Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zYKSSqtsy5Roe28h6msrvgDoi4w.roa
File: zYKSSqtsy5Roe28h6msrvgDoi4w.roa (raw, json)
Hash identifier: lGboNPOmjSM6OXddYRWySaj8pnOl6XYigddElizWLWA=
Subject key identifier: CD:82:92:4A:AB:6C:CB:94:68:7B:6F:21:EA:6B:2B:BE:00:E8:8B:8C
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018B25A0C85317E0122B1E84893FFC80B3DA
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zYKSSqtsy5Roe28h6msrvgDoi4w.roa
Signing time: Thu 12 Oct 2023 20:42:55 +0000
ROA not before: Thu 12 Oct 2023 20:42:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 217.67.76.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:25:a0:c8:53:17:e0:12:2b:1e:84:89:3f:fc:80:b3:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 12 20:42:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd82924aab6ccb94687b6f21ea6b2bbe00e88b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9a:10:05:7f:1f:04:ad:d4:1e:af:6b:c2:4b:
b6:27:76:55:c3:ab:9a:f7:71:85:2d:07:22:46:3f:
09:8d:da:05:d6:ae:49:98:8a:01:0c:56:ba:c5:a1:
5b:15:24:49:58:8d:3c:d6:e0:3f:d0:67:15:ed:73:
ae:6d:9f:eb:59:53:13:e6:3b:a7:91:c9:bb:67:7f:
81:74:d8:ed:cf:14:1d:d9:e6:6a:7a:8c:0b:24:a3:
e8:ff:ba:66:5b:e4:c9:e9:95:f5:19:ee:1d:54:8a:
8f:93:c5:64:db:bd:ad:99:7a:26:64:9f:88:e6:77:
6a:53:cc:a1:61:58:9e:55:52:c4:75:a7:94:28:15:
12:f8:29:10:10:21:08:3c:7d:86:18:b2:9d:7e:f7:
50:81:76:f2:a6:1b:6e:fb:78:a2:7a:67:aa:29:5d:
f1:1c:a5:fe:39:6b:ca:92:04:d7:2e:05:31:80:01:
b5:08:f4:08:54:3a:a9:fe:d2:b5:31:81:19:de:06:
5d:83:66:a9:97:d0:a7:6c:7d:48:df:1f:48:43:89:
e4:55:4d:3b:8c:2d:07:41:75:ed:0f:cf:a2:f2:93:
64:eb:ee:12:b3:db:ac:71:b8:63:c8:73:50:23:81:
61:38:46:38:49:53:bb:d5:83:0e:42:83:a5:be:7d:
9e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:82:92:4A:AB:6C:CB:94:68:7B:6F:21:EA:6B:2B:BE:00:E8:8B:8C
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/zYKSSqtsy5Roe28h6msrvgDoi4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.76.0/23
Signature Algorithm: sha256WithRSAEncryption
49:b7:f3:8e:b6:1e:13:ce:e3:62:94:64:6f:c6:01:c0:14:db:
25:8e:a9:af:4d:51:02:cd:68:98:5f:fa:10:41:5d:b8:7c:2e:
6a:28:96:7e:8d:98:a3:1f:e4:84:11:eb:dd:7f:49:c9:44:0c:
9a:e4:29:e9:8e:7e:19:71:a5:0b:45:fc:b9:d1:98:77:55:2f:
f8:fc:30:4e:40:ad:0c:c0:e2:86:0d:d3:0a:b4:35:78:d1:c3:
44:71:0f:72:4f:18:19:17:d0:d4:21:89:99:9c:07:5f:86:4f:
e3:20:44:ca:80:fb:68:20:6d:dd:9f:e9:1d:b8:3b:e2:f9:2e:
c8:de:f5:94:75:5d:1e:5d:60:b6:89:9e:f4:53:69:bb:51:fc:
c0:40:fb:d0:e4:6f:8e:bb:fe:e6:3a:fa:8a:a4:16:36:19:b3:
e8:f6:62:be:86:f8:8e:50:f9:75:59:17:90:5b:77:c1:77:e3:
ea:9e:6d:ca:5a:bb:c2:17:d3:e7:9e:73:f3:fc:f9:bc:c6:9f:
c2:49:02:48:22:2f:92:e6:5a:67:ef:39:8b:6d:e1:ff:c8:1c:
01:3a:20:74:c6:87:fb:d0:a7:75:db:59:00:55:4b:58:49:e9:
5e:70:46:21:aa:cb:79:d0:21:9c:3a:e8:fb:f9:b7:7a:9d:65:
bd:7d:7b:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsloMhTF+ASKx6EiT/8gLPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMxMDEyMjA0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDgyOTI0YWFiNmNjYjk0Njg3YjZmMjFlYTZiMmJiZTAwZTg4YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJoQBX8fBK3UHq9rwku2J3ZVw6ua
93GFLQciRj8JjdoF1q5JmIoBDFa6xaFbFSRJWI081uA/0GcV7XOubZ/rWVMT5jun
kcm7Z3+BdNjtzxQd2eZqeowLJKPo/7pmW+TJ6ZX1Ge4dVIqPk8Vk272tmXomZJ+I
5ndqU8yhYVieVVLEdaeUKBUS+CkQECEIPH2GGLKdfvdQgXbyphtu+3iiemeqKV3x
HKX+OWvKkgTXLgUxgAG1CPQIVDqp/tK1MYEZ3gZdg2apl9CnbH1I3x9IQ4nkVU07
jC0HQXXtD8+i8pNk6+4Ss9uscbhjyHNQI4FhOEY4SVO71YMOQoOlvn2eVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2CkkqrbMuUaHtvIeprK74A6IuMMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvellLU1NxdHN5NVJvZTI4aDZtc3J2Z0RvaTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2UNMMA0G
CSqGSIb3DQEBCwUAA4IBAQBJt/OOth4TzuNilGRvxgHAFNsljqmvTVECzWiYX/oQ
QV24fC5qKJZ+jZijH+SEEevdf0nJRAya5Cnpjn4ZcaULRfy50Zh3VS/4/DBOQK0M
wOKGDdMKtDV40cNEcQ9yTxgZF9DUIYmZnAdfhk/jIETKgPtoIG3dn+kduDvi+S7I
3vWUdV0eXWC2iZ70U2m7UfzAQPvQ5G+Ou/7mOvqKpBY2GbPo9mK+hviOUPl1WReQ
W3fBd+Pqnm3KWrvCF9PnnnPz/Pm8xp/CSQJIIi+S5lpn7zmLbeH/yBwBOiB0xof7
0Kd121kAVUtYSelecEYhqst50CGcOuj7+bd6nWW9fXvN
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:55:37 2025 by rpki-client