Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/fZkNqPKRt0T9LtoRS_Sk2H-VAlw.roa
File: fZkNqPKRt0T9LtoRS_Sk2H-VAlw.roa (raw, json)
Hash identifier: vGXGDKFEIClAeiYRvk1yJZHHHe8kVxIv5SuOH/BkFGE=
Subject key identifier: 7D:99:0D:A8:F2:91:B7:44:FD:2E:DA:11:4B:F4:A4:D8:7F:95:02:5C
Certificate issuer: /CN=67dcd926bf370d3fa0183a138b57b0983cdaca0a
Certificate serial: 0185714C14F2A799CA0A429C9175C189A8F1
Authority key identifier: 67:DC:D9:26:BF:37:0D:3F:A0:18:3A:13:8B:57:B0:98:3C:DA:CA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9zZJr83DT-gGDoTi1ewmDzaygo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/fZkNqPKRt0T9LtoRS_Sk2H-VAlw.roa
Signing time: Mon 02 Jan 2023 07:04:49 +0000
ROA not before: Mon 02 Jan 2023 07:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42750
IP address blocks: 185.195.72.0/22 maxlen: 22
185.195.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:14:f2:a7:99:ca:0a:42:9c:91:75:c1:89:a8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67dcd926bf370d3fa0183a138b57b0983cdaca0a
Validity
Not Before: Jan 2 07:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d990da8f291b744fd2eda114bf4a4d87f95025c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:34:d7:5b:74:a1:d6:a8:b9:52:fc:fa:f1:7a:
01:8e:fd:4a:fe:d1:7a:f6:3f:96:5f:ac:2c:8c:e0:
35:b8:a6:44:c8:66:7f:7b:3c:f1:cd:42:dc:86:c8:
41:66:03:15:af:35:cb:71:6a:62:14:46:46:ce:55:
16:d0:f7:00:d2:83:e0:dd:c1:f6:a4:79:54:34:3a:
c4:20:43:ee:2b:1d:45:1f:33:3f:05:25:dc:51:60:
f1:76:0b:e5:b7:b5:95:65:4f:c9:c4:33:b4:4c:62:
ee:f1:31:89:87:f4:4b:ef:80:28:9c:8c:b8:1c:9b:
8d:d7:f4:47:e2:a6:66:eb:72:be:c4:44:69:b8:d8:
b8:6f:8e:3d:8d:2d:eb:c2:91:f5:0b:39:4d:9f:8d:
90:69:9c:64:2b:20:48:ab:c4:86:70:c7:9b:6c:44:
04:40:7e:16:b6:f2:9f:5c:ee:32:49:3f:79:89:1e:
f3:e3:68:87:ff:25:74:3e:f1:37:1a:df:e3:f5:7f:
d2:b5:ad:17:96:59:7e:48:04:58:95:02:3e:26:dc:
99:0f:7e:c3:f5:02:58:01:70:1b:64:68:05:91:9a:
bd:02:5b:bb:cb:68:dd:7c:01:0c:c6:fd:eb:ee:c4:
42:39:64:1b:ed:50:22:30:3a:b7:09:e0:7b:f5:bc:
2b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:99:0D:A8:F2:91:B7:44:FD:2E:DA:11:4B:F4:A4:D8:7F:95:02:5C
X509v3 Authority Key Identifier:
keyid:67:DC:D9:26:BF:37:0D:3F:A0:18:3A:13:8B:57:B0:98:3C:DA:CA:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9zZJr83DT-gGDoTi1ewmDzaygo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/fZkNqPKRt0T9LtoRS_Sk2H-VAlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/Z9zZJr83DT-gGDoTi1ewmDzaygo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.72.0/22
