Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/Zrpi8N0qUHEqLdiBj3WCr5raETA.roa
File: Zrpi8N0qUHEqLdiBj3WCr5raETA.roa (raw, json)
Hash identifier: 2IWr3A+E1a/s0tqQTqsz5tEuQg3kQXgsBAAzxmvJU1Y=
Subject key identifier: 66:BA:62:F0:DD:2A:50:71:2A:2D:D8:81:8F:75:82:AF:9A:DA:11:30
Certificate issuer: /CN=7fe0e759354e83cc19320381109de22da0f1a700
Certificate serial: 3755B32D
Authority key identifier: 7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/Zrpi8N0qUHEqLdiBj3WCr5raETA.roa
Signing time: Sat 01 Jan 2022 04:59:28 +0000
ROA not before: Sat 01 Jan 2022 04:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39701
IP address blocks: 176.65.32.0/19 maxlen: 19
80.72.212.0/23 maxlen: 23
80.72.208.0/22 maxlen: 22
31.24.24.0/21 maxlen: 21
2a00:9700::/32 maxlen: 32
2a00:9700::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928363309 (0x3755b32d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe0e759354e83cc19320381109de22da0f1a700
Validity
Not Before: Jan 1 04:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66ba62f0dd2a50712a2dd8818f7582af9ada1130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:36:85:60:30:59:60:39:39:c5:b2:03:05:dc:
82:05:c9:9d:f5:24:83:b1:c9:6b:9d:db:b1:22:e6:
b2:e5:fa:d3:61:ac:e8:44:29:1d:a5:79:fc:d0:86:
c2:a4:47:a3:0f:7b:1a:bd:66:64:9e:90:a6:83:4e:
18:4e:33:c2:dd:f2:67:19:1c:5b:bd:32:1c:8e:2b:
8e:44:82:0a:5f:e2:dd:84:19:4f:76:9a:80:6d:32:
8e:bc:73:bb:08:bf:3e:4d:e9:8b:c1:36:aa:5e:50:
42:9f:6f:39:e9:a1:3a:cd:a5:53:6f:47:15:ed:af:
4b:d9:70:a3:86:e5:25:f4:f2:c3:cb:d2:74:1d:b9:
16:b1:01:e2:11:f8:c9:4a:88:d1:dc:21:b0:09:32:
8d:11:3e:e5:97:58:d0:bd:d3:37:c5:99:e2:4a:6c:
29:9f:61:03:3e:1f:10:d3:6d:29:dd:b3:24:2b:de:
e4:71:0a:3c:6d:73:a9:88:28:c6:49:22:cf:47:a5:
77:d6:00:2c:71:45:e9:99:45:41:60:30:3a:69:bd:
ca:ef:a1:3e:20:cb:7f:6f:4f:72:47:8e:bb:fd:09:
4c:75:cd:15:da:44:34:7f:3c:a7:a7:9f:34:4b:6e:
5d:91:93:81:7f:a9:8f:68:2f:44:a3:74:06:64:a6:
f5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BA:62:F0:DD:2A:50:71:2A:2D:D8:81:8F:75:82:AF:9A:DA:11:30
X509v3 Authority Key Identifier:
keyid:7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/Zrpi8N0qUHEqLdiBj3WCr5raETA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.24.0/21
80.72.208.0-80.72.213.255
176.65.32.0/19
IPv6:
2a00:9700::/32
Signature Algorithm: sha256WithRSAEncryption
8c:78:3c:8a:af:ef:76:72:b4:77:9b:5c:37:2c:e8:d7:96:10:
98:7e:9a:7e:64:14:f4:50:53:3c:c3:97:46:1f:a7:c3:8e:c3:
