Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/Z4U32-B1hkUtGrPrOjiKYNYIz7Q.roa
File: Z4U32-B1hkUtGrPrOjiKYNYIz7Q.roa (raw, json)
Hash identifier: x2NIxhc1vgWLqyjD5x6CLpwALeGzYDA0TGSJH6NmOhg=
Subject key identifier: 67:85:37:DB:E0:75:86:45:2D:1A:B3:EB:3A:38:8A:60:D6:08:CF:B4
Certificate issuer: /CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Certificate serial: 018571BA0F7A3897587A74B8944ADB684F83
Authority key identifier: CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/Z4U32-B1hkUtGrPrOjiKYNYIz7Q.roa
Signing time: Mon 02 Jan 2023 09:04:57 +0000
ROA not before: Mon 02 Jan 2023 09:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 91.102.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:0f:7a:38:97:58:7a:74:b8:94:4a:db:68:4f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Validity
Not Before: Jan 2 09:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=678537dbe07586452d1ab3eb3a388a60d608cfb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d4:cd:24:0d:e8:f3:5c:fd:fb:44:e2:8e:10:
44:cc:ee:92:c1:c5:32:2d:5a:37:f2:ba:94:c8:82:
fd:c3:6f:0f:80:e5:5c:cb:8d:28:b0:76:de:e9:d4:
5b:d2:be:ea:35:05:81:2d:be:22:b9:de:6e:0d:ac:
d3:94:e3:72:18:d3:86:8c:44:af:c6:dc:24:36:7d:
7b:60:ef:7f:99:ce:0a:19:1e:7c:d7:0c:2c:bb:c1:
4f:5f:f5:27:05:2b:b1:5d:66:b8:ef:a8:96:4c:88:
50:17:09:2d:f3:28:55:4a:aa:39:75:2a:f7:db:63:
29:4e:fa:18:0d:de:e5:35:b0:56:ca:32:93:6c:e7:
ae:ca:d6:c5:4f:8c:7a:d9:82:2b:65:7a:d4:05:3e:
6d:81:d9:a2:03:78:57:83:a2:89:72:44:84:89:e7:
75:64:72:c2:a3:23:7b:b0:e6:99:a5:9b:22:57:21:
b0:b4:7b:aa:74:18:e5:e4:5e:37:25:0c:2d:0e:58:
8f:d1:98:ce:8f:39:9d:a7:04:76:b4:a2:2e:29:ce:
d3:12:3a:14:2a:95:43:eb:63:92:94:1d:2f:d1:83:
1b:f4:64:1d:80:3e:26:95:2a:54:62:d2:90:b1:77:
b3:cf:09:ca:df:33:2d:c5:a9:2c:18:bf:e8:7b:cd:
2d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:85:37:DB:E0:75:86:45:2D:1A:B3:EB:3A:38:8A:60:D6:08:CF:B4
X509v3 Authority Key Identifier:
keyid:CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/Z4U32-B1hkUtGrPrOjiKYNYIz7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/zsOzR6IWvEN7C9TPC8jNpl6MLTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.186.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:a8:a2:3f:23:f8:70:cd:25:ee:38:fe:46:96:ee:19:9c:56:
b3:e9:58:8b:ff:29:d7:10:9c:e3:90:66:3d:bc:db:7d:32:57:
3e:0b:0f:a9:2d:3e:f3:9a:bd:b4:46:4c:77:36:62:5a:62:e1:
c5:da:6f:34:c7:ad:c5:3f:7c:7e:d6:93:0e:83:45:4a:a7:a1:
5a:db:db:d9:66:de:17:7f:f3:30:02:ac:5b:24:b7:ee:4c:ab:
85:06:60:44:9b:b8:9f:5b:bf:65:97:c0:bf:ae:f3:a8:79:b8:
e4:79:08:3e:e9:ca:14:c5:e7:69:45:27:1d:da:96:c9:19:6c:
4a:6b:45:2e:33:47:c6:09:02:29:4f:74:e7:e1:ba:4f:1b:a1:
a4:5b:85:94:02:3e:b4:dc:22:8d:de:68:f5:58:b5:5b:90:2e:
58:7a:e2:d3:bd:aa:c0:07:62:94:d5:97:09:94:99:eb:04:da:
3e:a2:5b:e5:d5:07:f3:b7:3e:28:b1:b1:aa:de:f6:12:42:50:
de:01:2e:c5:b7:fb:81:8a:68:20:b1:60:53:c7:1b:f2:e6:1d:
d7:51:2e:48:0c:b7:6a:df:f1:83:9d:e5:8a:80:1e:a5:75:c2:
5c:9b:66:71:22:18:cb:c7:4f:28:0e:8a:30:69:2e:21:77:b0:
b3:b0:f9:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxug96OJdYenS4lErbaE+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzNiMzQ3YTIxNmJjNDM3YjBiZDRjZjBiYzhjZGE2NWU4
YzJkM2IwHhcNMjMwMTAyMDkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzg1MzdkYmUwNzU4NjQ1MmQxYWIzZWIzYTM4OGE2MGQ2MDhjZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9TNJA3o81z9+0TijhBEzO6SwcUy
LVo38rqUyIL9w28PgOVcy40osHbe6dRb0r7qNQWBLb4iud5uDazTlONyGNOGjESv
xtwkNn17YO9/mc4KGR581wwsu8FPX/UnBSuxXWa476iWTIhQFwkt8yhVSqo5dSr3
22MpTvoYDd7lNbBWyjKTbOeuytbFT4x62YIrZXrUBT5tgdmiA3hXg6KJckSEied1
ZHLCoyN7sOaZpZsiVyGwtHuqdBjl5F43JQwtDliP0ZjOjzmdpwR2tKIuKc7TEjoU
KpVD62OSlB0v0YMb9GQdgD4mlSpUYtKQsXezzwnK3zMtxaksGL/oe80t/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeFN9vgdYZFLRqz6zo4imDWCM+0MB8GA1UdIwQY
MBaAFM7Ds0eiFrxDewvUzwvIzaZejC07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYt
MTU1ZmIzZmUyODdlLzEvWjRVMzItQjFoa1V0R3JQck9qaUtZTllJejdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYtMTU1ZmIzZmUyODdl
LzEvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2a6MA0G
CSqGSIb3DQEBCwUAA4IBAQBcqKI/I/hwzSXuOP5Glu4ZnFaz6ViL/ynXEJzjkGY9
vNt9Mlc+Cw+pLT7zmr20Rkx3NmJaYuHF2m80x63FP3x+1pMOg0VKp6Fa29vZZt4X
f/MwAqxbJLfuTKuFBmBEm7ifW79ll8C/rvOoebjkeQg+6coUxedpRScd2pbJGWxK
a0UuM0fGCQIpT3Tn4bpPG6GkW4WUAj603CKN3mj1WLVbkC5YeuLTvarAB2KU1ZcJ
lJnrBNo+olvl1Qfztz4osbGq3vYSQlDeAS7Ft/uBimggsWBTxxvy5h3XUS5IDLdq
3/GDneWKgB6ldcJcm2ZxIhjLx08oDoowaS4hd7CzsPlt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:43 2025 by rpki-client