Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/Zi3vM7o0N1TWEKT49ns2ClbhM70.roa
File: Zi3vM7o0N1TWEKT49ns2ClbhM70.roa (raw, json)
Hash identifier: 9seFRQcjZuvlrXOC/f+DISKCHW2J9lUrxvEiDhdUinY=
Subject key identifier: 66:2D:EF:33:BA:34:37:54:D6:10:A4:F8:F6:7B:36:0A:56:E1:33:BD
Certificate issuer: /CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Certificate serial: 0185727A2DB990730E84F97A803FDF1B3B27
Authority key identifier: 67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/Zi3vM7o0N1TWEKT49ns2ClbhM70.roa
Signing time: Mon 02 Jan 2023 12:34:47 +0000
ROA not before: Mon 02 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209236
IP address blocks: 170.102.144.0/24 maxlen: 24
170.102.145.0/24 maxlen: 24
170.102.192.0/24 maxlen: 24
170.102.192.0/23 maxlen: 23
170.102.194.0/24 maxlen: 24
170.102.195.0/24 maxlen: 24
170.102.193.0/24 maxlen: 24
170.102.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:2d:b9:90:73:0e:84:f9:7a:80:3f:df:1b:3b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Validity
Not Before: Jan 2 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=662def33ba343754d610a4f8f67b360a56e133bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7f:e6:5b:99:b3:da:a1:6c:5e:cf:ff:e9:89:
69:11:f7:7c:8a:18:fa:37:0c:ec:81:ec:52:5c:0f:
6c:67:92:04:a3:cd:c1:6a:38:75:96:88:98:c5:40:
f5:63:f3:cb:de:8a:f6:cf:e5:22:02:b0:df:12:30:
d2:ba:96:bc:43:4a:5f:46:27:b8:b2:4d:0d:f3:19:
2d:75:88:4a:14:ab:72:80:34:55:aa:ae:23:d0:57:
b3:42:5b:c7:2d:8e:81:1e:2d:b0:e7:55:a2:da:c6:
23:01:65:30:11:73:69:da:36:18:1a:75:cc:30:06:
31:58:15:ad:49:10:a2:68:a6:ac:2e:fb:29:55:98:
46:f6:d5:ae:5b:e7:86:e6:17:49:70:ac:9f:d4:40:
fc:5d:00:ae:d4:48:19:3a:aa:a0:fe:be:a6:11:65:
16:a5:9a:90:7e:5d:8e:93:fe:5a:f2:29:e1:a1:ad:
90:80:f6:6e:60:90:8c:fc:f1:05:8c:6f:8e:08:73:
ac:77:61:9e:6b:20:72:25:61:23:87:e5:9a:4d:b5:
2a:7f:1f:0d:73:34:d8:f5:f4:79:ab:36:3c:a9:05:
68:63:23:84:65:03:c1:87:da:9e:91:bb:d1:28:ef:
28:e8:4a:9b:fe:8a:2a:60:5a:fc:91:20:5d:ed:f6:
07:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2D:EF:33:BA:34:37:54:D6:10:A4:F8:F6:7B:36:0A:56:E1:33:BD
X509v3 Authority Key Identifier:
keyid:67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/Zi3vM7o0N1TWEKT49ns2ClbhM70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/Zzs6cc93J1Wj34ztXXNRb4ccChE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.102.144.0/23
170.102.192.0-170.102.196.255
Signature Algorithm: sha256WithRSAEncryption
