Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ZNcagFdb-RcUhLcemKCgd0rSH3k.roa
File: ZNcagFdb-RcUhLcemKCgd0rSH3k.roa (raw, json)
Hash identifier: Ap6QpUrvmtYxQcAuSicV65o/M0a0ARWbX12fqu50Opg=
Subject key identifier: 64:D7:1A:80:57:5B:F9:17:14:84:B7:1E:98:A0:A0:77:4A:D2:1F:79
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 018571D790ABB009AA3281EC8DE4C229CDBD
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ZNcagFdb-RcUhLcemKCgd0rSH3k.roa
Signing time: Mon 02 Jan 2023 09:37:10 +0000
ROA not before: Mon 02 Jan 2023 09:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205964
IP address blocks: 185.170.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:90:ab:b0:09:aa:32:81:ec:8d:e4:c2:29:cd:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Jan 2 09:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d71a80575bf9171484b71e98a0a0774ad21f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:21:25:83:8a:ec:ab:23:d5:2d:28:05:3d:37:
fc:15:de:63:08:c0:5c:5c:74:c2:cd:dc:be:98:5a:
f7:52:67:93:4e:33:95:cf:92:f1:01:29:00:3d:65:
84:a3:b1:84:57:21:31:77:1e:b7:fa:53:1c:93:af:
38:4a:9c:84:11:6d:90:ef:9d:86:4d:5e:f1:9e:7e:
1a:8a:bb:55:70:03:00:a0:a7:50:1f:39:c1:0c:a9:
a2:b8:4a:59:74:0c:12:5a:c8:aa:4e:52:f8:0f:8d:
45:24:87:bf:e2:0d:1f:50:ab:71:64:37:2c:6d:a6:
81:a1:7b:74:14:a0:89:2f:2e:8e:26:f2:55:9c:92:
51:17:9f:1f:e2:e8:aa:e8:59:21:47:4b:b4:ab:0c:
4c:92:06:c9:8f:8f:da:c6:8a:10:f9:5d:b4:e0:d2:
32:a9:3d:29:8a:b1:76:57:3c:a9:1d:a6:af:89:d3:
2b:65:fe:fb:9f:1b:cb:bc:95:8c:14:73:cd:7d:13:
3f:ef:3b:c2:c4:a1:60:60:b9:93:81:fe:18:2d:a8:
f9:db:2a:84:78:8a:59:f9:e9:de:4e:c9:c2:4c:ad:
05:61:5b:87:20:d0:01:25:40:ff:4b:bc:ec:5d:46:
78:f5:62:1a:b1:fd:44:4f:fc:45:41:61:79:bf:d9:
e1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D7:1A:80:57:5B:F9:17:14:84:B7:1E:98:A0:A0:77:4A:D2:1F:79
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ZNcagFdb-RcUhLcemKCgd0rSH3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.252.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:6b:37:b0:5b:22:9d:8c:53:84:90:4b:7f:ca:b0:ac:b1:cf:
8c:02:b6:0e:0a:60:e6:a7:46:90:61:4f:c2:e8:aa:fd:2d:94:
bd:5c:1c:9e:d2:24:d6:41:09:b7:98:0d:8d:f5:6a:16:c4:f0:
ad:55:5d:11:cf:7f:7f:2f:bf:85:81:3c:45:89:c8:bc:6a:cc:
c8:41:f6:34:ea:af:2b:78:9e:d0:7b:cb:a5:98:9f:bf:b0:d3:
ad:ab:77:71:39:c6:24:bb:5c:83:a0:bd:92:d6:ba:54:d1:32:
cb:bb:54:5f:77:3d:25:8a:15:cc:5e:29:1e:c6:de:3f:bb:0b:
ce:e6:d7:37:01:db:e0:27:45:76:53:4a:b3:1c:ac:a7:50:a7:
3f:aa:a4:0a:61:cd:a9:4c:df:b9:0b:57:b7:e3:ad:4e:0d:04:
7d:e8:8a:c3:9f:c9:4c:35:e4:b5:bb:fb:4f:5d:09:b8:87:be:
58:e0:31:b2:e8:2e:bf:db:24:53:69:98:f3:18:b7:5d:56:2a:
c8:1a:d1:53:ec:fb:46:73:66:6e:35:97:7d:d4:4d:e2:d3:60:
75:d4:46:e7:36:73:03:83:92:5f:4a:a0:77:24:9b:3f:10:a8:
99:26:c2:3b:47:dd:74:b0:86:b6:c6:d9:d9:27:3b:bb:16:a6:
5b:5c:f1:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx15CrsAmqMoHsjeTCKc29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQ3MWE4MDU3NWJmOTE3MTQ4NGI3MWU5OGEwYTA3NzRhZDIxZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyElg4rsqyPVLSgFPTf8Fd5jCMBc
XHTCzdy+mFr3UmeTTjOVz5LxASkAPWWEo7GEVyExdx63+lMck684SpyEEW2Q752G
TV7xnn4airtVcAMAoKdQHznBDKmiuEpZdAwSWsiqTlL4D41FJIe/4g0fUKtxZDcs
baaBoXt0FKCJLy6OJvJVnJJRF58f4uiq6FkhR0u0qwxMkgbJj4/axooQ+V204NIy
qT0pirF2VzypHaavidMrZf77nxvLvJWMFHPNfRM/7zvCxKFgYLmTgf4YLaj52yqE
eIpZ+eneTsnCTK0FYVuHINABJUD/S7zsXUZ49WIasf1ET/xFQWF5v9nhawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTXGoBXW/kXFIS3HpigoHdK0h95MB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvWk5jYWdGZGItUmNVaExjZW1LQ2dkMHJTSDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuar8MA0G
CSqGSIb3DQEBCwUAA4IBAQBMazewWyKdjFOEkEt/yrCssc+MArYOCmDmp0aQYU/C
6Kr9LZS9XBye0iTWQQm3mA2N9WoWxPCtVV0Rz39/L7+FgTxFici8aszIQfY06q8r
eJ7Qe8ulmJ+/sNOtq3dxOcYku1yDoL2S1rpU0TLLu1Rfdz0lihXMXikext4/uwvO
5tc3AdvgJ0V2U0qzHKynUKc/qqQKYc2pTN+5C1e3461ODQR96IrDn8lMNeS1u/tP
XQm4h75Y4DGy6C6/2yRTaZjzGLddVirIGtFT7PtGc2ZuNZd91E3i02B11EbnNnMD
g5JfSqB3JJs/EKiZJsI7R910sIa2xtnZJzu7FqZbXPGZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:46 2025 by rpki-client