Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ZH8xXC6i_dBm-PQ5My9KfXoCt7M.roa
File: ZH8xXC6i_dBm-PQ5My9KfXoCt7M.roa (raw, json)
Hash identifier: Nc5xgoYXJd/Qopnej7JsgViAbPboLozqAev6PuUKkwo=
Subject key identifier: 64:7F:31:5C:2E:A2:FD:D0:66:F8:F4:39:33:2F:4A:7D:7A:02:B7:B3
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01856C65FA98BDEC2B3F81B4B24757E0F138
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ZH8xXC6i_dBm-PQ5My9KfXoCt7M.roa
Signing time: Sun 01 Jan 2023 08:15:00 +0000
ROA not before: Sun 01 Jan 2023 08:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212494
IP address blocks: 128.127.146.0/24 maxlen: 24
128.127.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:fa:98:bd:ec:2b:3f:81:b4:b2:47:57:e0:f1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 08:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=647f315c2ea2fdd066f8f439332f4a7d7a02b7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:75:f8:f2:1b:84:0b:5a:5f:41:fb:ed:db:60:
81:b1:27:d9:05:50:ef:17:1a:22:bd:41:61:5a:75:
5a:a9:1d:94:8f:cf:2c:95:cd:cf:4d:44:37:be:38:
5d:35:0d:3d:54:d7:a8:ef:2b:23:6a:e3:da:8a:bd:
d1:f8:41:d5:5b:7b:86:e5:dc:00:d1:a4:c1:79:b8:
7b:bf:61:e3:66:bc:fa:4e:35:56:66:3e:87:8f:20:
6e:0a:cb:29:49:e4:6c:0f:04:39:87:c1:06:00:27:
02:af:19:d9:47:0b:fd:40:27:39:2d:1e:68:68:67:
07:69:18:e2:34:29:be:1e:1a:63:b0:04:1d:74:2b:
c7:2b:b1:76:2a:c6:4b:25:c9:3d:74:c7:a2:5a:24:
e5:11:05:3a:66:81:ef:2e:23:a2:b9:61:44:4f:38:
38:be:2a:48:79:13:41:d3:cb:66:6c:88:d5:2c:d3:
de:a7:98:1d:1e:f6:76:7c:8a:db:82:34:8f:7f:a2:
63:f2:18:d4:da:7c:82:e8:ae:0b:48:39:1d:fc:f6:
ac:d3:f2:64:e4:7e:b4:38:ca:22:38:58:48:73:20:
6c:8b:39:bc:eb:73:e0:e6:bc:bb:ae:ae:3b:c6:85:
a1:2d:27:70:ba:6c:24:da:96:a6:d1:01:90:6b:56:
6d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:7F:31:5C:2E:A2:FD:D0:66:F8:F4:39:33:2F:4A:7D:7A:02:B7:B3
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ZH8xXC6i_dBm-PQ5My9KfXoCt7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.146.0/23
Signature Algorithm: sha256WithRSAEncryption
14:f4:45:b4:0e:f3:7a:4b:84:24:dc:80:17:ec:21:e9:93:40:
cc:03:5b:de:f1:c7:71:f8:5d:6f:1b:42:a7:40:df:c2:96:8a:
9d:36:8a:f1:e4:71:76:dd:3b:f6:99:a3:5f:9f:44:c8:e5:bb:
be:bb:e7:cc:82:49:84:6e:b1:ad:7f:10:47:23:fa:d5:92:0e:
98:89:a3:ea:27:15:a0:0b:94:68:6b:66:18:47:04:34:92:2f:
ff:93:b8:3a:a5:bb:71:0b:95:73:54:69:2b:d5:ce:92:1f:dd:
e4:98:29:6e:b6:96:bd:8b:52:76:9e:3a:f9:ad:3a:62:46:4f:
88:f9:7f:45:0b:90:33:75:e9:54:5a:c7:f9:e7:e3:cc:4d:cf:
21:20:f2:ce:fb:1b:78:27:79:b8:ac:58:02:02:7a:2d:17:3e:
47:af:60:b7:29:c6:1a:5a:7a:da:93:c4:15:33:d7:4e:5b:08:
68:7a:fe:36:ec:87:ec:5a:11:41:bb:e3:c1:fc:01:59:18:54:
f7:84:7b:7c:f1:16:ac:e3:0f:d1:e6:19:de:90:88:df:b9:ab:
dd:37:79:56:62:40:c3:0e:e4:5e:83:2f:ad:57:c8:69:9d:c9:
b7:8d:bf:9c:26:5c:88:d0:cc:0a:5e:3f:c5:c1:39:81:ae:80:
33:5b:02:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZfqYvewrP4G0skdX4PE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwMTAxMDgxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDdmMzE1YzJlYTJmZGQwNjZmOGY0MzkzMzJmNGE3ZDdhMDJiN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnX48huEC1pfQfvt22CBsSfZBVDv
FxoivUFhWnVaqR2Uj88slc3PTUQ3vjhdNQ09VNeo7ysjauPair3R+EHVW3uG5dwA
0aTBebh7v2HjZrz6TjVWZj6HjyBuCsspSeRsDwQ5h8EGACcCrxnZRwv9QCc5LR5o
aGcHaRjiNCm+HhpjsAQddCvHK7F2KsZLJck9dMeiWiTlEQU6ZoHvLiOiuWFETzg4
vipIeRNB08tmbIjVLNPep5gdHvZ2fIrbgjSPf6Jj8hjU2nyC6K4LSDkd/Pas0/Jk
5H60OMoiOFhIcyBsizm863Pg5ry7rq47xoWhLSdwumwk2pam0QGQa1ZtlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGR/MVwuov3QZvj0OTMvSn16ArezMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvWkg4eFhDNmlfZEJtLVBRNU15OUtmWG9DdDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBgH+SMA0G
CSqGSIb3DQEBCwUAA4IBAQAU9EW0DvN6S4Qk3IAX7CHpk0DMA1ve8cdx+F1vG0Kn
QN/CloqdNorx5HF23Tv2maNfn0TI5bu+u+fMgkmEbrGtfxBHI/rVkg6YiaPqJxWg
C5Roa2YYRwQ0ki//k7g6pbtxC5VzVGkr1c6SH93kmClutpa9i1J2njr5rTpiRk+I
+X9FC5AzdelUWsf55+PMTc8hIPLO+xt4J3m4rFgCAnotFz5Hr2C3KcYaWnrak8QV
M9dOWwhoev427IfsWhFBu+PB/AFZGFT3hHt88Ras4w/R5hnekIjfuavdN3lWYkDD
DuRegy+tV8hpncm3jb+cJlyI0MwKXj/FwTmBroAzWwLL
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:33:44 2025 by rpki-client