Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/ZcluZRKiQKMAQbrY2IktBinH_6s.roa
File: ZcluZRKiQKMAQbrY2IktBinH_6s.roa (raw, json)
Hash identifier: zmVtW3YcRq9wlIJ5gWmq3qN63vWsw4ooQ4DDQGZ8+4Q=
Subject key identifier: 65:C9:6E:65:12:A2:40:A3:00:41:BA:D8:D8:89:2D:06:29:C7:FF:AB
Certificate issuer: /CN=d77100a46cc46ae896bdc2e0e074e3055ab8867b
Certificate serial: 018570CBDCF5BF7D9B7552B1C847FC254624
Authority key identifier: D7:71:00:A4:6C:C4:6A:E8:96:BD:C2:E0:E0:74:E3:05:5A:B8:86:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13EApGzEauiWvcLg4HTjBVq4hns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/ZcluZRKiQKMAQbrY2IktBinH_6s.roa
Signing time: Mon 02 Jan 2023 04:44:46 +0000
ROA not before: Mon 02 Jan 2023 04:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33911
IP address blocks: 195.254.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:dc:f5:bf:7d:9b:75:52:b1:c8:47:fc:25:46:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d77100a46cc46ae896bdc2e0e074e3055ab8867b
Validity
Not Before: Jan 2 04:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65c96e6512a240a30041bad8d8892d0629c7ffab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:97:89:4a:ad:a8:a7:d5:ef:f2:9a:e5:88:5f:
3f:6b:9e:d5:78:44:b8:81:a8:5c:01:7c:19:9f:c6:
7c:a9:16:5b:61:a3:a4:a9:a5:97:c2:61:cb:3d:67:
e4:15:72:1d:83:f8:2f:6c:ae:03:3e:50:c3:13:c0:
43:f0:d3:4f:fa:c3:d4:0c:60:c4:cd:05:54:d8:06:
e9:cf:dd:1d:08:ee:e7:bc:83:a2:65:56:33:bf:85:
fb:7c:ef:20:30:8f:60:78:1e:89:86:30:37:62:bd:
f9:f0:bd:0f:3e:38:4c:de:18:c9:28:0a:67:c6:ad:
bc:a2:7d:73:0a:3e:70:7a:c6:8e:db:7b:47:5e:c8:
27:dc:15:ed:7e:45:0f:15:eb:a4:0b:44:95:d2:cf:
c6:31:ad:2a:e2:13:bf:08:e2:4c:c9:41:aa:73:d7:
8d:2f:d2:45:a7:3d:5b:c5:73:e5:b0:0f:6b:09:2b:
7c:ff:16:08:9f:fe:10:63:f6:7f:bf:02:1d:74:b3:
1d:c5:94:2e:39:0e:2b:2e:fc:3a:fb:79:b3:e4:9c:
fe:e1:c5:3a:a5:84:b0:bf:41:c5:30:07:9e:69:f7:
1b:ae:af:24:0e:c8:ce:d2:d6:d7:27:16:5d:49:cf:
b2:39:bf:9a:ec:5d:02:a4:45:9c:67:e1:b7:42:fb:
82:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C9:6E:65:12:A2:40:A3:00:41:BA:D8:D8:89:2D:06:29:C7:FF:AB
X509v3 Authority Key Identifier:
keyid:D7:71:00:A4:6C:C4:6A:E8:96:BD:C2:E0:E0:74:E3:05:5A:B8:86:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13EApGzEauiWvcLg4HTjBVq4hns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/ZcluZRKiQKMAQbrY2IktBinH_6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/13EApGzEauiWvcLg4HTjBVq4hns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.134.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:eb:ef:e2:09:81:6b:3f:07:c6:1e:f9:ab:64:c1:6b:06:1c:
69:54:fc:7d:ea:29:45:67:fb:2e:2c:ab:55:4a:11:9f:bb:cf:
f2:32:a5:01:47:25:35:b5:3f:06:bf:59:fd:4e:5e:a7:70:37:
ce:4a:ce:39:ac:c9:e3:11:cc:b3:88:a0:94:c6:74:e1:bd:4d:
ae:bb:fc:ae:6f:c4:38:8e:d2:8b:87:e2:2e:0a:24:da:7e:00:
d1:8c:c2:8f:87:ae:9b:7e:86:7a:d6:0b:6c:91:33:37:30:ef:
d2:57:7c:96:f1:a4:b5:46:dd:f0:78:dd:55:45:ed:c5:cd:75:
82:cf:0e:61:91:8b:89:52:0d:fd:72:ad:c6:24:d5:2a:ae:8a:
52:44:57:f1:4d:63:57:b1:72:af:8f:3d:5a:b3:d8:63:96:cb:
6c:d2:b4:a4:ad:14:5e:d3:55:69:30:0e:6d:73:3b:ec:e9:79:
4f:18:1a:1f:8b:16:73:80:79:a7:89:24:5e:44:81:7f:d1:3c:
cf:55:66:e1:2f:db:64:53:1e:7b:9b:18:7f:a1:54:b9:74:5d:
36:15:62:6c:63:7a:9a:45:3c:c2:61:d9:e7:3c:b2:7b:15:15:
2b:aa:dc:c8:db:08:b9:3d:9d:44:53:21:1f:eb:ad:3f:bf:19:
a6:7d:fd:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy9z1v32bdVKxyEf8JUYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NzEwMGE0NmNjNDZhZTg5NmJkYzJlMGUwNzRlMzA1NWFi
ODg2N2IwHhcNMjMwMTAyMDQ0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWM5NmU2NTEyYTI0MGEzMDA0MWJhZDhkODg5MmQwNjI5YzdmZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZeJSq2op9Xv8prliF8/a57VeES4
gahcAXwZn8Z8qRZbYaOkqaWXwmHLPWfkFXIdg/gvbK4DPlDDE8BD8NNP+sPUDGDE
zQVU2Abpz90dCO7nvIOiZVYzv4X7fO8gMI9geB6JhjA3Yr358L0PPjhM3hjJKApn
xq28on1zCj5wesaO23tHXsgn3BXtfkUPFeukC0SV0s/GMa0q4hO/COJMyUGqc9eN
L9JFpz1bxXPlsA9rCSt8/xYIn/4QY/Z/vwIddLMdxZQuOQ4rLvw6+3mz5Jz+4cU6
pYSwv0HFMAeeafcbrq8kDsjO0tbXJxZdSc+yOb+a7F0CpEWcZ+G3QvuCiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXJbmUSokCjAEG62NiJLQYpx/+rMB8GA1UdIwQY
MBaAFNdxAKRsxGrolr3C4OB04wVauIZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNFQXBHekVhdWlXdmNMZzRIVGpCVnE0aG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8zNmUzODItMmI2Mi00NGRjLThmYjIt
ZGQ1MGJlMDY3NDAxLzEvWmNsdVpSS2lRS01BUWJyWTJJa3RCaW5IXzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8zNmUzODItMmI2Mi00NGRjLThmYjItZGQ1MGJlMDY3NDAx
LzEvMTNFQXBHekVhdWlXdmNMZzRIVGpCVnE0aG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/6GMA0G
CSqGSIb3DQEBCwUAA4IBAQBb6+/iCYFrPwfGHvmrZMFrBhxpVPx96ilFZ/suLKtV
ShGfu8/yMqUBRyU1tT8Gv1n9Tl6ncDfOSs45rMnjEcyziKCUxnThvU2uu/yub8Q4
jtKLh+IuCiTafgDRjMKPh66bfoZ61gtskTM3MO/SV3yW8aS1Rt3weN1VRe3FzXWC
zw5hkYuJUg39cq3GJNUqropSRFfxTWNXsXKvjz1as9hjlsts0rSkrRRe01VpMA5t
czvs6XlPGBofixZzgHmniSReRIF/0TzPVWbhL9tkUx57mxh/oVS5dF02FWJsY3qa
RTzCYdnnPLJ7FRUrqtzI2wi5PZ1EUyEf660/vxmmff1q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:18 2025 by rpki-client