Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/2zHLGPBJvfjgrhsdd87re3q5k6M.roa
File: 2zHLGPBJvfjgrhsdd87re3q5k6M.roa (raw, json)
Hash identifier: sJT2hUccZD25DnvxZopJYVIwoT29NNW2OV3dLFIVKvU=
Subject key identifier: DB:31:CB:18:F0:49:BD:F8:E0:AE:1B:1D:77:CE:EB:7B:7A:B9:93:A3
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 0406D8A3
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/2zHLGPBJvfjgrhsdd87re3q5k6M.roa
Signing time: Sat 01 Jan 2022 01:52:32 +0000
ROA not before: Sat 01 Jan 2022 01:52:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204448
IP address blocks: 89.25.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67557539 (0x406d8a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 01:52:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db31cb18f049bdf8e0ae1b1d77ceeb7b7ab993a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f2:7f:ba:c8:73:30:f9:05:89:03:7f:a1:18:
11:88:a0:23:5b:7c:db:1d:3c:41:5b:2e:89:af:ae:
4a:d7:4b:79:69:07:17:d0:05:56:9b:e7:90:23:74:
35:97:fb:b3:93:4c:16:f0:06:11:53:85:01:99:6a:
04:80:8a:f7:7b:60:f4:31:09:6a:16:df:cd:dd:cf:
b4:a8:bc:ea:9a:2b:f8:97:00:18:9f:21:30:3a:da:
f3:9c:7f:e0:69:87:5e:84:67:c2:45:f0:db:5a:00:
58:40:75:0e:74:f4:b3:ff:06:36:09:bd:14:df:4d:
ca:25:8f:a4:54:1c:3d:42:63:34:e0:b6:9d:6d:38:
96:e4:12:ac:d3:57:cb:61:81:4b:16:ec:cb:7d:69:
10:3e:1e:5d:7f:e4:3a:26:9c:d6:a0:5a:82:19:80:
a3:5e:31:ba:b6:d0:ab:9c:3b:91:9b:0e:9e:bb:32:
b1:e7:4b:ec:96:af:28:c9:de:26:9c:b9:f4:8c:3b:
68:7e:83:20:0f:e9:a3:1a:fb:62:da:7d:db:93:1b:
db:b2:fb:d2:07:94:0f:b4:2d:d2:53:15:3c:c9:84:
bf:9c:f4:16:76:c9:e3:fe:06:0f:74:60:c9:c8:84:
3f:b5:22:cd:72:4c:77:66:54:ea:e7:86:c9:a2:57:
fa:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:31:CB:18:F0:49:BD:F8:E0:AE:1B:1D:77:CE:EB:7B:7A:B9:93:A3
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/2zHLGPBJvfjgrhsdd87re3q5k6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.25.34.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:38:56:5c:fd:09:9b:72:42:76:0d:da:b5:52:d5:a6:05:be:
4f:d3:07:9c:fb:ac:7e:3e:f5:ef:42:5a:74:82:dc:87:d5:07:
c7:51:c4:ec:03:e6:3c:f0:40:66:d6:f8:b2:44:36:92:d6:b3:
2d:a1:be:b4:e5:2b:a8:9e:42:28:36:c2:c1:d9:24:c0:13:ba:
f7:29:10:61:d9:aa:a2:e3:b1:01:d3:8f:f5:12:15:7a:23:13:
f7:2b:07:86:91:5a:57:72:48:6a:42:48:d2:01:f8:d4:0e:95:
2a:52:f5:3a:19:b7:9a:82:42:30:b9:38:87:fa:80:b6:10:74:
82:74:0c:d5:c9:b1:fa:45:03:65:16:28:e5:b9:6e:c8:6a:ca:
7e:2c:db:6d:07:9b:ce:36:87:0c:b6:f6:7d:29:46:2e:d7:43:
8e:f4:b1:3d:ca:a0:3c:c5:72:0a:21:a4:54:31:e7:fb:c0:dd:
0f:a1:f4:fa:47:d8:7c:25:e3:95:4e:b0:8a:5b:6f:f9:ae:80:
96:8c:c8:5c:8f:d8:83:3b:f6:75:42:8c:7d:4e:38:cf:30:fb:
9e:a6:f8:fb:f8:7d:fd:dc:28:50:72:7e:cf:51:f3:45:5f:3a:
ed:1b:8f:0a:f7:7e:97:0b:6e:12:8b:73:f5:71:ae:b8:5d:41:
11:ed:50:65
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBAbYozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDdkNzU3M2FhY2FlODIxYzg3ZDZkMzY0MzFjZmU0YjI4MDFhYjQxMB4XDTIyMDEw
MTAxNTIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIzMWNiMThmMDQ5
YmRmOGUwYWUxYjFkNzdjZWViN2I3YWI5OTNhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbyf7rIczD5BYkDf6EYEYigI1t82x08QVsuia+uStdLeWkH
F9AFVpvnkCN0NZf7s5NMFvAGEVOFAZlqBICK93tg9DEJahbfzd3PtKi86por+JcA
GJ8hMDra85x/4GmHXoRnwkXw21oAWEB1DnT0s/8GNgm9FN9NyiWPpFQcPUJjNOC2
nW04luQSrNNXy2GBSxbsy31pED4eXX/kOiac1qBaghmAo14xurbQq5w7kZsOnrsy
sedL7JavKMneJpy59Iw7aH6DIA/poxr7Ytp925Mb27L70geUD7Qt0lMVPMmEv5z0
FnbJ4/4GD3RgyciEP7UizXJMd2ZU6ueGyaJX+oUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbMcsY8Em9+OCuGx13zut7ermTozAfBgNVHSMEGDAWgBTQfXVzqsroIch9
bTZDHP5LKAGrQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBIMTFjNnJLNkNISWZXMDJReHotU3lnQnEwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvNTcyNWNjLWFkNzAtNDZmOC1iYjYyLWNmOWRjNWJhYWE3OS8x
LzJ6SExHUEJKdmZqZ3Joc2RkODdyZTNxNWs2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
NTcyNWNjLWFkNzAtNDZmOC1iYjYyLWNmOWRjNWJhYWE3OS8xLzBIMTFjNnJLNkNI
SWZXMDJReHotU3lnQnEwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkZIjANBgkqhkiG9w0BAQsFAAOC
AQEAajhWXP0Jm3JCdg3atVLVpgW+T9MHnPusfj7170JadILch9UHx1HE7APmPPBA
Ztb4skQ2ktazLaG+tOUrqJ5CKDbCwdkkwBO69ykQYdmqouOxAdOP9RIVeiMT9ysH
hpFaV3JIakJI0gH41A6VKlL1Ohm3moJCMLk4h/qAthB0gnQM1cmx+kUDZRYo5blu
yGrKfizbbQebzjaHDLb2fSlGLtdDjvSxPcqgPMVyCiGkVDHn+8DdD6H0+kfYfCXj
lU6wiltv+a6AlozIXI/Ygzv2dUKMfU44zzD7nqb4+/h9/dwoUHJ+z1HzRV867RuP
Cvd+lwtuEotz9XGuuF1BEe1QZQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:44 2025 by rpki-client