Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/zhuVS4M_8WtmBtMW6oZviTVfagE.roa
File: zhuVS4M_8WtmBtMW6oZviTVfagE.roa (raw, json)
Hash identifier: Un+K9ixiGBUjo3A7U8vEdMkFp7maBCvNFfRp5YsS6IQ=
Subject key identifier: CE:1B:95:4B:83:3F:F1:6B:66:06:D3:16:EA:86:6F:89:35:5F:6A:01
Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Certificate serial: 01857195703BC162BD76CAAB911CB4DC7648
Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/zhuVS4M_8WtmBtMW6oZviTVfagE.roa
Signing time: Mon 02 Jan 2023 08:24:56 +0000
ROA not before: Mon 02 Jan 2023 08:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16035
IP address blocks: 185.152.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:70:3b:c1:62:bd:76:ca:ab:91:1c:b4:dc:76:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Validity
Not Before: Jan 2 08:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce1b954b833ff16b6606d316ea866f89355f6a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d4:e8:1f:f9:c0:22:bf:b2:0a:b1:1a:58:34:
32:a2:21:a4:28:3d:12:69:b6:e8:0d:d1:b3:a1:26:
4a:a8:ac:c8:c0:6d:94:e3:d8:67:c3:57:73:a1:7e:
eb:55:6e:23:d3:14:29:07:a4:41:a4:d2:ae:45:8e:
c0:da:9e:0f:01:39:ea:e5:f3:fa:72:a2:70:6f:cd:
93:0e:82:88:69:75:85:06:f4:d6:35:0e:94:32:a5:
fb:70:6c:20:82:65:40:ca:59:f4:8a:fb:b4:86:c0:
56:15:85:ca:d0:4b:f7:01:0b:ff:a1:82:c0:10:a0:
58:76:fb:f7:7b:98:28:1c:a6:5e:0d:1f:0c:30:d7:
25:f8:40:2b:6f:21:42:aa:1b:c7:54:dc:ba:54:c6:
95:92:58:8a:29:ad:90:77:5d:5f:6e:2a:1d:d6:d7:
d7:8c:be:ed:23:eb:e3:c0:72:38:20:ab:09:11:c9:
d2:bc:e1:2b:05:0b:16:1f:4b:81:58:00:ed:6e:32:
d3:43:07:cf:00:14:1f:14:43:d5:bf:3f:d9:3f:73:
6f:3c:53:b6:29:c0:64:37:d9:b8:51:1f:6e:a1:61:
6d:dd:d2:8f:ea:93:74:12:83:92:ad:15:2f:3c:9d:
8d:3d:0b:66:04:b3:06:42:7c:ca:4a:a8:b6:e6:fd:
be:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:1B:95:4B:83:3F:F1:6B:66:06:D3:16:EA:86:6F:89:35:5F:6A:01
X509v3 Authority Key Identifier:
keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/zhuVS4M_8WtmBtMW6oZviTVfagE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.156.0/22
Signature Algorithm: sha256WithRSAEncryption
44:21:97:cc:ff:db:e2:a7:4d:a7:00:48:f9:31:df:33:f2:e2:
07:65:a7:fa:dc:7b:de:45:a9:4a:2a:ec:27:aa:ce:9b:66:72:
1e:58:e0:7e:10:55:19:db:b5:40:6c:64:fe:ce:b4:3d:8f:a7:
c1:46:b1:f1:43:0f:ab:5f:4e:76:0c:2a:42:7d:91:ce:ba:22:
de:45:54:80:9e:89:0d:9a:f3:0f:fd:2f:15:74:2b:b3:cb:46:
e4:85:87:e5:9e:3b:32:24:b8:35:17:82:bb:04:95:4a:cf:d4:
e6:1e:80:4b:99:b9:8d:7b:5d:54:0b:a5:1a:4f:1f:8a:a8:ab:
d5:02:32:fb:2c:45:f9:44:b2:a0:4b:f7:94:87:e3:70:da:3b:
e0:e0:bd:1d:99:5d:12:87:9f:38:18:b6:af:7e:43:5a:46:15:
15:cd:73:a4:bf:d2:7b:b7:b5:f4:a5:d4:38:ba:ed:b2:43:a2:
f6:3e:8c:62:e3:e8:d0:43:01:10:5a:96:5f:6b:be:91:74:14:
79:7f:7e:28:72:14:a2:5a:7d:fe:39:9c:05:1e:c5:1b:1b:ce:
f2:33:f4:00:10:7b:e4:df:3c:cd:c5:cb:f9:ee:91:b1:2d:a2:
50:f2:cf:ca:0a:49:ac:94:ed:3d:0a:86:f9:a6:8e:7b:49:5b:
69:bb:35:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlXA7wWK9dsqrkRy03HZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy
ZTk5YzEwHhcNMjMwMTAyMDgyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTFiOTU0YjgzM2ZmMTZiNjYwNmQzMTZlYTg2NmY4OTM1NWY2YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtToH/nAIr+yCrEaWDQyoiGkKD0S
abboDdGzoSZKqKzIwG2U49hnw1dzoX7rVW4j0xQpB6RBpNKuRY7A2p4PATnq5fP6
cqJwb82TDoKIaXWFBvTWNQ6UMqX7cGwggmVAyln0ivu0hsBWFYXK0Ev3AQv/oYLA
EKBYdvv3e5goHKZeDR8MMNcl+EArbyFCqhvHVNy6VMaVkliKKa2Qd11fbiod1tfX
jL7tI+vjwHI4IKsJEcnSvOErBQsWH0uBWADtbjLTQwfPABQfFEPVvz/ZP3NvPFO2
KcBkN9m4UR9uoWFt3dKP6pN0EoOSrRUvPJ2NPQtmBLMGQnzKSqi25v2+6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4blUuDP/FrZgbTFuqGb4k1X2oBMB8GA1UdIwQY
MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt
NGJlNzk0ZDY0MDZkLzEvemh1VlM0TV84V3RtQnRNVzZvWnZpVFZmYWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMtNGJlNzk0ZDY0MDZk
LzEvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZicMA0G
CSqGSIb3DQEBCwUAA4IBAQBEIZfM/9vip02nAEj5Md8z8uIHZaf63HveRalKKuwn
qs6bZnIeWOB+EFUZ27VAbGT+zrQ9j6fBRrHxQw+rX052DCpCfZHOuiLeRVSAnokN
mvMP/S8VdCuzy0bkhYflnjsyJLg1F4K7BJVKz9TmHoBLmbmNe11UC6UaTx+KqKvV
AjL7LEX5RLKgS/eUh+Nw2jvg4L0dmV0Sh584GLavfkNaRhUVzXOkv9J7t7X0pdQ4
uu2yQ6L2Poxi4+jQQwEQWpZfa76RdBR5f34ochSiWn3+OZwFHsUbG87yM/QAEHvk
3zzNxcv57pGxLaJQ8s/KCkmslO09Cob5po57SVtpuzWE
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:28 2025 by rpki-client