Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/ZMq1Zf6481PqK5znTlO6RW3GvNY.roa
File: ZMq1Zf6481PqK5znTlO6RW3GvNY.roa (raw, json)
Hash identifier: 7DcJsA7TX9IBrGc119Acj/tczSqXL3HMXv5GOJyCKwI=
Subject key identifier: 64:CA:B5:65:FE:B8:F3:53:EA:2B:9C:E7:4E:53:BA:45:6D:C6:BC:D6
Certificate issuer: /CN=7ec81de2da2f0a5aab4182614bbcc5e413d5521b
Certificate serial: 166A9A1E
Authority key identifier: 7E:C8:1D:E2:DA:2F:0A:5A:AB:41:82:61:4B:BC:C5:E4:13:D5:52:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsgd4tovClqrQYJhS7zF5BPVUhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/ZMq1Zf6481PqK5znTlO6RW3GvNY.roa
Signing time: Sat 01 Jan 2022 09:54:51 +0000
ROA not before: Sat 01 Jan 2022 09:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201241
IP address blocks: 185.81.34.0/24 maxlen: 24
185.81.35.0/24 maxlen: 24
185.81.32.0/24 maxlen: 24
185.81.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 376085022 (0x166a9a1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec81de2da2f0a5aab4182614bbcc5e413d5521b
Validity
Not Before: Jan 1 09:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64cab565feb8f353ea2b9ce74e53ba456dc6bcd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ba:71:57:71:bf:1e:f0:ee:29:13:4e:af:13:
03:22:da:7c:87:38:1a:9b:d7:ce:74:99:8a:98:85:
d9:38:1b:d1:20:52:bd:f3:91:3a:b1:57:94:5a:1f:
6c:f9:0d:74:63:1a:fb:0a:8c:17:4c:34:5e:27:5b:
94:ff:f4:01:5b:0f:93:aa:8b:b1:3d:9e:1f:a1:cc:
63:34:c0:2d:e7:07:37:6d:49:fb:51:ba:74:49:5a:
73:63:b0:9c:8e:62:b4:d5:ca:6b:e8:af:41:74:9f:
e5:b1:f5:6c:07:e0:2e:89:1c:67:20:c2:0b:61:9b:
08:34:26:84:fa:f4:8f:cd:9c:02:d4:37:5b:a0:ba:
4e:e2:97:e2:b7:80:cb:94:0f:4d:d1:a7:45:80:1e:
d6:96:e6:82:07:e9:50:65:59:f1:99:71:3b:6b:82:
50:1f:88:c0:a8:42:52:b5:f7:cf:34:b0:d6:89:bf:
34:58:41:ae:2f:b0:3a:9b:b8:5d:10:10:e8:33:8f:
53:20:7f:a6:d9:7d:f7:c6:11:10:97:70:14:b3:59:
b7:03:60:29:df:8c:a0:5e:18:0b:ba:84:f8:46:49:
45:d0:6b:1b:bf:3f:42:4f:18:b4:01:82:49:00:f5:
72:30:7b:9f:89:71:00:f2:48:bc:02:4f:64:3c:a8:
28:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CA:B5:65:FE:B8:F3:53:EA:2B:9C:E7:4E:53:BA:45:6D:C6:BC:D6
X509v3 Authority Key Identifier:
keyid:7E:C8:1D:E2:DA:2F:0A:5A:AB:41:82:61:4B:BC:C5:E4:13:D5:52:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsgd4tovClqrQYJhS7zF5BPVUhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/ZMq1Zf6481PqK5znTlO6RW3GvNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/fsgd4tovClqrQYJhS7zF5BPVUhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.32.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:fb:ba:27:75:98:6c:71:b5:3c:37:fe:53:e4:be:a6:38:60:
