Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/fzEaVxRVcFW4NJwvKoOSyhxNp3w.roa
File: fzEaVxRVcFW4NJwvKoOSyhxNp3w.roa (raw, json)
Hash identifier: 28z1BrJiRscx6P7tyYGZ5H4JTFyjghvscC2jQX4XD1k=
Subject key identifier: 7F:31:1A:57:14:55:70:55:B8:34:9C:2F:2A:83:92:CA:1C:4D:A7:7C
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01856C65ECBD256C96524E9BB68DCD3ADAA5
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/fzEaVxRVcFW4NJwvKoOSyhxNp3w.roa
Signing time: Sun 01 Jan 2023 08:14:57 +0000
ROA not before: Sun 01 Jan 2023 08:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25436
IP address blocks: 188.68.7.0/24 maxlen: 24
95.85.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ec:bd:25:6c:96:52:4e:9b:b6:8d:cd:3a:da:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 08:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f311a5714557055b8349c2f2a8392ca1c4da77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5f:a4:79:e3:23:7f:43:ad:df:39:2f:48:32:
3b:a8:71:2a:8c:5c:3a:7e:50:a6:c1:f3:a7:93:39:
06:a0:a7:9f:83:8c:61:e6:f6:1f:84:53:95:b4:22:
2e:ec:54:24:0e:82:e5:42:ce:f5:77:2e:91:2e:54:
a5:17:46:51:1a:f3:05:a2:db:29:d1:64:55:21:b8:
66:3e:19:0e:52:90:78:2d:88:af:06:9a:7d:5a:eb:
49:b6:0c:75:f3:b5:cd:d0:90:8b:96:61:af:b5:df:
62:b4:be:b2:c3:ef:a8:1c:b2:96:9a:f1:7a:98:74:
6d:f1:75:f7:31:86:07:3a:fa:8d:18:98:12:eb:64:
38:8c:e9:b4:cf:26:97:e2:73:50:80:aa:20:3a:0d:
f9:4d:48:de:f5:49:d9:e7:27:96:d7:0a:d4:da:61:
bb:96:c0:9c:40:05:0c:27:1e:e7:11:31:ec:99:63:
fe:ff:bd:e8:b1:02:0b:89:52:53:f3:b1:d8:b3:37:
10:7b:d2:28:ae:62:2e:3c:74:07:d5:2a:df:03:e2:
0e:7c:47:39:25:8e:ee:06:85:0c:7b:12:dd:df:32:
5b:cf:37:9f:fd:dc:37:27:28:67:64:3c:46:2e:60:
52:b6:2d:88:d1:fc:27:94:72:e2:c4:21:40:6b:34:
52:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:31:1A:57:14:55:70:55:B8:34:9C:2F:2A:83:92:CA:1C:4D:A7:7C
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/fzEaVxRVcFW4NJwvKoOSyhxNp3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.82.0/24
188.68.7.0/24
Signature Algorithm: sha256WithRSAEncryption
89:2d:17:4c:e4:09:9b:ca:82:b1:48:84:b0:47:b2:59:34:56:
46:a7:72:0a:d2:b9:ba:5c:61:9f:de:45:dd:8c:67:9b:02:31:
67:83:46:60:1d:dd:23:8c:48:f6:98:e3:2c:28:65:11:29:4b:
a2:68:a1:e7:c4:c9:81:41:80:28:25:3c:c2:df:8b:46:1e:aa:
bd:9f:ba:90:28:72:3c:86:fa:fc:3c:17:1b:c2:e3:29:09:e7:
8a:c3:c2:b1:48:b8:16:14:7b:a1:59:11:5d:2f:08:c9:c9:32:
69:1a:3c:96:ed:17:01:fa:7a:ca:05:f7:b2:2d:31:fe:57:b4:
16:90:43:49:ce:c8:41:bb:a2:41:b1:ae:90:a0:ed:27:6b:54:
39:f0:08:a2:ce:7b:2d:2e:8e:39:fe:a6:c2:23:37:6a:df:5d:
dc:86:ac:ef:f4:bb:43:e3:81:60:04:9f:0f:b0:1b:f8:cc:dd:
fe:e6:a7:34:36:c4:53:49:3f:2a:ff:8b:d7:3e:db:6d:28:70:
0f:55:1c:1c:68:db:9d:a0:e7:2c:6e:51:15:e8:69:8b:9e:a2:
88:78:37:c1:9d:ae:9d:d0:e4:53:1e:de:8d:8e:a9:8f:95:1e:
0b:91:8f:26:54:77:07:b3:23:7c:aa:90:a4:f8:b9:25:7c:c9:
32:b0:45:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZey9JWyWUk6bto3NOtqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwMTAxMDgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjMxMWE1NzE0NTU3MDU1YjgzNDljMmYyYTgzOTJjYTFjNGRhNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF+keeMjf0Ot3zkvSDI7qHEqjFw6
flCmwfOnkzkGoKefg4xh5vYfhFOVtCIu7FQkDoLlQs71dy6RLlSlF0ZRGvMFotsp
0WRVIbhmPhkOUpB4LYivBpp9WutJtgx187XN0JCLlmGvtd9itL6yw++oHLKWmvF6
mHRt8XX3MYYHOvqNGJgS62Q4jOm0zyaX4nNQgKogOg35TUje9UnZ5yeW1wrU2mG7
lsCcQAUMJx7nETHsmWP+/73osQILiVJT87HYszcQe9IormIuPHQH1SrfA+IOfEc5
JY7uBoUMexLd3zJbzzef/dw3JyhnZDxGLmBSti2I0fwnlHLixCFAazRSzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH8xGlcUVXBVuDScLyqDksocTad8MB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvZnpFYVZ4UlZjRlc0Tkp3dktvT1N5aHhOcDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX1VSAwQA
vEQHMA0GCSqGSIb3DQEBCwUAA4IBAQCJLRdM5AmbyoKxSISwR7JZNFZGp3IK0rm6
XGGf3kXdjGebAjFng0ZgHd0jjEj2mOMsKGURKUuiaKHnxMmBQYAoJTzC34tGHqq9
n7qQKHI8hvr8PBcbwuMpCeeKw8KxSLgWFHuhWRFdLwjJyTJpGjyW7RcB+nrKBfey
LTH+V7QWkENJzshBu6JBsa6QoO0na1Q58AiiznstLo45/qbCIzdq313chqzv9LtD
44FgBJ8PsBv4zN3+5qc0NsRTST8q/4vXPtttKHAPVRwcaNudoOcsblEV6GmLnqKI
eDfBna6d0ORTHt6NjqmPlR4LkY8mVHcHsyN8qpCk+LklfMkysEVh
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:33:29 2025 by rpki-client