Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/zHBI21_QVeS5xBvH0yj_DmyW36U.roa
File: zHBI21_QVeS5xBvH0yj_DmyW36U.roa (raw, json)
Hash identifier: DvT/2Zw3GKGgHszwJQtZ/jY9doJUGhO7PULBUHhyEog=
Subject key identifier: CC:70:48:DB:5F:D0:55:E4:B9:C4:1B:C7:D3:28:FF:0E:6C:96:DF:A5
Certificate issuer: /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial: 01856C53C7B1CFD6E9C6E014CD4A506472D5
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/zHBI21_QVeS5xBvH0yj_DmyW36U.roa
Signing time: Sun 01 Jan 2023 07:55:07 +0000
ROA not before: Sun 01 Jan 2023 07:55:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203936
IP address blocks: 185.240.88.0/23 maxlen: 23
185.240.90.0/23 maxlen: 23
89.34.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:c7:b1:cf:d6:e9:c6:e0:14:cd:4a:50:64:72:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Validity
Not Before: Jan 1 07:55:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc7048db5fd055e4b9c41bc7d328ff0e6c96dfa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:30:b1:d6:3a:ae:ee:4f:d4:55:e9:e6:17:c9:
a7:4c:e5:43:51:f7:d4:71:6d:2b:ec:00:8c:cb:1b:
ae:fe:29:02:09:1b:3b:f9:5b:ba:d4:e3:ff:10:ad:
61:4c:a2:3f:9c:a1:1e:c2:71:e5:91:6f:84:35:a0:
c6:ad:a1:31:37:b9:cc:06:83:be:6b:0a:b3:7c:e8:
96:94:58:77:04:a8:10:00:7a:6a:01:c5:e4:58:4f:
e5:9f:ad:05:c3:d0:22:96:86:7b:25:8e:cc:aa:4b:
ce:f1:df:3d:2d:a2:12:a8:28:e3:ff:19:a4:66:45:
56:57:0d:2c:01:65:ad:e5:0a:9c:b9:52:36:78:f6:
16:79:75:ef:c6:eb:5a:07:54:69:46:99:96:eb:4f:
9e:93:d4:b3:91:2a:cd:36:0b:c8:f6:d2:b6:54:cd:
0c:6f:7f:12:bb:3c:09:b2:09:c3:c9:26:fd:14:33:
8f:26:37:d9:d0:61:f2:e3:4c:26:6a:51:c4:b0:9a:
51:1e:ba:bf:38:e8:99:0a:4d:ad:8a:93:e5:c4:31:
ba:f5:a3:d6:c9:79:79:0c:ad:06:75:78:56:7d:88:
31:34:c9:97:f4:b7:0b:5e:e4:d8:a1:e9:45:75:b1:
69:ee:06:c6:9f:cd:16:29:06:c7:45:f1:e4:8d:6d:
3d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:70:48:DB:5F:D0:55:E4:B9:C4:1B:C7:D3:28:FF:0E:6C:96:DF:A5
X509v3 Authority Key Identifier:
keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/zHBI21_QVeS5xBvH0yj_DmyW36U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.76.0/24
185.240.88.0/22
Signature Algorithm: sha256WithRSAEncryption
86:ff:cb:36:76:5a:9e:c6:da:60:33:11:8f:42:dd:92:d9:fe:
17:fb:69:ae:26:0a:91:d7:4e:0c:32:22:df:20:81:ca:25:52:
5b:b0:6f:53:e3:34:41:e9:b7:f1:9f:c8:be:aa:8b:a7:bd:02:
b7:91:fa:01:b4:c6:9c:7d:5c:de:6b:46:3e:53:49:bb:8f:da:
08:17:34:ac:0d:1b:52:75:01:ad:a4:fa:4f:4c:19:71:2a:18:
38:a2:d4:d6:9e:f1:b1:ae:0c:6f:f0:2c:87:78:6f:80:9b:01:
33:df:4b:3a:f6:ca:a8:c7:e5:82:8e:6e:dd:1d:b6:28:79:db:
45:c7:f6:a8:40:b0:b8:d9:37:f9:99:57:c3:42:38:61:08:c3:
97:84:f2:57:64:2c:74:ce:56:4b:15:e1:a1:5c:f8:02:79:be:
36:f2:d3:ff:a7:01:b3:06:5c:a1:a3:64:1c:a2:f0:f6:74:48:
df:3c:45:4a:1f:49:eb:f8:85:9f:c5:6a:a4:a1:c1:a9:39:c7:
5d:38:fb:e2:40:92:6f:25:d4:f5:1a:73:ea:53:f6:f1:7d:83:
d7:5b:b5:3a:51:3f:fc:5f:56:0d:9c:63:c6:de:5f:f5:cb:09:
b6:e2:73:ed:e1:a2:a6:5b:e1:cf:02:7b:ae:62:82:7a:df:31:
0c:88:50:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU8exz9bpxuAUzUpQZHLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjMwMTAxMDc1NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzcwNDhkYjVmZDA1NWU0YjljNDFiYzdkMzI4ZmYwZTZjOTZkZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDCx1jqu7k/UVenmF8mnTOVDUffU
cW0r7ACMyxuu/ikCCRs7+Vu61OP/EK1hTKI/nKEewnHlkW+ENaDGraExN7nMBoO+
awqzfOiWlFh3BKgQAHpqAcXkWE/ln60Fw9AiloZ7JY7MqkvO8d89LaISqCjj/xmk
ZkVWVw0sAWWt5QqcuVI2ePYWeXXvxutaB1RpRpmW60+ek9SzkSrNNgvI9tK2VM0M
b38SuzwJsgnDySb9FDOPJjfZ0GHy40wmalHEsJpRHrq/OOiZCk2tipPlxDG69aPW
yXl5DK0GdXhWfYgxNMmX9LcLXuTYoelFdbFp7gbGn80WKQbHRfHkjW094QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMxwSNtf0FXkucQbx9Mo/w5slt+lMB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvekhCSTIxX1FWZVM1eEJ2SDB5al9EbXlXMzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSJMAwQC
ufBYMA0GCSqGSIb3DQEBCwUAA4IBAQCG/8s2dlqextpgMxGPQt2S2f4X+2muJgqR
104MMiLfIIHKJVJbsG9T4zRB6bfxn8i+qounvQK3kfoBtMacfVzea0Y+U0m7j9oI
FzSsDRtSdQGtpPpPTBlxKhg4otTWnvGxrgxv8CyHeG+AmwEz30s69sqox+WCjm7d
HbYoedtFx/aoQLC42Tf5mVfDQjhhCMOXhPJXZCx0zlZLFeGhXPgCeb428tP/pwGz
Blyho2QcovD2dEjfPEVKH0nr+IWfxWqkocGpOcddOPviQJJvJdT1GnPqU/bxfYPX
W7U6UT/8X1YNnGPG3l/1ywm24nPt4aKmW+HPAnuuYoJ63zEMiFAf
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:15 2025 by rpki-client