Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/ZsnO9XFf9lHV_EcoNX2BQS9iFTg.roa
File: ZsnO9XFf9lHV_EcoNX2BQS9iFTg.roa (raw, json)
Hash identifier: s9olRFgh+6SJ+9ds6PoebhDDlPfemzUv7oZ53uSYekg=
Subject key identifier: 66:C9:CE:F5:71:5F:F6:51:D5:FC:47:28:35:7D:81:41:2F:62:15:38
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 44D4CB57
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/ZsnO9XFf9lHV_EcoNX2BQS9iFTg.roa
Signing time: Sat 01 Jan 2022 00:51:00 +0000
ROA not before: Sat 01 Jan 2022 00:51:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 159.100.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1154796375 (0x44d4cb57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 1 00:51:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66c9cef5715ff651d5fc4728357d81412f621538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:95:97:79:91:c5:84:f5:5c:db:4f:8b:33:f6:
68:b9:c4:bc:96:3d:db:11:16:42:96:e1:bb:c7:cb:
c5:84:5b:92:56:41:51:47:d6:85:f5:0f:f8:e4:01:
95:ec:4c:b9:b1:c8:d6:6e:2e:7a:a1:6f:32:1a:b8:
88:cf:2b:c5:e3:6c:64:84:02:6f:c5:1b:fb:6e:dd:
7e:d4:38:dc:87:9d:c0:f8:f8:26:74:1a:bb:9f:6e:
65:e5:39:78:59:73:39:5f:ca:d4:c4:5c:9c:78:17:
aa:a4:24:39:33:b3:43:5e:2c:ee:be:56:ba:11:3c:
69:7a:43:44:ad:6f:46:99:6c:45:60:ca:98:0a:00:
d6:94:e5:43:7f:e7:cd:8c:51:5d:0c:aa:9c:55:7d:
d9:c8:42:f5:52:de:b4:07:e7:75:16:20:30:29:15:
4f:b9:8b:1a:88:eb:aa:b8:e1:b6:26:30:2e:62:8f:
38:73:b5:f5:bb:d4:11:7b:f9:db:c5:ec:16:61:d3:
2a:39:42:28:61:43:98:d7:72:a1:b8:da:80:79:48:
b8:b2:c8:20:1f:76:4a:c1:e6:b9:3d:96:97:c2:00:
5e:26:0f:ed:fe:94:7c:16:0f:ab:22:d3:fc:5d:6b:
90:d7:62:21:7e:4d:e4:ca:13:50:ea:15:88:55:0c:
01:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C9:CE:F5:71:5F:F6:51:D5:FC:47:28:35:7D:81:41:2F:62:15:38
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/ZsnO9XFf9lHV_EcoNX2BQS9iFTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.100.60.0/22
Signature Algorithm: sha256WithRSAEncryption
02:28:c1:7f:d1:77:67:73:bd:52:31:11:72:62:1b:6c:2c:fb:
74:48:a3:ef:e4:45:77:6a:53:0c:5c:ee:66:76:9d:5d:c8:a7:
5f:51:1c:f2:e3:fe:20:42:b0:a2:b7:0d:14:94:c3:bf:f2:db:
28:c2:3a:90:3d:a2:42:85:3d:f1:7b:04:78:0e:c7:50:7a:37:
e2:4e:f6:88:a4:5e:30:3f:ae:7f:0b:5b:3a:50:84:f2:2f:10:
47:0b:f9:2f:41:f6:58:1d:7a:d4:b0:f3:32:57:c2:a4:e5:a4:
c5:c6:76:ab:ae:50:90:1e:83:ed:7c:50:b2:62:88:d0:15:57:
02:6e:0b:43:90:f3:c6:f8:35:2f:bb:1c:ec:67:64:ac:77:7d:
df:d2:a0:64:1f:ab:2e:af:a0:7a:bc:8a:d2:3e:fb:2c:11:17:
40:ac:12:bf:2b:dd:45:20:f0:00:d7:db:f2:84:6e:7e:50:d4:
43:87:23:e7:88:4c:df:d7:9f:0c:d5:89:cf:0a:7f:18:41:ba:
47:2b:3b:18:4b:71:9b:7f:f1:b7:30:1d:49:28:90:b0:06:d4:
5d:11:95:7f:2e:d1:64:03:6e:27:a6:50:33:8f:00:5f:68:61:
f0:aa:fc:c2:e6:9e:9e:03:48:17:47:b1:3c:2e:b4:29:bd:23:
e1:55:e6:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIERNTLVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTBkYTllN2FmMDFkZTc1NDQ4ZjQ5MDZhYWM0MWJkMjk2NGU4ODQ3MB4XDTIyMDEw
MTAwNTEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZjOWNlZjU3MTVm
ZjY1MWQ1ZmM0NzI4MzU3ZDgxNDEyZjYyMTUzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKVl3mRxYT1XNtPizP2aLnEvJY92xEWQpbhu8fLxYRbklZB
UUfWhfUP+OQBlexMubHI1m4ueqFvMhq4iM8rxeNsZIQCb8Ub+27dftQ43IedwPj4
JnQau59uZeU5eFlzOV/K1MRcnHgXqqQkOTOzQ14s7r5WuhE8aXpDRK1vRplsRWDK
mAoA1pTlQ3/nzYxRXQyqnFV92chC9VLetAfndRYgMCkVT7mLGojrqrjhtiYwLmKP
OHO19bvUEXv528XsFmHTKjlCKGFDmNdyobjagHlIuLLIIB92SsHmuT2Wl8IAXiYP
7f6UfBYPqyLT/F1rkNdiIX5N5MoTUOoViFUMAQkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRmyc71cV/2UdX8Ryg1fYFBL2IVODAfBgNVHSMEGDAWgBQhDannrwHedUSP
SQaqxBvSlk6IRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lRMnA1NjhCM25WRWowa0dxc1FiMHBaT2lFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvZjI3ODIxLTRjY2YtNGQyZS04YjE1LTZlMTI3NzRmODUxZS8x
L1pzbk85WEZmOWxIVl9FY29OWDJCUVM5aUZUZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
ZjI3ODIxLTRjY2YtNGQyZS04YjE1LTZlMTI3NzRmODUxZS8xL0lRMnA1NjhCM25W
RWowa0dxc1FiMHBaT2lFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAp9kPDANBgkqhkiG9w0BAQsFAAOC
AQEAAijBf9F3Z3O9UjERcmIbbCz7dEij7+RFd2pTDFzuZnadXcinX1Ec8uP+IEKw
orcNFJTDv/LbKMI6kD2iQoU98XsEeA7HUHo34k72iKReMD+ufwtbOlCE8i8QRwv5
L0H2WB161LDzMlfCpOWkxcZ2q65QkB6D7XxQsmKI0BVXAm4LQ5Dzxvg1L7sc7Gdk
rHd939KgZB+rLq+geryK0j77LBEXQKwSvyvdRSDwANfb8oRuflDUQ4cj54hM39ef
DNWJzwp/GEG6Rys7GEtxm3/xtzAdSSiQsAbUXRGVfy7RZANuJ6ZQM48AX2hh8Kr8
wuaengNIF0exPC60Kb0j4VXmSg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:58:35 2025 by rpki-client