Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/zXBhwWLvSUUZYEZcgIEQCrA4m24.roa
File: zXBhwWLvSUUZYEZcgIEQCrA4m24.roa (raw, json)
Hash identifier: UI2RcjG6LjqJMcJJ3amU4NxTPIhe1dopgo4xSmq0lHw=
Subject key identifier: CD:70:61:C1:62:EF:49:45:19:60:46:5C:80:81:10:0A:B0:38:9B:6E
Certificate issuer: /CN=e08e907c0fe50891a76bd99b2908700a6ac62e38
Certificate serial: 01856B49FDDB3ABF5428A6361BACF94C9CB9
Authority key identifier: E0:8E:90:7C:0F:E5:08:91:A7:6B:D9:9B:29:08:70:0A:6A:C6:2E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4I6QfA_lCJGna9mbKQhwCmrGLjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/zXBhwWLvSUUZYEZcgIEQCrA4m24.roa
Signing time: Sun 01 Jan 2023 03:04:49 +0000
ROA not before: Sun 01 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31511
IP address blocks: 185.30.252.0/22 maxlen: 22
195.62.68.0/23 maxlen: 23
2a04:4720::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:49:fd:db:3a:bf:54:28:a6:36:1b:ac:f9:4c:9c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08e907c0fe50891a76bd99b2908700a6ac62e38
Validity
Not Before: Jan 1 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd7061c162ef49451960465c8081100ab0389b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:75:ad:7c:8d:e7:fe:57:30:de:ae:0c:03:c8:
a9:aa:40:1b:3b:4c:65:d2:98:c4:14:ed:c0:63:58:
b7:31:f4:fe:13:3a:46:b0:35:9e:e6:7a:31:22:d5:
bc:09:27:90:e2:7c:30:fd:20:3e:86:08:85:49:1b:
6f:04:10:37:3b:a9:52:38:56:99:a2:dd:8f:0d:01:
cc:5d:f8:09:9f:73:cb:1c:87:81:26:3f:2f:df:d1:
e2:d4:35:b2:e8:3f:b2:6e:02:47:ae:b7:46:45:64:
ad:2f:84:31:9f:b0:0e:7d:d6:69:97:72:a4:16:0a:
0e:4a:0f:c2:91:dc:f0:62:11:a3:fe:36:4c:b7:9f:
a7:26:55:5a:34:e1:73:44:ca:f8:ec:36:7a:9a:aa:
82:af:a0:5a:04:cb:a0:a5:cd:11:1a:a9:43:fe:05:
31:33:5f:1c:06:9a:28:5b:e9:e1:81:11:33:1a:f8:
e9:5d:eb:38:71:9f:a7:9b:eb:47:1a:65:58:a7:cd:
79:69:b7:41:91:54:5c:1b:6a:55:18:a3:33:f1:fc:
6b:53:56:01:20:cc:b5:d5:31:27:19:5b:e4:41:9a:
34:d6:fd:c9:b1:21:f0:6b:bd:c0:9d:6c:44:ae:99:
28:4a:0d:67:4f:ad:53:c5:6e:4d:5c:3e:a2:3e:25:
a9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:70:61:C1:62:EF:49:45:19:60:46:5C:80:81:10:0A:B0:38:9B:6E
X509v3 Authority Key Identifier:
keyid:E0:8E:90:7C:0F:E5:08:91:A7:6B:D9:9B:29:08:70:0A:6A:C6:2E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4I6QfA_lCJGna9mbKQhwCmrGLjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/zXBhwWLvSUUZYEZcgIEQCrA4m24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/4I6QfA_lCJGna9mbKQhwCmrGLjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.252.0/22
195.62.68.0/23
IPv6:
2a04:4720::/30
