Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/zwxFsjMk8Ns3E7YMP9w5eR0basw.roa
File: zwxFsjMk8Ns3E7YMP9w5eR0basw.roa (raw, json)
Hash identifier: 71Y+jy9QgBP/0JPDyqovBKtcKB7/yY77MK8BdvSERps=
Subject key identifier: CF:0C:45:B2:33:24:F0:DB:37:13:B6:0C:3F:DC:39:79:1D:1B:6A:CC
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 0187C14F709BF1DBCBEFAC7995B930C04FF5
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/zwxFsjMk8Ns3E7YMP9w5eR0basw.roa
Signing time: Thu 27 Apr 2023 06:03:41 +0000
ROA not before: Thu 27 Apr 2023 06:03:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.63.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:4f:70:9b:f1:db:cb:ef:ac:79:95:b9:30:c0:4f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: Apr 27 06:03:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf0c45b23324f0db3713b60c3fdc39791d1b6acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ce:25:8e:ba:b5:8c:63:0e:c7:ea:25:8a:c6:
d6:a1:5c:0f:ad:74:2a:f2:4f:5b:e0:dc:d8:b6:6f:
9a:88:ac:99:44:5b:30:89:f0:53:da:6f:60:f8:e0:
d1:a9:9a:96:df:e7:ea:5f:39:b1:41:d4:62:a3:b2:
26:a2:80:38:b9:f8:19:31:01:60:15:db:b1:39:cc:
94:58:5f:b6:32:e7:7b:84:b1:7b:4a:2c:5b:96:86:
25:b1:7c:54:dd:48:3b:50:0e:c7:a5:2e:23:6a:f0:
97:15:39:79:bc:34:42:41:32:45:c4:13:2a:23:f9:
fb:54:93:de:8c:8e:12:ce:2f:c1:d4:1d:4e:50:2d:
84:82:24:d7:e2:81:d1:45:0b:a0:65:10:b7:36:f7:
94:1a:c4:ca:9f:e9:09:dc:59:9b:a2:cd:de:55:ba:
f7:13:53:31:b3:6a:81:bf:4a:22:47:30:8f:5a:22:
bf:13:1b:e7:85:5f:7c:9b:ea:57:d0:41:0b:0b:16:
d2:8e:92:fa:7f:d2:39:3a:f9:49:ea:8e:b5:da:67:
71:62:91:bf:27:1e:93:b3:89:b1:51:e8:2f:77:95:
a4:e3:c5:a0:d9:5a:f0:79:98:6b:c4:76:75:33:1e:
ad:50:66:db:73:9a:d4:54:47:bf:45:e1:ee:4f:07:
56:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0C:45:B2:33:24:F0:DB:37:13:B6:0C:3F:DC:39:79:1D:1B:6A:CC
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/zwxFsjMk8Ns3E7YMP9w5eR0basw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.33.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:ec:9e:f7:68:dc:06:91:ea:78:4c:95:9d:c8:ff:6f:19:c6:
54:b7:aa:f1:06:d8:f2:2d:16:9f:09:fd:e3:cb:2c:1e:be:9e:
ae:36:c3:b1:a1:93:30:bf:4b:8d:7e:57:55:6c:17:53:a4:58:
70:03:f2:78:ee:27:bf:98:f1:6b:09:dd:42:0e:e6:6a:ef:18:
18:61:5d:fd:8e:2a:89:02:e6:65:2d:87:c6:ee:58:6a:bb:90:
43:26:7c:a0:b4:3c:16:88:26:4f:5a:df:75:c2:37:4f:d8:d0:
ee:96:3a:f0:dc:81:e2:b0:4f:ea:dd:a5:49:f8:05:10:0c:00:
bc:ab:3a:77:bd:72:5e:d9:10:ab:d5:86:38:81:e5:78:6e:79:
24:b4:38:db:c1:48:d1:f5:ea:a6:e5:85:f0:de:a8:35:12:53:
b4:dc:af:67:a5:d6:2b:f7:01:fc:85:d5:4d:ca:3e:7f:2b:9e:
33:00:eb:4c:14:33:ce:03:47:40:52:a3:b3:44:d2:d1:a0:8c:
f5:2a:cb:07:c9:e0:24:38:2f:2a:9e:ed:e0:e4:86:2a:60:94:
a7:7e:06:ca:9c:93:f3:bb:ee:92:34:61:5a:de:f4:dc:c3:d8:
a6:66:3b:a6:c7:ad:7b:0c:8d:4b:57:a1:14:7e:87:70:b6:38:
b8:b4:dd:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfBT3Cb8dvL76x5lbkwwE/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjMwNDI3MDYwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjBjNDViMjMzMjRmMGRiMzcxM2I2MGMzZmRjMzk3OTFkMWI2YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc4ljrq1jGMOx+olisbWoVwPrXQq
8k9b4NzYtm+aiKyZRFswifBT2m9g+ODRqZqW3+fqXzmxQdRio7ImooA4ufgZMQFg
FduxOcyUWF+2Mud7hLF7SixbloYlsXxU3Ug7UA7HpS4javCXFTl5vDRCQTJFxBMq
I/n7VJPejI4Szi/B1B1OUC2EgiTX4oHRRQugZRC3NveUGsTKn+kJ3Fmbos3eVbr3
E1Mxs2qBv0oiRzCPWiK/ExvnhV98m+pX0EELCxbSjpL6f9I5OvlJ6o612mdxYpG/
Jx6Ts4mxUegvd5Wk48Wg2VrweZhrxHZ1Mx6tUGbbc5rUVEe/ReHuTwdWMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8MRbIzJPDbNxO2DD/cOXkdG2rMMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvend4RnNqTWs4TnMzRTdZTVA5dzVlUjBiYXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT8hMA0G
CSqGSIb3DQEBCwUAA4IBAQCd7J73aNwGkep4TJWdyP9vGcZUt6rxBtjyLRafCf3j
yywevp6uNsOxoZMwv0uNfldVbBdTpFhwA/J47ie/mPFrCd1CDuZq7xgYYV39jiqJ
AuZlLYfG7lhqu5BDJnygtDwWiCZPWt91wjdP2NDuljrw3IHisE/q3aVJ+AUQDAC8
qzp3vXJe2RCr1YY4geV4bnkktDjbwUjR9eqm5YXw3qg1ElO03K9npdYr9wH8hdVN
yj5/K54zAOtMFDPOA0dAUqOzRNLRoIz1KssHyeAkOC8qnu3g5IYqYJSnfgbKnJPz
u+6SNGFa3vTcw9imZjumx617DI1LV6EUfodwtji4tN3k
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:04 2025 by rpki-client