Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/zx6AYJt7DOI1fCeL6QnfKoqPRt4.roa
File: zx6AYJt7DOI1fCeL6QnfKoqPRt4.roa (raw, json)
Hash identifier: uc7BYakXAkdPPcdyMMNdj68hV8BzmDA80pRAJ1SYg6w=
Subject key identifier: CF:1E:80:60:9B:7B:0C:E2:35:7C:27:8B:E9:09:DF:2A:8A:8F:46:DE
Certificate issuer: /CN=868256ae34e54526c5b25aac2b9d5f5fa87d061e
Certificate serial: 01856B6E804D6D034B603E7C34ACAD69D5C2
Authority key identifier: 86:82:56:AE:34:E5:45:26:C5:B2:5A:AC:2B:9D:5F:5F:A8:7D:06:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoJWrjTlRSbFslqsK51fX6h9Bh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/zx6AYJt7DOI1fCeL6QnfKoqPRt4.roa
Signing time: Sun 01 Jan 2023 03:44:41 +0000
ROA not before: Sun 01 Jan 2023 03:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39809
IP address blocks: 195.170.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:80:4d:6d:03:4b:60:3e:7c:34:ac:ad:69:d5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=868256ae34e54526c5b25aac2b9d5f5fa87d061e
Validity
Not Before: Jan 1 03:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf1e80609b7b0ce2357c278be909df2a8a8f46de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:50:ea:1f:68:4e:60:7c:a5:2e:44:63:12:4a:
b8:ff:1b:e1:1a:70:9d:3a:97:b6:5e:ed:5a:ee:39:
2f:fc:12:7b:db:fc:af:88:b5:f9:6a:9d:31:ce:c7:
38:15:fe:d5:a6:2c:93:0c:97:35:d9:41:b4:a0:1d:
dd:4c:1c:f3:80:6c:97:c8:6c:49:de:87:f0:a2:69:
99:db:ee:e1:10:e9:4e:1c:f3:ab:96:76:07:52:27:
69:8a:06:a7:20:88:ed:72:0b:37:b3:2e:ed:83:28:
0d:ea:ec:34:8a:29:15:07:db:f4:f2:60:a1:61:79:
84:3d:3b:d7:41:26:ea:84:8b:4c:e7:68:d1:17:5c:
b3:ee:b0:aa:07:5d:ba:f0:f9:3c:d4:31:6f:3c:73:
5c:59:ab:8c:14:3e:bb:a0:27:d9:5f:d7:26:34:d0:
dd:51:fc:6b:11:12:71:d5:e1:ab:7a:b7:4d:2c:35:
c2:43:39:79:c9:37:ba:0b:2e:a8:a1:0e:63:07:31:
fc:39:7d:c7:08:4a:b7:cc:96:8c:45:36:01:77:85:
96:8e:67:4f:8a:d7:14:ad:ff:b3:8b:2a:be:2d:a9:
e7:5c:db:39:2c:5b:40:3f:22:f1:22:0f:6b:8e:ae:
1e:cb:c6:22:48:30:ad:c6:83:37:f4:26:e5:22:ac:
fc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1E:80:60:9B:7B:0C:E2:35:7C:27:8B:E9:09:DF:2A:8A:8F:46:DE
X509v3 Authority Key Identifier:
keyid:86:82:56:AE:34:E5:45:26:C5:B2:5A:AC:2B:9D:5F:5F:A8:7D:06:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoJWrjTlRSbFslqsK51fX6h9Bh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/zx6AYJt7DOI1fCeL6QnfKoqPRt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/hoJWrjTlRSbFslqsK51fX6h9Bh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.161.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d6:39:85:c6:33:13:7d:f3:21:f6:91:c3:b0:52:55:08:48:
9f:87:c5:c6:fe:03:a3:e6:26:27:d2:70:72:3b:e3:40:dd:d8:
3c:a1:be:32:b9:2b:dd:5f:df:f2:4b:9f:2e:b3:98:42:f8:d7:
26:4c:29:0a:b0:de:54:f1:8e:91:2f:c6:f4:0c:6d:f9:3c:89:
c7:20:ec:f5:23:b9:b7:93:73:c5:7a:69:30:2c:13:0c:7d:5b:
8b:1b:80:a7:35:32:95:9f:1e:ea:62:ac:a5:01:68:58:fa:fb:
dc:48:b6:67:3d:f4:f6:ea:57:a3:ba:eb:94:54:6e:8f:77:88:
2c:2f:3d:93:88:1b:93:ae:8e:96:38:40:07:f5:a5:02:e2:41:
24:fd:a9:13:a0:be:4b:9b:04:00:02:ff:9d:7f:52:72:22:3b:
38:12:fd:e9:63:d1:b3:f0:46:50:d1:f0:c0:e6:92:d2:07:37:
ae:b7:8a:e4:82:7e:98:a6:ce:cd:70:68:1b:54:88:5b:45:da:
8c:93:fa:6e:b8:80:7e:14:c6:8e:46:27:c0:d8:11:8d:ec:b2:
26:23:3b:58:d9:01:f0:d4:36:26:48:b9:1d:8a:2e:3c:fe:4e:
56:27:50:fc:34:cb:a2:aa:28:3e:36:cf:4c:ee:13:ba:92:f5:
bd:3e:df:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrboBNbQNLYD58NKytadXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODI1NmFlMzRlNTQ1MjZjNWIyNWFhYzJiOWQ1ZjVmYTg3
ZDA2MWUwHhcNMjMwMTAxMDM0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFlODA2MDliN2IwY2UyMzU3YzI3OGJlOTA5ZGYyYThhOGY0NmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21DqH2hOYHylLkRjEkq4/xvhGnCd
Ope2Xu1a7jkv/BJ72/yviLX5ap0xzsc4Ff7VpiyTDJc12UG0oB3dTBzzgGyXyGxJ
3ofwommZ2+7hEOlOHPOrlnYHUidpiganIIjtcgs3sy7tgygN6uw0iikVB9v08mCh
YXmEPTvXQSbqhItM52jRF1yz7rCqB1268Pk81DFvPHNcWauMFD67oCfZX9cmNNDd
UfxrERJx1eGrerdNLDXCQzl5yTe6Cy6ooQ5jBzH8OX3HCEq3zJaMRTYBd4WWjmdP
itcUrf+ziyq+LannXNs5LFtAPyLxIg9rjq4ey8YiSDCtxoM39CblIqz8mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8egGCbewziNXwni+kJ3yqKj0beMB8GA1UdIwQY
MBaAFIaCVq405UUmxbJarCudX1+ofQYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9KV3JqVGxSU2JGc2xxc0s1MWZYNmg5Qmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YjI5NmEtZmQwMy00YWZhLWJjZDIt
Y2JmNjA3MDBlYjkyLzEveng2QVlKdDdET0kxZkNlTDZRbmZLb3FQUnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YjI5NmEtZmQwMy00YWZhLWJjZDItY2JmNjA3MDBlYjky
LzEvaG9KV3JqVGxSU2JGc2xxc0s1MWZYNmg5Qmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qhMA0G
CSqGSIb3DQEBCwUAA4IBAQAd1jmFxjMTffMh9pHDsFJVCEifh8XG/gOj5iYn0nBy
O+NA3dg8ob4yuSvdX9/yS58us5hC+NcmTCkKsN5U8Y6RL8b0DG35PInHIOz1I7m3
k3PFemkwLBMMfVuLG4CnNTKVnx7qYqylAWhY+vvcSLZnPfT26lejuuuUVG6Pd4gs
Lz2TiBuTro6WOEAH9aUC4kEk/akToL5LmwQAAv+df1JyIjs4Ev3pY9Gz8EZQ0fDA
5pLSBzeut4rkgn6Yps7NcGgbVIhbRdqMk/puuIB+FMaORifA2BGN7LImIztY2QHw
1DYmSLkdii48/k5WJ1D8NMuiqig+Ns9M7hO6kvW9Pt+U
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:19 2025 by rpki-client