b5:1d:c0:28:87:a9:28:91:f3:02:33:51:d9:8c:ba:4c:0d:f8:
7e:d1:6e:df:05:5b:dd:f7:66:95:14:11:a3:bd:50:4c:5f:11:
3e:73:96:46:4f:66:f9:18:05:90:78:ba:4e:f6:3d:c3:5e:79:
d8:9e:fd:8e:ca:13:38:c9:d0:72:41:c0:5d:c4:ab:41:62:a8:
17:6f:f7:ff:17:fe:fd:e1:7a:a8:a5:fb:37:a0:98:49:be:c4:
0c:0c:2e:5c:a6:a3:dc:14:47:f6:65:ad:9c:b9:5a:76:a7:d4:
79:bb:f5:ae:99:f7:c9:6c:1c:f4:87:44:11:f5:a3:50:67:e3:
40:4c:60:40:ba:90:8e:10:20:10:80:4d:0b:31:f9:51:1e:de:
95:37:e4:8e:85:c4:95:4f:a7:64:e9:45:a6:aa:40:11:96:8b:
7d:58:30:eb:f3:b5:47:dc:83:e8:3e:86:62:04:b1:bd:a6:bc:
f3:ee:91:a4:32:7d:b6:17:36:1a:c2:99:ea:7f:2c:ec:32:98:
0d:8e:1d:e2:e3:f4:1e:11:0a:55:b5:ff:17:36:9c:77:a5:ee:
91:10:23:be:11:09:df:61:fd:b0:d7:46:4f:c8:7a:d9:21:ba:
95:f7:ff:40:90:fe:7d:22:1b:0c:ef:df:81:0f:84:6e:cd:f2:
db:c3:88:4e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyei25kHMOhPl6gD/fGzsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3M2IzYTcxY2Y3NzI3NTVhM2RmOGNlZDVkNzM1MTZmODcx
YzBhMTEwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJkZWYzM2JhMzQzNzU0ZDYxMGE0ZjhmNjdiMzYwYTU2ZTEzM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH/mW5mz2qFsXs//6YlpEfd8ihj6
NwzsgexSXA9sZ5IEo83Bajh1loiYxUD1Y/PL3or2z+UiArDfEjDSupa8Q0pfRie4
sk0N8xktdYhKFKtygDRVqq4j0FezQlvHLY6BHi2w51Wi2sYjAWUwEXNp2jYYGnXM
MAYxWBWtSRCiaKasLvspVZhG9tWuW+eG5hdJcKyf1ED8XQCu1EgZOqqg/r6mEWUW
pZqQfl2Ok/5a8inhoa2QgPZuYJCM/PEFjG+OCHOsd2GeayByJWEjh+WaTbUqfx8N
czTY9fR5qzY8qQVoYyOEZQPBh9qekbvRKO8o6Eqb/ooqYFr8kSBd7fYHZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGYt7zO6NDdU1hCk+PZ7NgpW4TO9MB8GA1UdIwQY
MBaAFGc7OnHPdydVo9+M7V1zUW+HHAoRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnpzNmNjOTNKMVdqMzR6dFhYTlJiNGNjQ2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9jOTQ4NTUtNWIxYS00Zjk2LWI3YTEt
NmZlMWYyOTRlNjI3LzEvWmkzdk03bzBOMVRXRUtUNDluczJDbGJoTTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9jOTQ4NTUtNWIxYS00Zjk2LWI3YTEtNmZlMWYyOTRlNjI3
LzEvWnpzNmNjOTNKMVdqMzR6dFhYTlJiNGNjQ2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBqmaQMAwD
BAaqZsADBACqZsQwDQYJKoZIhvcNAQELBQADggEBALUdwCiHqSiR8wIzUdmMukwN
+H7Rbt8FW933ZpUUEaO9UExfET5zlkZPZvkYBZB4uk72PcNeedie/Y7KEzjJ0HJB
wF3Eq0FiqBdv9/8X/v3heqil+zegmEm+xAwMLlymo9wUR/ZlrZy5Wnan1Hm79a6Z
98lsHPSHRBH1o1Bn40BMYEC6kI4QIBCATQsx+VEe3pU35I6FxJVPp2TpRaaqQBGW
i31YMOvztUfcg+g+hmIEsb2mvPPukaQyfbYXNhrCmep/LOwymA2OHeLj9B4RClW1
/xc2nHel7pEQI74RCd9h/bDXRk/IetkhupX3/0CQ/n0iGwzv34EPhG7N8tvDiE4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:44 2025 by rpki-client