Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/e61cb6-8f16-4397-96fa-8f6994566f67/1/ZqEp_To1auEcnbmFv-tF4YTin2c.roa
File: ZqEp_To1auEcnbmFv-tF4YTin2c.roa (raw, json)
Hash identifier: vDt+PszgxdtNj1X1bA5qZAkojqxo4JiXznpF/VxnzDE=
Subject key identifier: 66:A1:29:FD:3A:35:6A:E1:1C:9D:B9:85:BF:EB:45:E1:84:E2:9F:67
Certificate issuer: /CN=8a896e768540f387a1dd4ff9daa4b85ba48a906f
Certificate serial: 01857039AE8DF232F912851D8DAA5F9023EC
Authority key identifier: 8A:89:6E:76:85:40:F3:87:A1:DD:4F:F9:DA:A4:B8:5B:A4:8A:90:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ioludoVA84eh3U_52qS4W6SKkG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/e61cb6-8f16-4397-96fa-8f6994566f67/1/ZqEp_To1auEcnbmFv-tF4YTin2c.roa
Signing time: Mon 02 Jan 2023 02:05:06 +0000
ROA not before: Mon 02 Jan 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201160
IP address blocks: 185.60.225.0/24 maxlen: 24
185.60.224.0/24 maxlen: 24
185.60.226.0/24 maxlen: 24
185.60.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ae:8d:f2:32:f9:12:85:1d:8d:aa:5f:90:23:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a896e768540f387a1dd4ff9daa4b85ba48a906f
Validity
Not Before: Jan 2 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66a129fd3a356ae11c9db985bfeb45e184e29f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a7:18:9f:2d:83:88:3e:24:16:7e:ec:29:a1:
b0:3e:15:4f:b9:73:8c:90:f3:b3:0f:69:e7:59:b7:
9f:9e:8f:7a:af:fe:ab:14:5a:3c:27:a5:8a:e4:5b:
c5:cd:82:1e:24:6b:65:a8:71:76:14:de:7c:b1:e3:
25:bf:b8:4a:b4:0a:df:f4:fb:58:3f:fc:cc:a3:6a:
f5:af:49:37:b0:5c:e8:d2:c9:bb:8c:37:bf:37:5a:
3f:aa:38:a0:e6:c3:8b:37:df:bf:ab:e9:8f:f4:22:
c0:94:3b:e9:cd:8b:91:8c:d4:40:52:f6:d1:0f:0c:
8c:2b:b8:18:1f:7b:91:b0:9a:20:9f:87:f0:9d:2c:
ad:ca:4f:8d:57:a7:ef:2e:9a:33:11:b3:32:c4:26:
40:b5:af:30:0c:b3:b0:03:98:3f:a9:11:4e:ee:df:
b7:40:4d:d7:8f:ff:7e:40:03:9a:2b:ad:22:68:96:
8f:1b:47:a7:39:c8:cf:bf:f5:47:9b:e2:5e:c7:6b:
97:31:7a:ee:7c:a0:d8:c7:e8:cf:f4:7e:e6:c9:7b:
9b:a2:63:86:1f:90:7d:d2:16:a7:e9:76:0d:33:1b:
a9:f7:f1:01:4f:d7:d1:68:87:30:fd:12:75:6b:ea:
22:e3:1f:b5:2a:c5:c8:5c:28:df:df:2f:c2:b1:f0:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A1:29:FD:3A:35:6A:E1:1C:9D:B9:85:BF:EB:45:E1:84:E2:9F:67
X509v3 Authority Key Identifier:
keyid:8A:89:6E:76:85:40:F3:87:A1:DD:4F:F9:DA:A4:B8:5B:A4:8A:90:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ioludoVA84eh3U_52qS4W6SKkG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e61cb6-8f16-4397-96fa-8f6994566f67/1/ZqEp_To1auEcnbmFv-tF4YTin2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e61cb6-8f16-4397-96fa-8f6994566f67/1/ioludoVA84eh3U_52qS4W6SKkG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.224.0/22