a2:09:1a:2f:65:f2:1e:9a:3d:ee:a7:b6:d8:1b:5d:d8:96:93:
5f:48:cd:11:53:bd:4d:11:2c:47:e2:9a:e7:4a:92:50:a9:9d:
0b:1a:4a:df:d5:5a:9c:7e:32:50:70:59:68:1d:56:66:75:bc:
66:ad:31:03:2c:ec:0e:c8:62:2e:99:16:d9:5c:39:10:9b:25:
c7:d5:76:51:f8:7a:00:99:34:58:83:50:71:df:a3:31:1e:ae:
bc:6a:95:14:66:24:09:e5:36:c4:0f:53:05:e5:44:8f:60:61:
c6:26:c9:ab:c2:5d:64:5e:48:a9:16:d2:51:d9:6e:8d:bd:d8:
35:8a:a0:36:02:b2:f7:73:2d:bc:33:17:2c:ef:2e:2a:1e:29:
23:a1:6d:de:a5:2d:55:ef:07:df:37:c9:70:37:a0:49:28:17:
d9:74:20:f4:bf:a0:ec:19:5a:80:cf:3d:6c:ed:d8:85:0f:a2:
11:ce:c7:73:2c:e8:e0:a8:3c:5e:7f:36:74:c1:b5:08:b1:d1:
4d:33:26:24:72:41:a7:3b:e9:d8:4c:cd:a0:56:a0:e2:53:a6:
0d:ed:5c:ba
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEN1WzLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZmUwZTc1OTM1NGU4M2NjMTkzMjAzODExMDlkZTIyZGEwZjFhNzAwMB4XDTIyMDEw
MTA0NTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZiYTYyZjBkZDJh
NTA3MTJhMmRkODgxOGY3NTgyYWY5YWRhMTEzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK02hWAwWWA5OcWyAwXcggXJnfUkg7HJa53bsSLmsuX602Gs
6EQpHaV5/NCGwqRHow97Gr1mZJ6QpoNOGE4zwt3yZxkcW70yHI4rjkSCCl/i3YQZ
T3aagG0yjrxzuwi/Pk3pi8E2ql5QQp9vOemhOs2lU29HFe2vS9lwo4blJfTyw8vS
dB25FrEB4hH4yUqI0dwhsAkyjRE+5ZdY0L3TN8WZ4kpsKZ9hAz4fENNtKd2zJCve
5HEKPG1zqYgoxkkiz0eld9YALHFF6ZlFQWAwOmm9yu+hPiDLf29PckeOu/0JTHXN
FdpENH88p6efNEtuXZGTgX+pj2gvRKN0BmSm9eECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRmumLw3SpQcSot2IGPdYKvmtoRMDAfBgNVHSMEGDAWgBR/4OdZNU6DzBky
A4EQneItoPGnADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2YtRG5XVFZPZzh3Wk1nT0JFSjNpTGFEeHB3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMGM3MjQzLTFmZmItNDlkMi1iNWMxLWI0MDJlOGExZDkzNC8x
L1pycGk4TjBxVUhFcUxkaUJqM1dDcjVyYUVUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MGM3MjQzLTFmZmItNDlkMi1iNWMxLWI0MDJlOGExZDkzNC8xL2YtRG5XVFZPZzh3
Wk1nT0JFSjNpTGFEeHB3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAx8YGDAMAwQEUEjQAwQBUEjUAwQF
sEEgMA0EAgACMAcDBQAqAJcAMA0GCSqGSIb3DQEBCwUAA4IBAQCMeDyKr+92crR3
m1w3LOjXlhCYfpp+ZBT0UFM8w5dGH6fDjsOiCRovZfIemj3up7bYG13YlpNfSM0R
U71NESxH4prnSpJQqZ0LGkrf1VqcfjJQcFloHVZmdbxmrTEDLOwOyGIumRbZXDkQ
myXH1XZR+HoAmTRYg1Bx36MxHq68apUUZiQJ5TbED1MF5USPYGHGJsmrwl1kXkip
FtJR2W6Nvdg1iqA2ArL3cy28Mxcs7y4qHikjoW3epS1V7wffN8lwN6BJKBfZdCD0
v6DsGVqAzz1s7diFD6IRzsdzLOjgqDxefzZ0wbUIsdFNMyYkckGnO+nYTM2gVqDi
U6YN7Vy6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:19 2025 by rpki-client