d7:b7:cb:d7:93:4b:53:7f:bb:46:9b:97:93:e9:17:2b:f0:8c:
0a:79:de:75:67:50:d9:b6:35:7c:73:35:12:48:85:87:c4:78:
37:e2:d0:ae:de:26:b1:86:a8:c7:66:3f:81:2b:d8:62:48:84:
8f:4c:96:e2:69:84:99:f6:b4:a4:b1:de:a6:e6:5b:26:16:96:
64:8f:2c:34:f5:94:ec:ed:a8:3d:f4:d5:e5:d6:70:14:5d:bd:
a4:3a:1d:11:a8:fd:35:92:e8:c0:0c:6a:b1:a8:13:b4:08:19:
25:62:5f:91:22:aa:12:c8:cf:f6:64:92:29:a6:2f:82:07:ad:
91:4e:2b:c6:2b:4d:6e:12:cb:e3:9d:75:06:67:5e:7d:4f:e9:
46:13:f5:7a:fa:6e:49:fc:f9:b0:31:81:d4:81:d9:9f:76:ba:
02:7d:e1:fa:44:e3:e8:a2:e7:d1:9f:c0:a6:f4:09:a8:a1:dd:
d4:f9:30:63:4b:d2:61:2e:f1:b0:18:0e:ad:07:53:3f:a0:93:
65:5f:6a:ba:5d:a1:df:0f:6f:5c:0e:8c:47:52:60:7f:51:86:
f2:e1:83:38:db:d9:15:b9:ad:30:56:95:16:02:d7:9d:c8:3c:
e0:aa:37:9d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFmqaHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZWM4MWRlMmRhMmYwYTVhYWI0MTgyNjE0YmJjYzVlNDEzZDU1MjFiMB4XDTIyMDEw
MTA5NTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjRjYWI1NjVmZWI4
ZjM1M2VhMmI5Y2U3NGU1M2JhNDU2ZGM2YmNkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOq6cVdxvx7w7ikTTq8TAyLafIc4GpvXznSZipiF2Tgb0SBS
vfOROrFXlFofbPkNdGMa+wqMF0w0XidblP/0AVsPk6qLsT2eH6HMYzTALecHN21J
+1G6dElac2OwnI5itNXKa+ivQXSf5bH1bAfgLokcZyDCC2GbCDQmhPr0j82cAtQ3
W6C6TuKX4reAy5QPTdGnRYAe1pbmggfpUGVZ8ZlxO2uCUB+IwKhCUrX3zzSw1om/
NFhBri+wOpu4XRAQ6DOPUyB/ptl998YREJdwFLNZtwNgKd+MoF4YC7qE+EZJRdBr
G78/Qk8YtAGCSQD1cjB7n4lxAPJIvAJPZDyoKJ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkyrVl/rjzU+ornOdOU7pFbca81jAfBgNVHSMEGDAWgBR+yB3i2i8KWqtB
gmFLvMXkE9VSGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZzZ2Q0dG92Q2xxclFZSmhTN3pGNUJQVlVocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvMDk4NWU3LWRmMDgtNDJhNS05YTg2LWJkOTFlOTJhY2E5MC8x
L1pNcTFaZjY0ODFQcUs1em5UbE82UlczR3ZOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
MDk4NWU3LWRmMDgtNDJhNS05YTg2LWJkOTFlOTJhY2E5MC8xL2ZzZ2Q0dG92Q2xx
clFZSmhTN3pGNUJQVlVocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlRIDANBgkqhkiG9w0BAQsFAAOC
AQEAOvu6J3WYbHG1PDf+U+S+pjhg17fL15NLU3+7RpuXk+kXK/CMCnnedWdQ2bY1
fHM1EkiFh8R4N+LQrt4msYaox2Y/gSvYYkiEj0yW4mmEmfa0pLHepuZbJhaWZI8s
NPWU7O2oPfTV5dZwFF29pDodEaj9NZLowAxqsagTtAgZJWJfkSKqEsjP9mSSKaYv
ggetkU4rxitNbhLL4511BmdefU/pRhP1evpuSfz5sDGB1IHZn3a6An3h+kTj6KLn
0Z/ApvQJqKHd1PkwY0vSYS7xsBgOrQdTP6CTZV9qul2h3w9vXA6MR1Jgf1GG8uGD
ONvZFbmtMFaVFgLXncg84Ko3nQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:08 2025 by rpki-client