Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/uZNmEiVJPh61mrEzJlVLSifu3VY.roa
File: uZNmEiVJPh61mrEzJlVLSifu3VY.roa (raw, json)
Hash identifier: 0a3U63fAxqtoT+m3H8qOCHCQuEJKu5iKghU2uouGM7w=
Subject key identifier: B9:93:66:12:25:49:3E:1E:B5:9A:B1:33:26:55:4B:4A:27:EE:DD:56
Certificate issuer: /CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Certificate serial: 018663A2793C10CF59BD032B8DE0A0474F53
Authority key identifier: 66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/uZNmEiVJPh61mrEzJlVLSifu3VY.roa
Signing time: Sat 18 Feb 2023 08:27:17 +0000
ROA not before: Sat 18 Feb 2023 08:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205739
IP address blocks: 185.208.88.0/22 maxlen: 24
2a0b:32c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:63:a2:79:3c:10:cf:59:bd:03:2b:8d:e0:a0:47:4f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Validity
Not Before: Feb 18 08:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b993661225493e1eb59ab13326554b4a27eedd56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f9:c7:46:b4:60:6d:a4:c0:72:02:04:0b:ae:
c7:94:07:c3:ee:52:10:31:6b:1a:d1:a3:3f:1d:d4:
b7:27:e9:09:dd:ce:f3:14:de:6e:77:5c:47:0b:e6:
c3:2a:5d:cc:6b:15:29:b4:b5:dd:49:65:b1:0b:e2:
34:8f:f3:f0:2a:43:e7:90:2d:68:7b:9a:61:13:46:
17:2f:74:7a:99:45:2c:80:8c:4d:61:62:4c:96:47:
77:3a:cf:28:c0:3e:40:1f:92:a3:08:8b:cc:45:04:
65:a0:1f:5f:d8:c8:3a:77:9a:a2:f0:b8:2e:89:f1:
c8:75:02:9c:86:c1:14:ef:97:6b:b5:5b:93:3c:f9:
25:c5:9e:1c:1b:7a:2f:d0:5f:40:a9:7d:94:01:bf:
6d:7e:1d:8a:ec:e0:a9:50:db:7a:3d:6f:19:9e:1c:
8d:34:66:67:42:39:4f:ac:f2:fe:3c:ae:28:9f:f1:
24:1e:b9:eb:ea:c1:46:7e:b6:ae:c2:0a:dd:fc:2b:
25:19:19:d6:cf:f4:3d:58:b4:f2:c3:ae:e0:92:3f:
cb:6a:84:ce:fc:8b:e1:ec:a8:59:77:85:44:00:d7:
d0:cb:a4:af:63:39:e2:45:a1:f6:79:e0:8f:43:47:
43:3f:c6:8c:83:12:46:b3:cb:e0:e7:c1:fa:4d:7a:
24:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:93:66:12:25:49:3E:1E:B5:9A:B1:33:26:55:4B:4A:27:EE:DD:56
X509v3 Authority Key Identifier:
keyid:66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/uZNmEiVJPh61mrEzJlVLSifu3VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.88.0/22
IPv6:
2a0b:32c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:4e:ab:06:36:be:28:d0:b1:23:29:f1:d3:d5:fd:ba:cd:f0:
b8:1a:e2:23:d7:87:d4:d7:a3:7e:b0:7e:80:45:26:af:04:1a:
ad:56:99:29:52:4b:2a:cf:69:69:6e:7d:30:60:40:b1:54:89:
b1:46:8b:c2:41:dd:62:71:cd:ca:41:dd:47:ab:37:58:92:c4:
a2:c5:ef:00:20:5f:fb:50:03:39:59:68:aa:65:fd:e0:9c:e9:
45:91:27:93:2d:7f:9d:e1:e3:0e:e7:22:53:db:3a:36:ee:95:
29:0b:b6:94:c9:59:1e:d2:d3:41:a6:18:0f:34:86:99:3b:b7:
c4:82:9f:89:7f:4c:ed:09:da:68:8e:80:28:40:27:b4:a9:05:
29:de:89:03:cc:b6:fe:d5:43:7a:ca:3e:ea:03:6a:6e:68:83:
31:ec:23:5e:d7:d6:78:a0:67:88:61:2b:ae:7c:10:70:5e:71:
d1:4c:0e:c9:73:89:3e:e0:07:cc:d1:c9:ad:4c:8f:2a:4a:7c:
ee:c1:9d:56:e0:12:41:4e:b4:d6:ec:1f:72:da:b6:fa:de:1b:
ab:9c:e8:9e:5e:23:5f:5d:c7:fe:cd:e9:1d:b2:03:6e:25:2b:
fc:04:d3:79:e8:08:36:67:78:e5:06:68:92:1d:12:69:da:cc:
2f:f3:d5:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZjonk8EM9ZvQMrjeCgR09TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjM0ZjE0NTg2ZTM5OWNkMzgwMmQ5Yzg4YjFlNjdkOGRk
YjAzYTgwHhcNMjMwMjE4MDgyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTkzNjYxMjI1NDkzZTFlYjU5YWIxMzMyNjU1NGI0YTI3ZWVkZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/nHRrRgbaTAcgIEC67HlAfD7lIQ
MWsa0aM/HdS3J+kJ3c7zFN5ud1xHC+bDKl3MaxUptLXdSWWxC+I0j/PwKkPnkC1o
e5phE0YXL3R6mUUsgIxNYWJMlkd3Os8owD5AH5KjCIvMRQRloB9f2Mg6d5qi8Lgu
ifHIdQKchsEU75drtVuTPPklxZ4cG3ov0F9AqX2UAb9tfh2K7OCpUNt6PW8ZnhyN
NGZnQjlPrPL+PK4on/EkHrnr6sFGfrauwgrd/CslGRnWz/Q9WLTyw67gkj/LaoTO
/Ivh7KhZd4VEANfQy6SvYzniRaH2eeCPQ0dDP8aMgxJGs8vg58H6TXokswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLmTZhIlST4etZqxMyZVS0on7t1WMB8GA1UdIwQY
MBaAFGZjTxRYbjmc04AtnIix5n2N2wOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDct
MTcxZGI0NjkwYzBhLzEvdVpObUVpVkpQaDYxbXJFekpsVkxTaWZ1M1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDctMTcxZGI0NjkwYzBh
LzEvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudBYMA0E
AgACMAcDBQMqCzLAMA0GCSqGSIb3DQEBCwUAA4IBAQB6TqsGNr4o0LEjKfHT1f26
zfC4GuIj14fU16N+sH6ARSavBBqtVpkpUksqz2lpbn0wYECxVImxRovCQd1icc3K
Qd1HqzdYksSixe8AIF/7UAM5WWiqZf3gnOlFkSeTLX+d4eMO5yJT2zo27pUpC7aU
yVke0tNBphgPNIaZO7fEgp+Jf0ztCdpojoAoQCe0qQUp3okDzLb+1UN6yj7qA2pu
aIMx7CNe19Z4oGeIYSuufBBwXnHRTA7Jc4k+4AfM0cmtTI8qSnzuwZ1W4BJBTrTW
7B9y2rb63hurnOieXiNfXcf+zekdsgNuJSv8BNN56Ag2Z3jlBmiSHRJp2swv89WJ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:04 2025 by rpki-client