Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZA1OuAAzjEoDi2LQafy8hcSbJeU.roa
File: ZA1OuAAzjEoDi2LQafy8hcSbJeU.roa (raw, json)
Hash identifier: 19L6/a+1/CeooHPSLNL7RrFPMMcQuRh5w60vmJtQpWA=
Subject key identifier: 64:0D:4E:B8:00:33:8C:4A:03:8B:62:D0:69:FC:BC:85:C4:9B:25:E5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570950856346F0379C4D8F030D27418D3
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZA1OuAAzjEoDi2LQafy8hcSbJeU.roa
Signing time: Mon 02 Jan 2023 03:44:53 +0000
ROA not before: Mon 02 Jan 2023 03:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12722
IP address blocks: 146.120.110.0/24 maxlen: 24
95.47.161.0/24 maxlen: 24
93.170.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:08:56:34:6f:03:79:c4:d8:f0:30:d2:74:18:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=640d4eb800338c4a038b62d069fcbc85c49b25e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:f9:60:c0:78:ea:d3:fb:9f:a4:64:c7:a0:
24:a5:33:e3:a7:45:fa:96:48:e3:db:a3:d9:6e:46:
b8:15:31:ba:b7:69:a6:37:c0:e1:9b:17:a3:47:3b:
a2:fe:bd:f6:1e:f2:09:53:7b:22:59:ba:ce:27:a6:
6e:0d:b7:ea:76:95:0d:cd:44:c1:14:7a:4f:d9:ac:
7a:7f:64:98:8a:69:4c:37:0d:59:3f:da:61:8c:fb:
75:64:c2:b7:dc:05:a0:25:36:f4:7c:bd:05:99:ac:
0d:42:6b:dd:fa:1b:69:73:20:19:cf:b2:8f:b4:a2:
08:22:9c:cd:f7:4f:6e:e9:96:61:13:05:83:c5:00:
50:22:a9:61:7a:36:ba:f4:86:06:2a:22:bf:9a:50:
88:2f:05:1a:4a:28:b4:86:7b:69:95:06:80:fa:fc:
e2:5c:a5:7e:51:e0:13:83:1c:b0:c6:a4:16:e7:db:
05:ff:3f:6a:4c:0b:ff:8b:f5:ba:96:61:39:20:58:
2f:f6:5d:f8:8e:69:75:6d:3b:22:cf:4d:ba:d3:08:
43:78:b3:c5:8d:6e:c6:63:53:2b:cb:db:69:bb:95:
e1:92:84:c6:49:63:02:4a:b4:3e:d2:51:52:c3:84:
50:9a:cf:2b:cf:92:4c:e1:d3:a7:54:be:92:d6:9c:
86:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0D:4E:B8:00:33:8C:4A:03:8B:62:D0:69:FC:BC:85:C4:9B:25:E5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZA1OuAAzjEoDi2LQafy8hcSbJeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.76.0/24
95.47.161.0/24
146.120.110.0/24
Signature Algorithm: sha256WithRSAEncryption
12:05:e3:90:06:94:67:96:1c:5a:96:e1:f7:f8:19:25:69:0e:
d6:d8:ae:93:ac:84:5d:1c:63:dc:13:6a:d8:62:36:f9:73:92:
ca:90:79:73:de:c4:c4:db:22:6a:40:b3:b8:be:9b:13:65:ef:
5a:43:7b:b1:03:21:48:29:ba:fb:72:b3:0f:7c:05:83:03:79:
65:2e:75:6a:d4:59:38:f9:ac:d0:83:6d:ec:63:41:2f:f8:61:
20:c6:1f:69:bd:26:cc:8a:f2:9f:48:84:6a:7d:f4:72:78:d6:
77:28:30:10:0e:e7:ee:31:7a:3e:9b:34:f0:3b:35:12:bd:98:
b4:43:3d:94:96:c0:f5:58:d1:80:c3:c1:10:2c:e8:cc:8c:96:
5a:65:2b:85:44:78:32:58:18:e3:5f:1e:7c:31:49:22:7a:86:
8b:8f:61:c6:68:42:3d:cb:e9:81:35:89:1b:44:d6:57:06:43:
5e:17:8b:66:56:44:9e:ad:a2:7e:c4:d8:a5:ed:43:20:99:94:
d4:f9:a0:e8:a8:0a:3d:0e:7d:4a:77:45:d5:16:b1:4d:a2:4f:
1f:bc:cf:9f:d3:67:16:d4:df:75:08:b6:b7:a0:e9:8f:91:83:
a8:e3:a4:c2:54:44:13:c0:3a:5c:65:27:3e:89:6e:7b:e8:46:
3a:fa:4b:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlQhWNG8DecTY8DDSdBjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDBkNGViODAwMzM4YzRhMDM4YjYyZDA2OWZjYmM4NWM0OWIyNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYT5YMB46tP7n6Rkx6AkpTPjp0X6
lkjj26PZbka4FTG6t2mmN8DhmxejRzui/r32HvIJU3siWbrOJ6ZuDbfqdpUNzUTB
FHpP2ax6f2SYimlMNw1ZP9phjPt1ZMK33AWgJTb0fL0FmawNQmvd+htpcyAZz7KP
tKIIIpzN909u6ZZhEwWDxQBQIqlheja69IYGKiK/mlCILwUaSii0hntplQaA+vzi
XKV+UeATgxywxqQW59sF/z9qTAv/i/W6lmE5IFgv9l34jml1bTsiz0260whDeLPF
jW7GY1Mry9tpu5XhkoTGSWMCSrQ+0lFSw4RQms8rz5JM4dOnVL6S1pyGiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGQNTrgAM4xKA4ti0Gn8vIXEmyXlMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWkExT3VBQXpqRW9EaTJMUWFmeThoY1NiSmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXapMAwQA
Xy+hAwQAknhuMA0GCSqGSIb3DQEBCwUAA4IBAQASBeOQBpRnlhxaluH3+BklaQ7W
2K6TrIRdHGPcE2rYYjb5c5LKkHlz3sTE2yJqQLO4vpsTZe9aQ3uxAyFIKbr7crMP
fAWDA3llLnVq1Fk4+azQg23sY0Ev+GEgxh9pvSbMivKfSIRqffRyeNZ3KDAQDufu
MXo+mzTwOzUSvZi0Qz2UlsD1WNGAw8EQLOjMjJZaZSuFRHgyWBjjXx58MUkieoaL
j2HGaEI9y+mBNYkbRNZXBkNeF4tmVkSeraJ+xNil7UMgmZTU+aDoqAo9Dn1Kd0XV
FrFNok8fvM+f02cW1N91CLa3oOmPkYOo46TCVEQTwDpcZSc+iW576EY6+ks9
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:04 2025 by rpki-client