:8B:F2:5D:C8:25:D7:5B:19:E5:E1:50
Certificate issuer: /CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Certificate serial: 01856CAF1772CFE74080CA6F18AD33EB03E7
Authority key identifier: 09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/zSuwHNkrZdmHi_JdyCXXWxnl4VA.roa
Signing time: Sun 01 Jan 2023 09:34:52 +0000
ROA not before: Sun 01 Jan 2023 09:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201128
IP address blocks: 194.110.168.0/24 maxlen: 24
194.110.171.0/24 maxlen: 24
194.110.170.0/24 maxlen: 24
185.84.180.0/24 maxlen: 24
185.84.182.0/24 maxlen: 24
185.84.181.0/24 maxlen: 24
185.84.183.0/24 maxlen: 24
2a05:a740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:17:72:cf:e7:40:80:ca:6f:18:ad:33:eb:03:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Validity
Not Before: Jan 1 09:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd2bb01cd92b65d9878bf25dc825d75b19e5e150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e1:81:74:03:d0:cc:d9:a8:dd:0a:fc:58:94:
4d:b1:50:3d:20:80:f2:39:5f:ea:a8:f0:45:91:82:
2b:31:69:01:8a:4f:22:f5:c3:49:0d:14:bb:03:1f:
97:fa:e1:0b:20:9f:b5:2d:b4:bd:2d:36:d2:f5:12:
c1:3f:86:6b:17:9b:3a:c6:69:f5:01:02:3f:b5:cc:
9e:16:46:fa:55:8b:a0:52:7d:17:b0:f8:6c:91:6d:
78:68:b4:53:5f:f3:61:86:fb:65:cc:2d:0d:86:04:
5e:97:7a:d2:bc:64:08:98:0e:d2:1d:3d:75:f8:63:
8c:e2:ec:bd:ba:9f:18:9d:54:da:96:90:66:18:94:
ee:90:f4:53:ff:45:d8:02:b4:a0:3f:95:fc:f7:1e:
e1:de:76:40:f4:2c:04:34:a5:ea:09:ed:72:3c:34:
39:32:7c:7a:4f:16:31:f7:b0:10:57:e8:c2:48:b8:
52:4f:e9:67:1e:4b:81:26:48:a4:73:26:f4:86:bf:
84:85:61:bc:7b:c4:3c:28:b5:cb:2a:ae:54:e7:b7:
44:bd:9b:7d:16:e9:75:7e:13:c5:38:9d:28:55:fb:
34:4f:31:03:1a:51:e5:e6:29:26:29:ed:26:9f:01:
05:3c:f7:6d:07:6f:b8:a9:bd:54:0f:46:db:86:ca:
aa:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2B:B0:1C:D9:2B:65:D9:87:8B:F2:5D:C8:25:D7:5B:19:E5:E1:50
X509v3 Authority Key Identifier:
keyid:09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/zSuwHNkrZdmHi_JdyCXXWxnl4VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.180.0/22
194.110.168.0/24
194.110.170.0/23
IPv6:
2a05:a740::/29
Signature Algorithm: sha256WithRSAEncryption
01:5e:e8:0e:86:82:3e:a0:e7:f9:8e:a4:14:92:b4:4b:07:c7:
78:fa:c2:88:37:23:42:80:75:a5:63:8b:51:c6:a1:53:33:91:
91:9d:c4:47:71:05:ba:6f:a4:48:1b:01:29:7f:37:54:9b:4f:
5c:ce:8f:34:a0:22:92:44:c7:3b:98:1b:46:b2:97:cc:c8:9e:
ac:86:a0:67:49:b1:31:63:ee:88:d1:af:c0:ad:0d:36:22:b2:
5f:51:29:1f:e1:2f:0c:02:b8:b4:49:b1:6d:68:43:a4:7c:28:
20:e5:2a:40:fb:89:cf:59:94:fe:54:4c:c9:d4:a3:33:6c:a0:
17:f7:59:ba:e6:9b:00:bc:ab:51:8d:96:ea:09:a8:3d:ed:e6:
60:aa:f9:82:61:95:97:df:62:95:34:97:5d:57:f8:71:49:2d:
6f:5d:e8:19:67:da:be:ef:08:ee:72:28:82:ff:33:a5:30:dd:
ac:a7:44:1f:5e:d5:7c:dd:e7:8c:4e:32:8e:0c:14:ee:a7:d1:
f9:6e:5a:1e:0c:2e:3a:aa:b0:c6:b3:2c:28:d2:da:e9:e3:79:
3a:59:78:20:5f:de:a9:39:4c:2b:29:52:af:f6:e4:08:e1:41:
61:0b:a6:5b:23:06:5c:c7:4f:3a:0b:c0:b3:7c:2e:84:6f:6f:
0d:78:29:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsrxdyz+dAgMpvGK0z6wPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MjUzODg2YTAyNTBhMDRlYzY5YmUwMGJiZjg0MzNjMmYw
MTRiN2MwHhcNMjMwMTAxMDkzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJiYjAxY2Q5MmI2NWQ5ODc4YmYyNWRjODI1ZDc1YjE5ZTVlMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eGBdAPQzNmo3Qr8WJRNsVA9IIDy
OV/qqPBFkYIrMWkBik8i9cNJDRS7Ax+X+uELIJ+1LbS9LTbS9RLBP4ZrF5s6xmn1
AQI/tcyeFkb6VYugUn0XsPhskW14aLRTX/NhhvtlzC0NhgRel3rSvGQImA7SHT11
+GOM4uy9up8YnVTalpBmGJTukPRT/0XYArSgP5X89x7h3nZA9CwENKXqCe1yPDQ5
Mnx6TxYx97AQV+jCSLhST+lnHkuBJkikcyb0hr+EhWG8e8Q8KLXLKq5U57dEvZt9
Ful1fhPFOJ0oVfs0TzEDGlHl5ikmKe0mnwEFPPdtB2+4qb1UD0bbhsqq6QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM0rsBzZK2XZh4vyXcgl11sZ5eFQMB8GA1UdIwQY
MBaAFAklOIagJQoE7Gm+ALv4QzwvAUt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAt
MTE0YWQ0MWNmMzMxLzEvelN1d0hOa3JaZG1IaV9KZHlDWFhXeG5sNFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAtMTE0YWQ0MWNmMzMx
LzEvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVS0AwQA
wm6oAwQBwm6qMA0EAgACMAcDBQMqBadAMA0GCSqGSIb3DQEBCwUAA4IBAQABXugO
hoI+oOf5jqQUkrRLB8d4+sKINyNCgHWlY4tRxqFTM5GRncRHcQW6b6RIGwEpfzdU
m09czo80oCKSRMc7mBtGspfMyJ6shqBnSbExY+6I0a/ArQ02IrJfUSkf4S8MAri0
SbFtaEOkfCgg5SpA+4nPWZT+VEzJ1KMzbKAX91m65psAvKtRjZbqCag97eZgqvmC
YZWX32KVNJddV/hxSS1vXegZZ9q+7wjuciiC/zOlMN2sp0QfXtV83eeMTjKODBTu
p9H5bloeDC46qrDGsywo0trp43k6WXggX96pOUwrKVKv9uQI4UFhC6ZbIwZcx086
C8CzfC6Eb28NeCmG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:32 2025 by rpki-client