Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/zzpsyRSzqKgH5hKuDhLfTLgM93Y.roa
File: zzpsyRSzqKgH5hKuDhLfTLgM93Y.roa (raw, json)
Hash identifier: lZJtXC4XGFqN9DE9+/kftiHrTbVhdcUyC2r/zAf/Css=
Subject key identifier: CF:3A:6C:C9:14:B3:A8:A8:07:E6:12:AE:0E:12:DF:4C:B8:0C:F7:76
Certificate issuer: /CN=8df893edf33208d7a2cf62268613769fb4967c66
Certificate serial: 018570F0B10426CC3D60230060297CF2D397
Authority key identifier: 8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/zzpsyRSzqKgH5hKuDhLfTLgM93Y.roa
Signing time: Mon 02 Jan 2023 05:25:00 +0000
ROA not before: Mon 02 Jan 2023 05:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43108
IP address blocks: 91.228.4.0/22 maxlen: 22
195.28.26.0/23 maxlen: 23
91.194.76.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b1:04:26:cc:3d:60:23:00:60:29:7c:f2:d3:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df893edf33208d7a2cf62268613769fb4967c66
Validity
Not Before: Jan 2 05:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf3a6cc914b3a8a807e612ae0e12df4cb80cf776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:9c:bf:e1:6a:08:92:38:2e:38:da:ff:5e:
25:2a:2d:99:3b:e0:2a:3f:34:1d:3e:84:65:79:56:
72:16:26:ef:02:38:10:e2:a4:c9:2f:ab:44:83:f3:
8b:5e:f7:50:4c:aa:d7:86:ff:5c:96:57:5c:31:6b:
45:d6:23:a5:71:e0:76:b2:66:56:13:a2:f3:9b:8d:
44:8f:63:bd:eb:f1:1f:f7:c2:7d:cb:92:85:bd:f4:
53:e8:b1:e7:d8:ca:e0:73:70:9b:04:ba:09:d4:ea:
69:3c:50:f6:8e:36:16:c9:51:05:a3:cc:97:c4:05:
4b:35:5e:3d:90:d7:50:1a:72:58:2a:c9:6f:95:3b:
ee:c5:e6:88:8e:c8:97:62:ce:bd:bc:50:4d:94:00:
5b:57:22:4d:ae:ee:a7:f1:ef:38:6b:5b:09:23:4c:
55:ea:1c:72:9b:06:63:e2:35:fa:ca:d5:d2:0c:34:
75:5a:0f:a1:0d:da:df:c7:1a:b8:1c:27:7b:92:26:
12:70:dd:d0:c7:68:46:e6:5e:91:e9:c7:18:55:0c:
75:b7:22:ce:b7:86:a6:bd:9c:c9:cc:28:eb:0e:43:
b9:ff:f7:8f:ba:a2:35:fd:98:0f:7d:a3:1e:b5:cd:
51:d8:e2:cd:97:d8:d6:ef:7e:0b:70:99:4b:9a:9d:
03:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3A:6C:C9:14:B3:A8:A8:07:E6:12:AE:0E:12:DF:4C:B8:0C:F7:76
X509v3 Authority Key Identifier:
keyid:8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/zzpsyRSzqKgH5hKuDhLfTLgM93Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.76.0/23
91.228.4.0/22
195.28.26.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:3b:ad:f2:61:cd:ae:26:c9:20:81:90:1a:f0:32:12:3f:9a:
f3:a4:31:69:0f:49:d2:f2:84:27:66:f4:3f:1d:b1:f8:2d:eb:
99:86:d1:b2:e7:54:5b:5d:78:6b:35:86:c6:dd:d1:3c:3f:3f:
f0:ab:d0:4c:70:23:d5:b0:b6:d5:0f:6f:9c:4f:c5:29:ed:2e:
7d:ad:a9:59:26:97:d1:1e:a1:24:2b:2f:02:90:bd:eb:c5:f5:
99:2b:1e:49:4f:b1:de:96:cd:1d:3f:ea:9f:09:11:35:3d:cc:
58:76:bc:2f:34:97:49:e3:6b:94:43:f1:77:17:23:cf:7b:7e:
e8:2f:7b:c8:91:3f:9c:69:4f:da:2c:27:26:8f:74:6c:fb:58:
42:06:ca:5b:aa:f4:14:55:1d:29:a1:e9:9a:65:67:ca:f3:55:
86:40:7d:41:58:04:c7:6e:ff:f8:ae:96:af:08:a5:d3:ab:d2:
1c:a2:74:c5:93:ca:ca:33:a9:4f:e1:a2:49:9a:20:38:6a:50:
3a:2d:47:72:76:cc:0f:23:ff:5b:bc:2d:bc:39:6c:d3:57:90:
d5:81:76:40:8b:ff:b5:04:ac:a1:9f:6d:bf:26:ec:bf:a3:5e:
ab:5e:3d:13:ef:5c:32:4b:ba:e9:e2:7e:c4:75:9e:11:53:f2:
f7:0b:d9:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw8LEEJsw9YCMAYCl88tOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjg5M2VkZjMzMjA4ZDdhMmNmNjIyNjg2MTM3NjlmYjQ5
NjdjNjYwHhcNMjMwMTAyMDUyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNhNmNjOTE0YjNhOGE4MDdlNjEyYWUwZTEyZGY0Y2I4MGNmNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseKcv+FqCJI4Ljja/14lKi2ZO+Aq
PzQdPoRleVZyFibvAjgQ4qTJL6tEg/OLXvdQTKrXhv9clldcMWtF1iOlceB2smZW
E6Lzm41Ej2O96/Ef98J9y5KFvfRT6LHn2Mrgc3CbBLoJ1OppPFD2jjYWyVEFo8yX
xAVLNV49kNdQGnJYKslvlTvuxeaIjsiXYs69vFBNlABbVyJNru6n8e84a1sJI0xV
6hxymwZj4jX6ytXSDDR1Wg+hDdrfxxq4HCd7kiYScN3Qx2hG5l6R6ccYVQx1tyLO
t4amvZzJzCjrDkO5//ePuqI1/ZgPfaMetc1R2OLNl9jW734LcJlLmp0D1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM86bMkUs6ioB+YSrg4S30y4DPd2MB8GA1UdIwQY
MBaAFI34k+3zMgjXos9iJoYTdp+0lnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYt
Zjg3Nzg3YjFkMDNjLzEvenpwc3lSU3pxS2dINWhLdURoTGZUTGdNOTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYtZjg3Nzg3YjFkMDNj
LzEvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8JMAwQC
W+QEAwQBwxwaMA0GCSqGSIb3DQEBCwUAA4IBAQB+O63yYc2uJskggZAa8DISP5rz
pDFpD0nS8oQnZvQ/HbH4LeuZhtGy51RbXXhrNYbG3dE8Pz/wq9BMcCPVsLbVD2+c
T8Up7S59ralZJpfRHqEkKy8CkL3rxfWZKx5JT7Hels0dP+qfCRE1PcxYdrwvNJdJ
42uUQ/F3FyPPe37oL3vIkT+caU/aLCcmj3Rs+1hCBspbqvQUVR0poemaZWfK81WG
QH1BWATHbv/4rpavCKXTq9IconTFk8rKM6lP4aJJmiA4alA6LUdydswPI/9bvC28
OWzTV5DVgXZAi/+1BKyhn22/Juy/o16rXj0T71wyS7rp4n7EdZ4RU/L3C9lE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:14 2025 by rpki-client