Signature Algorithm: sha256WithRSAEncryption
20:59:14:58:53:87:26:1c:12:8a:9c:09:e5:1c:ca:bb:25:5a:
07:2c:0e:ad:41:2f:82:d9:6f:f3:b2:2c:7f:7e:71:00:27:65:
77:ea:5a:f3:bd:af:63:60:74:fa:dc:60:fa:b2:f9:19:d7:42:
53:c5:41:54:33:d4:4a:0d:08:49:4d:25:50:f8:1d:e5:a0:91:
7e:56:f4:20:f0:cd:0a:2c:f2:97:80:40:bc:87:db:29:69:96:
c6:55:59:dd:61:84:9c:0c:e8:98:a3:69:62:72:9d:dd:61:44:
24:f7:42:92:48:2b:53:87:72:9f:84:66:4f:5e:9c:06:e3:7d:
40:da:60:6a:12:61:1f:d1:0c:3c:89:6e:98:9e:29:68:ba:b8:
b2:5e:b4:0a:e3:40:43:2f:91:94:95:ff:39:a1:af:f5:5b:e2:
29:23:e9:1c:d5:48:c4:49:3e:70:dc:0b:d2:79:d3:1a:99:73:
62:c6:2d:64:a4:b2:82:81:9b:f0:69:73:e2:7b:ef:9b:bf:33:
0a:18:88:01:c6:63:82:af:19:02:55:45:9f:d3:ee:6d:a6:35:
95:60:9f:2d:12:a3:bc:4b:a8:c0:e4:ab:ee:1f:cf:b5:8d:5c:
44:45:e2:f3:f1:76:00:e9:bf:1e:d5:67:50:6a:a6:d1:5a:fa:
05:26:db:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOa6N8jL5EoUdjapfkCPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhODk2ZTc2ODU0MGYzODdhMWRkNGZmOWRhYTRiODViYTQ4
YTkwNmYwHhcNMjMwMTAyMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmExMjlmZDNhMzU2YWUxMWM5ZGI5ODViZmViNDVlMTg0ZTI5ZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqcYny2DiD4kFn7sKaGwPhVPuXOM
kPOzD2nnWbefno96r/6rFFo8J6WK5FvFzYIeJGtlqHF2FN58seMlv7hKtArf9PtY
P/zMo2r1r0k3sFzo0sm7jDe/N1o/qjig5sOLN9+/q+mP9CLAlDvpzYuRjNRAUvbR
DwyMK7gYH3uRsJogn4fwnSytyk+NV6fvLpozEbMyxCZAta8wDLOwA5g/qRFO7t+3
QE3Xj/9+QAOaK60iaJaPG0enOcjPv/VHm+Jex2uXMXrufKDYx+jP9H7myXubomOG
H5B90han6XYNMxup9/EBT9fRaIcw/RJ1a+oi4x+1KsXIXCjf3y/CsfDw1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGahKf06NWrhHJ25hb/rReGE4p9nMB8GA1UdIwQY
MBaAFIqJbnaFQPOHod1P+dqkuFukipBvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW9sdWRvVkE4NGVoM1VfNTJxUzRXNlNLa0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9lNjFjYjYtOGYxNi00Mzk3LTk2ZmEt
OGY2OTk0NTY2ZjY3LzEvWnFFcF9UbzFhdUVjbmJtRnYtdEY0WVRpbjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9lNjFjYjYtOGYxNi00Mzk3LTk2ZmEtOGY2OTk0NTY2ZjY3
LzEvaW9sdWRvVkE4NGVoM1VfNTJxUzRXNlNLa0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTzgMA0G
CSqGSIb3DQEBCwUAA4IBAQAgWRRYU4cmHBKKnAnlHMq7JVoHLA6tQS+C2W/zsix/
fnEAJ2V36lrzva9jYHT63GD6svkZ10JTxUFUM9RKDQhJTSVQ+B3loJF+VvQg8M0K
LPKXgEC8h9spaZbGVVndYYScDOiYo2licp3dYUQk90KSSCtTh3KfhGZPXpwG431A
2mBqEmEf0Qw8iW6YnilouriyXrQK40BDL5GUlf85oa/1W+IpI+kc1UjEST5w3AvS
edMamXNixi1kpLKCgZvwaXPie++bvzMKGIgBxmOCrxkCVUWf0+5tpjWVYJ8tEqO8
S6jA5KvuH8+1jVxEReLz8XYA6b8e1WdQaqbRWvoFJtsB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:17 2025 by rpki-client