Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/ZMgzfxQmYhk04fzdqaFCKaFqS2M.roa
File: ZMgzfxQmYhk04fzdqaFCKaFqS2M.roa (raw, json)
Hash identifier: hb5+7XN3b8kk16y3DORhNcrFz0h2OFfO/EuNO5SqRWM=
Subject key identifier: 64:C8:33:7F:14:26:62:19:34:E1:FC:DD:A9:A1:42:29:A1:6A:4B:63
Certificate issuer: /CN=01a85ece2c539f5850fa701f2d45a2127dc86755
Certificate serial: 0187DC504E7D4F66DB598125D1E9B6C3880F
Authority key identifier: 01:A8:5E:CE:2C:53:9F:58:50:FA:70:1F:2D:45:A2:12:7D:C8:67:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/ZMgzfxQmYhk04fzdqaFCKaFqS2M.roa
Signing time: Tue 02 May 2023 11:54:23 +0000
ROA not before: Tue 02 May 2023 11:54:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44427
IP address blocks: 91.199.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:50:4e:7d:4f:66:db:59:81:25:d1:e9:b6:c3:88:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01a85ece2c539f5850fa701f2d45a2127dc86755
Validity
Not Before: May 2 11:54:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64c8337f1426621934e1fcdda9a14229a16a4b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:47:dd:b4:fc:91:ac:12:4c:0a:e8:f6:a7:a4:
0a:8f:d8:ce:95:38:51:6e:42:55:0b:a4:7b:e1:d7:
9d:c7:8f:e9:4a:c5:92:27:23:32:00:74:6c:82:7f:
12:f9:58:54:e6:0c:64:50:e3:ca:58:6a:8d:f4:09:
ea:a1:4a:e4:d5:90:44:e8:f3:23:e9:18:0f:03:24:
6e:9f:6e:3d:76:ff:80:8c:48:22:1e:a5:0a:c6:02:
01:54:e3:8c:29:a8:b2:df:60:b2:13:a0:81:fd:bf:
aa:a5:56:80:d9:b4:0d:ac:e1:e2:40:ee:13:f3:bc:
b1:e0:29:83:93:fc:1d:50:b0:72:91:f2:f7:86:b7:
50:c5:03:ec:09:3f:c8:7b:3b:78:9e:36:a3:b6:bb:
fd:75:a9:e1:5e:24:ca:93:18:9f:c4:f2:05:ea:0c:
b4:71:f4:b6:bc:d8:58:b4:d1:01:58:1a:01:45:6d:
46:ae:b9:27:37:39:3a:a7:5b:50:12:e3:9d:ec:bd:
55:83:01:b6:8e:32:72:e1:f1:19:62:2d:8c:c2:75:
cd:f6:7a:45:91:67:c5:f7:79:40:aa:be:8d:31:41:
a6:c1:5b:16:40:eb:5e:3b:4d:d7:76:a0:61:5a:6c:
07:fa:e5:d2:18:98:05:e4:19:a1:38:88:f2:9a:1c:
18:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C8:33:7F:14:26:62:19:34:E1:FC:DD:A9:A1:42:29:A1:6A:4B:63
X509v3 Authority Key Identifier:
keyid:01:A8:5E:CE:2C:53:9F:58:50:FA:70:1F:2D:45:A2:12:7D:C8:67:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/ZMgzfxQmYhk04fzdqaFCKaFqS2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.119.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ab:81:05:09:a0:36:f2:5d:49:5f:ec:f8:49:d2:3f:7e:23:
2f:c7:ba:de:b2:b6:f4:b1:57:90:e0:98:45:7e:cc:08:60:44:
07:9a:55:ba:46:d7:4d:6e:0d:15:44:f1:51:89:de:41:2e:6c:
02:85:fa:68:4b:80:0a:90:b8:72:2e:84:99:10:67:5d:1d:57:
f3:9b:2f:7e:fa:49:d2:f2:2d:61:72:ed:0a:98:d2:3b:9e:35:
39:7d:99:55:68:5f:4c:1f:e7:8c:e3:6e:67:4f:d2:99:c8:51:
d7:f2:1a:c1:3a:85:57:d6:56:dc:5e:0e:7a:3d:63:5b:da:91:
49:c2:5a:48:3f:b5:28:76:92:e5:ae:28:9c:e0:34:a2:6c:4d:
25:a7:0e:58:91:7d:56:f8:ae:08:1d:94:41:fd:74:36:34:5e:
aa:37:0f:0e:bc:1e:27:32:7c:3f:c0:d4:09:eb:84:76:59:ae:
8b:87:14:6d:ec:71:f8:c0:0c:98:a3:ec:d2:c1:c4:10:ac:56:
23:5a:c6:85:22:91:0c:f5:9a:08:6b:03:a8:3a:4e:5f:62:3c:
ef:8d:68:85:79:5d:53:14:d6:2e:e5:f3:cf:27:ec:da:59:e2:
87:d1:60:aa:0e:9a:38:f3:69:fa:d7:be:0c:c6:7b:fc:66:49:
19:19:fc:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfcUE59T2bbWYEl0em2w4gPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYTg1ZWNlMmM1MzlmNTg1MGZhNzAxZjJkNDVhMjEyN2Rj
ODY3NTUwHhcNMjMwNTAyMTE1NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM4MzM3ZjE0MjY2MjE5MzRlMWZjZGRhOWExNDIyOWExNmE0YjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0fdtPyRrBJMCuj2p6QKj9jOlThR
bkJVC6R74dedx4/pSsWSJyMyAHRsgn8S+VhU5gxkUOPKWGqN9AnqoUrk1ZBE6PMj
6RgPAyRun249dv+AjEgiHqUKxgIBVOOMKaiy32CyE6CB/b+qpVaA2bQNrOHiQO4T
87yx4CmDk/wdULBykfL3hrdQxQPsCT/Iezt4njajtrv9danhXiTKkxifxPIF6gy0
cfS2vNhYtNEBWBoBRW1GrrknNzk6p1tQEuOd7L1VgwG2jjJy4fEZYi2MwnXN9npF
kWfF93lAqr6NMUGmwVsWQOteO03XdqBhWmwH+uXSGJgF5BmhOIjymhwY1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTIM38UJmIZNOH83amhQimhaktjMB8GA1UdIwQY
MBaAFAGoXs4sU59YUPpwHy1FohJ9yGdVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80M2E5MWMtM2FhYy00OTVjLTgwODEt
NzUyYTQ1YzMyZGZmLzEvWk1nemZ4UW1ZaGswNGZ6ZHFhRkNLYUZxUzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80M2E5MWMtM2FhYy00OTVjLTgwODEtNzUyYTQ1YzMyZGZm
LzEvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8d3MA0G
CSqGSIb3DQEBCwUAA4IBAQBWq4EFCaA28l1JX+z4SdI/fiMvx7resrb0sVeQ4JhF
fswIYEQHmlW6RtdNbg0VRPFRid5BLmwChfpoS4AKkLhyLoSZEGddHVfzmy9++knS
8i1hcu0KmNI7njU5fZlVaF9MH+eM425nT9KZyFHX8hrBOoVX1lbcXg56PWNb2pFJ
wlpIP7UodpLlriic4DSibE0lpw5YkX1W+K4IHZRB/XQ2NF6qNw8OvB4nMnw/wNQJ
64R2Wa6LhxRt7HH4wAyYo+zSwcQQrFYjWsaFIpEM9ZoIawOoOk5fYjzvjWiFeV1T
FNYu5fPPJ+zaWeKH0WCqDpo482n6174Mxnv8ZkkZGfyI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:04 2025 by rpki-client