Signature Algorithm: sha256WithRSAEncryption
27:e5:21:06:86:14:28:42:10:bd:a6:ea:23:20:6b:59:f9:e6:
51:ea:0c:18:22:ef:05:7c:75:b8:48:01:ee:0b:6c:f6:1e:bd:
04:b3:6d:a6:68:03:f3:23:78:d7:fc:2a:0a:83:8d:53:f9:da:
02:3f:06:1e:d4:24:ab:35:d4:f8:15:75:f5:e7:8d:c0:77:05:
1f:90:5c:b0:0a:99:7a:22:11:b4:eb:bd:ed:a9:53:75:a6:d0:
43:0c:e6:24:93:ff:c9:0d:84:e3:b8:5c:d1:a0:79:c6:af:40:
09:ee:e0:c1:94:66:f6:78:c3:16:df:d3:73:23:72:b0:3c:1f:
d3:0a:d5:dc:9e:49:7c:89:9a:12:16:a5:96:31:a2:01:7e:d8:
c3:bb:a5:e4:55:8a:f7:48:42:80:26:e5:14:5f:29:7b:4d:df:
d0:b6:cb:97:90:7d:cb:cf:c5:7c:be:d5:2d:d0:f7:db:64:6a:
52:43:68:25:b0:f0:f2:fe:ff:3a:7b:2c:a4:fc:b8:5a:f6:4a:
53:cc:c3:d8:f0:af:d0:01:57:e3:7d:87:fd:c2:b6:a5:16:0c:
ca:c1:9f:43:cc:67:4f:9c:00:be:76:eb:b5:e3:f8:d5:d7:73:
07:bf:f1:88:34:d0:ef:db:3a:b2:71:10:35:c9:68:2b:5d:b2:
84:d6:c9:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTBTyp5nKCkKckXXBiajxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZGNkOTI2YmYzNzBkM2ZhMDE4M2ExMzhiNTdiMDk4M2Nk
YWNhMGEwHhcNMjMwMTAyMDcwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDk5MGRhOGYyOTFiNzQ0ZmQyZWRhMTE0YmY0YTRkODdmOTUwMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzTXW3Sh1qi5Uvz68XoBjv1K/tF6
9j+WX6wsjOA1uKZEyGZ/ezzxzULchshBZgMVrzXLcWpiFEZGzlUW0PcA0oPg3cH2
pHlUNDrEIEPuKx1FHzM/BSXcUWDxdgvlt7WVZU/JxDO0TGLu8TGJh/RL74AonIy4
HJuN1/RH4qZm63K+xERpuNi4b449jS3rwpH1CzlNn42QaZxkKyBIq8SGcMebbEQE
QH4WtvKfXO4yST95iR7z42iH/yV0PvE3Gt/j9X/Sta0Xlll+SARYlQI+JtyZD37D
9QJYAXAbZGgFkZq9Alu7y2jdfAEMxv3r7sRCOWQb7VAiMDq3CeB79bwrGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH2ZDajykbdE/S7aEUv0pNh/lQJcMB8GA1UdIwQY
MBaAFGfc2Sa/Nw0/oBg6E4tXsJg82soKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjl6WkpyODNEVC1nR0RvVGkxZXdtRHpheWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lMWM4MGQtYTYzYi00ODFjLWE5ZjIt
OWY1YjJlYjQ5MmEwLzEvZlprTnFQS1J0MFQ5THRvUlNfU2sySC1WQWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lMWM4MGQtYTYzYi00ODFjLWE5ZjItOWY1YjJlYjQ5MmEw
LzEvWjl6WkpyODNEVC1nR0RvVGkxZXdtRHpheWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucNIMA0G
CSqGSIb3DQEBCwUAA4IBAQAn5SEGhhQoQhC9puojIGtZ+eZR6gwYIu8FfHW4SAHu
C2z2Hr0Es22maAPzI3jX/CoKg41T+doCPwYe1CSrNdT4FXX1543AdwUfkFywCpl6
IhG0673tqVN1ptBDDOYkk//JDYTjuFzRoHnGr0AJ7uDBlGb2eMMW39NzI3KwPB/T
CtXcnkl8iZoSFqWWMaIBftjDu6XkVYr3SEKAJuUUXyl7Td/QtsuXkH3Lz8V8vtUt
0PfbZGpSQ2glsPDy/v86eyyk/Lha9kpTzMPY8K/QAVfjfYf9wralFgzKwZ9DzGdP
nAC+duu14/jV13MHv/GINNDv2zqycRA1yWgrXbKE1sk2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:28 2025 by rpki-client