Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/ZCywXZBAOeHnwF6bVtwz7akHO6E.roa
File: ZCywXZBAOeHnwF6bVtwz7akHO6E.roa (raw, json)
Hash identifier: jTOHVBOK8oH8LMIeLiShiQfwCTzZjnlSkbjcirDoNz8=
Subject key identifier: 64:2C:B0:5D:90:40:39:E1:E7:C0:5E:9B:56:DC:33:ED:A9:07:3B:A1
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 018689BAA6BF46A99D8D3DB2EE259FDFE620
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/ZCywXZBAOeHnwF6bVtwz7akHO6E.roa
Signing time: Sat 25 Feb 2023 17:59:16 +0000
ROA not before: Sat 25 Feb 2023 17:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56359
IP address blocks: 212.79.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:ba:a6:bf:46:a9:9d:8d:3d:b2:ee:25:9f:df:e6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Feb 25 17:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=642cb05d904039e1e7c05e9b56dc33eda9073ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:b4:64:9e:49:c7:99:09:13:39:a0:f7:57:
4e:8e:d4:84:21:04:22:59:22:be:b2:08:4b:d1:8c:
5e:d4:46:b6:19:05:96:c7:b3:5d:b9:4a:ed:d3:b0:
48:52:35:7b:b4:e9:8c:f6:6e:c3:01:43:f7:7d:b5:
48:84:07:72:74:a1:04:e3:3f:40:78:46:a9:c0:28:
d4:d4:2b:51:6d:26:f2:2e:25:ef:ea:30:ab:a0:e0:
67:3f:b9:bc:81:b7:33:4c:f6:ee:cf:12:fd:86:12:
37:af:48:b9:00:40:5d:fb:e4:79:84:c0:cb:8d:8d:
5d:60:14:e7:fe:1c:df:4d:c3:33:69:cd:87:38:82:
ae:60:92:27:6f:e8:06:7b:68:fe:8a:e1:4b:3e:4e:
75:f5:90:2f:47:44:8b:a3:86:22:3a:22:ae:d2:3a:
cf:2c:be:6e:e2:2a:ed:01:fa:54:df:1c:bf:18:61:
09:22:97:14:db:e0:79:98:46:d9:0f:b6:69:2f:9d:
c1:0b:c3:5f:ac:a4:3e:cd:44:3f:b2:de:90:78:9d:
54:5d:73:bf:7b:ad:1e:13:8a:6d:c6:57:c0:54:78:
12:17:3e:a7:1a:c1:62:d6:b9:30:dc:28:33:19:38:
be:5a:bd:c5:91:35:c3:2c:1a:93:65:ae:de:3a:b2:
96:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2C:B0:5D:90:40:39:E1:E7:C0:5E:9B:56:DC:33:ED:A9:07:3B:A1
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/ZCywXZBAOeHnwF6bVtwz7akHO6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.79.125.0/24
Signature Algorithm: sha256WithRSAEncryption
71:07:4f:68:88:23:95:4d:34:2b:1f:ae:b4:18:f5:40:3f:35:
6e:11:b5:ba:3d:05:03:fa:8b:df:e6:40:2e:2c:2f:e7:73:34:
d1:e5:28:32:f1:1c:96:cd:63:91:2c:b6:e9:84:4c:b8:f3:34:
57:95:f6:b2:f5:ea:b1:a0:90:24:e9:53:56:36:8f:0e:6f:b4:
eb:01:ed:1b:5b:52:e7:37:a4:4c:ed:2a:df:46:4f:a9:b1:7a:
9b:cd:24:3b:9b:80:1d:1e:58:f2:d1:f1:fa:38:1b:12:8b:ae:
20:6b:e4:71:c5:6d:c8:8b:77:68:a3:59:54:e0:9b:14:27:63:
08:79:83:ee:d3:68:72:0c:90:63:a8:8e:d3:30:d7:63:3b:29:
33:34:e3:95:15:7e:e6:93:25:68:5c:31:61:6a:0b:42:57:60:
d3:78:0b:c7:38:e3:51:06:1c:b2:18:66:14:22:8d:65:cb:9a:
e4:13:07:c3:57:99:a3:af:ec:32:4c:5a:01:13:fc:48:b5:28:
01:d7:94:4a:38:a2:86:40:36:fd:f8:1d:c5:75:91:9f:7a:c8:
90:d7:5b:25:cc:19:fd:56:cf:90:e6:12:2c:d2:af:c1:0f:2b:
c6:32:a4:f3:11:52:7f:57:a6:bd:84:98:61:16:94:15:d0:67:
9f:50:39:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaJuqa/RqmdjT2y7iWf3+YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjMwMjI1MTc1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJjYjA1ZDkwNDAzOWUxZTdjMDVlOWI1NmRjMzNlZGE5MDczYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ey0ZJ5Jx5kJEzmg91dOjtSEIQQi
WSK+sghL0Yxe1Ea2GQWWx7NduUrt07BIUjV7tOmM9m7DAUP3fbVIhAdydKEE4z9A
eEapwCjU1CtRbSbyLiXv6jCroOBnP7m8gbczTPbuzxL9hhI3r0i5AEBd++R5hMDL
jY1dYBTn/hzfTcMzac2HOIKuYJInb+gGe2j+iuFLPk519ZAvR0SLo4YiOiKu0jrP
LL5u4irtAfpU3xy/GGEJIpcU2+B5mEbZD7ZpL53BC8NfrKQ+zUQ/st6QeJ1UXXO/
e60eE4ptxlfAVHgSFz6nGsFi1rkw3CgzGTi+Wr3FkTXDLBqTZa7eOrKWFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQssF2QQDnh58Bem1bcM+2pBzuhMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvWkN5d1haQkFPZUhud0Y2YlZ0d3o3YWtITzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1E99MA0G
CSqGSIb3DQEBCwUAA4IBAQBxB09oiCOVTTQrH660GPVAPzVuEbW6PQUD+ovf5kAu
LC/nczTR5Sgy8RyWzWORLLbphEy48zRXlfay9eqxoJAk6VNWNo8Ob7TrAe0bW1Ln
N6RM7SrfRk+psXqbzSQ7m4AdHljy0fH6OBsSi64ga+RxxW3Ii3doo1lU4JsUJ2MI
eYPu02hyDJBjqI7TMNdjOykzNOOVFX7mkyVoXDFhagtCV2DTeAvHOONRBhyyGGYU
Io1ly5rkEwfDV5mjr+wyTFoBE/xItSgB15RKOKKGQDb9+B3FdZGfesiQ11slzBn9
Vs+Q5hIs0q/BDyvGMqTzEVJ/V6a9hJhhFpQV0GefUDlO
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:31 2025 by rpki-client