Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/Zx2JtY3IfxxRg5iJOB3xJBRGwXw.roa
File: Zx2JtY3IfxxRg5iJOB3xJBRGwXw.roa (raw, json)
Hash identifier: MPT8eTxDTYvpvYyT6CKsizTa62Nb1pCo29fcSR0yza4=
Subject key identifier: 67:1D:89:B5:8D:C8:7F:1C:51:83:98:89:38:1D:F1:24:14:46:C1:7C
Certificate issuer: /CN=36a4668ff83814af90a78b4fc8d262325058cbc6
Certificate serial: 01857246A6E6E99855F31E7D623AF2D197D8
Authority key identifier: 36:A4:66:8F:F8:38:14:AF:90:A7:8B:4F:C8:D2:62:32:50:58:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/Zx2JtY3IfxxRg5iJOB3xJBRGwXw.roa
Signing time: Mon 02 Jan 2023 11:38:30 +0000
ROA not before: Mon 02 Jan 2023 11:38:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210096
IP address blocks: 85.235.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:a6:e6:e9:98:55:f3:1e:7d:62:3a:f2:d1:97:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36a4668ff83814af90a78b4fc8d262325058cbc6
Validity
Not Before: Jan 2 11:38:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=671d89b58dc87f1c51839889381df1241446c17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:65:00:83:af:8f:d6:81:5c:1c:fa:d6:31:b3:
ac:e7:2d:9c:f2:96:83:f7:53:7b:22:aa:fa:f1:19:
3a:0e:ac:49:94:b7:87:1f:33:f1:45:25:c1:e9:94:
64:34:ee:e6:f0:a2:fd:37:9e:c8:b0:2a:c6:7f:7e:
6d:bf:c7:30:3f:19:1d:bf:1b:cc:44:3a:ad:dd:f3:
6f:6f:37:bf:96:ed:24:05:19:b0:6a:a1:a1:ae:d2:
33:fe:28:64:52:81:34:d9:53:6d:c9:f1:b9:13:21:
78:e3:52:09:06:4a:f5:6e:f3:ad:fd:ed:e7:ae:76:
5c:63:79:f6:db:cb:e2:f2:9f:b1:46:04:12:36:29:
fc:d8:8f:b3:96:15:4b:d3:1f:cc:02:43:20:7c:8b:
fb:c6:21:ef:30:76:81:11:a6:df:8c:2d:98:76:86:
af:d0:de:25:3a:ae:30:3f:e8:36:e8:54:9e:ab:2f:
bd:e3:3e:66:b4:d7:3d:99:02:6c:8f:f3:d5:b8:f4:
6c:c2:bd:ab:7c:0b:0e:e5:1b:22:52:d3:b7:41:46:
b0:b4:9a:cb:97:34:dd:35:11:66:6e:e7:76:cc:79:
9d:e8:7c:ac:7a:43:a6:c2:48:8d:81:ca:a1:fd:30:
f2:7e:db:c9:22:8c:66:a2:d4:a4:d1:ae:fb:23:df:
40:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1D:89:B5:8D:C8:7F:1C:51:83:98:89:38:1D:F1:24:14:46:C1:7C
X509v3 Authority Key Identifier:
keyid:36:A4:66:8F:F8:38:14:AF:90:A7:8B:4F:C8:D2:62:32:50:58:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/Zx2JtY3IfxxRg5iJOB3xJBRGwXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.76.0/22
Signature Algorithm: sha256WithRSAEncryption
16:c3:e0:4f:bb:bf:9e:98:3d:ad:c6:b3:36:32:14:7f:c5:0d:
68:78:7b:de:f8:70:66:3e:e2:6f:bc:3c:aa:9b:b1:e9:cf:60:
28:8c:4b:b7:84:2e:0d:a9:1a:ed:33:cf:93:1f:85:92:20:0e:
26:0c:b3:54:e3:10:47:d9:38:f2:5c:05:6c:78:74:5c:85:5a:
03:45:fc:59:2b:94:81:cc:5e:fa:a9:0b:d3:07:de:ae:a9:3e:
57:93:9a:91:a5:16:87:a2:e5:39:68:cf:f4:cf:c1:a7:db:3e:
82:9e:1b:41:c3:37:b7:b1:5f:88:ee:24:25:e4:6a:0c:fa:7e:
67:01:f6:8c:39:97:59:1f:2d:fa:68:f0:9b:0b:de:d8:c5:03:
aa:23:5f:9a:47:a8:9e:69:11:70:8e:61:fa:c9:f5:04:38:2b:
e9:db:5c:62:c5:9f:a3:1b:36:21:26:e1:f3:f5:c6:1b:93:a9:
a2:eb:ce:c7:de:a6:13:c7:dd:06:95:80:a9:28:4a:8f:d7:ae:
c7:e4:51:d1:b5:59:56:3d:4f:5d:90:8c:00:8d:0f:81:17:d3:
fb:93:3d:ef:0c:8b:f1:cc:a1:d3:6c:e4:75:0b:fc:e4:c7:52:
8d:36:8a:d0:6d:37:38:a7:6e:5f:3c:e4:a1:7b:ea:3e:d1:e8:
96:18:ae:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRqbm6ZhV8x59Yjry0ZfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YTQ2NjhmZjgzODE0YWY5MGE3OGI0ZmM4ZDI2MjMyNTA1
OGNiYzYwHhcNMjMwMTAyMTEzODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFkODliNThkYzg3ZjFjNTE4Mzk4ODkzODFkZjEyNDE0NDZjMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGUAg6+P1oFcHPrWMbOs5y2c8paD
91N7Iqr68Rk6DqxJlLeHHzPxRSXB6ZRkNO7m8KL9N57IsCrGf35tv8cwPxkdvxvM
RDqt3fNvbze/lu0kBRmwaqGhrtIz/ihkUoE02VNtyfG5EyF441IJBkr1bvOt/e3n
rnZcY3n228vi8p+xRgQSNin82I+zlhVL0x/MAkMgfIv7xiHvMHaBEabfjC2Ydoav
0N4lOq4wP+g26FSeqy+94z5mtNc9mQJsj/PVuPRswr2rfAsO5RsiUtO3QUawtJrL
lzTdNRFmbud2zHmd6HysekOmwkiNgcqh/TDyftvJIoxmotSk0a77I99A9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcdibWNyH8cUYOYiTgd8SQURsF8MB8GA1UdIwQY
MBaAFDakZo/4OBSvkKeLT8jSYjJQWMvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnFSbWpfZzRGSy1RcDR0UHlOSmlNbEJZeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8wMzFmY2ItYjc0ZS00ZTc1LWE3Yjkt
OTBlNjU0MTIyNTJhLzEvWngySnRZM0lmeHhSZzVpSk9CM3hKQlJHd1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8wMzFmY2ItYjc0ZS00ZTc1LWE3YjktOTBlNjU0MTIyNTJh
LzEvTnFSbWpfZzRGSy1RcDR0UHlOSmlNbEJZeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVetMMA0G
CSqGSIb3DQEBCwUAA4IBAQAWw+BPu7+emD2txrM2MhR/xQ1oeHve+HBmPuJvvDyq
m7Hpz2AojEu3hC4NqRrtM8+TH4WSIA4mDLNU4xBH2TjyXAVseHRchVoDRfxZK5SB
zF76qQvTB96uqT5Xk5qRpRaHouU5aM/0z8Gn2z6CnhtBwze3sV+I7iQl5GoM+n5n
AfaMOZdZHy36aPCbC97YxQOqI1+aR6ieaRFwjmH6yfUEOCvp21xixZ+jGzYhJuHz
9cYbk6mi687H3qYTx90GlYCpKEqP167H5FHRtVlWPU9dkIwAjQ+BF9P7kz3vDIvx
zKHTbOR1C/zkx1KNNorQbTc4p25fPOShe+o+0eiWGK7W
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:52:12 2025 by rpki-client