Signature Algorithm: sha256WithRSAEncryption
b7:19:1a:a5:8c:63:ba:76:42:31:5c:b3:72:81:18:2f:67:fe:
a9:c2:6d:25:7b:06:29:e3:63:f5:5f:c1:55:33:86:e5:e8:53:
d5:a6:f8:c3:28:db:99:08:0b:41:57:27:f0:5d:23:bc:5c:9d:
fa:00:a6:97:28:4f:9e:e3:b2:63:dc:d8:ee:e7:0c:c1:a7:de:
d3:6f:cb:d7:46:45:c1:f5:f8:b9:71:19:a3:43:62:f3:38:1c:
28:59:a4:ce:61:28:7a:39:c6:52:f3:4c:72:96:75:ab:01:21:
fa:d6:68:53:36:56:08:23:ad:a3:ec:c6:f9:51:7a:35:76:22:
8a:38:c0:60:79:53:30:87:ec:7c:de:4a:3c:c2:97:e9:6e:1a:
29:a6:87:b5:66:80:1e:0b:a2:ed:bb:c1:b7:e4:09:27:09:61:
a9:fe:03:7d:b3:5b:5e:7c:57:d8:d0:c0:62:b6:45:98:25:10:
fd:b2:90:0a:1b:09:05:21:bd:3f:1f:d4:a4:a5:6d:0e:8d:c0:
73:7c:d7:4f:10:03:6d:13:98:98:67:76:db:b8:3a:b9:cd:e2:
ae:db:fd:fa:a5:f9:38:8b:cc:0e:97:58:dd:7b:69:e5:ce:09:
7a:f6:24:94:95:80:2f:00:ac:78:eb:21:4c:2d:71:c6:33:56:
ed:d8:45:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrSf3bOr9UKKY2G6z5TJy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOGU5MDdjMGZlNTA4OTFhNzZiZDk5YjI5MDg3MDBhNmFj
NjJlMzgwHhcNMjMwMTAxMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDcwNjFjMTYyZWY0OTQ1MTk2MDQ2NWM4MDgxMTAwYWIwMzg5YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHWtfI3n/lcw3q4MA8ipqkAbO0xl
0pjEFO3AY1i3MfT+EzpGsDWe5noxItW8CSeQ4nww/SA+hgiFSRtvBBA3O6lSOFaZ
ot2PDQHMXfgJn3PLHIeBJj8v39Hi1DWy6D+ybgJHrrdGRWStL4Qxn7AOfdZpl3Kk
FgoOSg/CkdzwYhGj/jZMt5+nJlVaNOFzRMr47DZ6mqqCr6BaBMugpc0RGqlD/gUx
M18cBpooW+nhgREzGvjpXes4cZ+nm+tHGmVYp815abdBkVRcG2pVGKMz8fxrU1YB
IMy11TEnGVvkQZo01v3JsSHwa73AnWxErpkoSg1nT61TxW5NXD6iPiWpuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM1wYcFi70lFGWBGXICBEAqwOJtuMB8GA1UdIwQY
MBaAFOCOkHwP5QiRp2vZmykIcApqxi44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEk2UWZBX2xDSkduYTltYktRaHdDbXJHTGpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMjhlMjctZDA1Yi00NzhhLTliMGIt
ZGI5Nzg5MmE1MWZkLzEvelhCaHdXTHZTVVVaWUVaY2dJRVFDckE0bTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jMjhlMjctZDA1Yi00NzhhLTliMGItZGI5Nzg5MmE1MWZk
LzEvNEk2UWZBX2xDSkduYTltYktRaHdDbXJHTGpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuR78AwQB
wz5EMA0EAgACMAcDBQIqBEcgMA0GCSqGSIb3DQEBCwUAA4IBAQC3GRqljGO6dkIx
XLNygRgvZ/6pwm0lewYp42P1X8FVM4bl6FPVpvjDKNuZCAtBVyfwXSO8XJ36AKaX
KE+e47Jj3Nju5wzBp97Tb8vXRkXB9fi5cRmjQ2LzOBwoWaTOYSh6OcZS80xylnWr
ASH61mhTNlYII62j7Mb5UXo1diKKOMBgeVMwh+x83ko8wpfpbhoppoe1ZoAeC6Lt
u8G35AknCWGp/gN9s1tefFfY0MBitkWYJRD9spAKGwkFIb0/H9SkpW0OjcBzfNdP
EANtE5iYZ3bbuDq5zeKu2/36pfk4i8wOl1jde2nlzgl69iSUlYAvAKx46yFMLXHG
M1bt2EXj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:21 2025 by rpki-client