Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/ZT1dGOBcRHadfpQhN_mUkxj_GGc.roa
File: ZT1dGOBcRHadfpQhN_mUkxj_GGc.roa (raw, json)
Hash identifier: RAEL/XeZ4F2CnIXpDTZotEcVZs/9AUFxLR6Ceozgj+E=
Subject key identifier: 65:3D:5D:18:E0:5C:44:76:9D:7E:94:21:37:F9:94:93:18:FF:18:67
Certificate issuer: /CN=8ec18203c255a1d0bf1587542c7626f26738d6c1
Certificate serial: 01856D8AC1EECEE5E8C6F0875280B97EF5FC
Authority key identifier: 8E:C1:82:03:C2:55:A1:D0:BF:15:87:54:2C:76:26:F2:67:38:D6:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsGCA8JVodC_FYdULHYm8mc41sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/ZT1dGOBcRHadfpQhN_mUkxj_GGc.roa
Signing time: Sun 01 Jan 2023 13:34:48 +0000
ROA not before: Sun 01 Jan 2023 13:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6799
IP address blocks: 94.232.80.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:c1:ee:ce:e5:e8:c6:f0:87:52:80:b9:7e:f5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec18203c255a1d0bf1587542c7626f26738d6c1
Validity
Not Before: Jan 1 13:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=653d5d18e05c44769d7e942137f9949318ff1867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:e4:2d:30:d9:c6:ca:fe:02:44:11:4e:21:
63:b5:b7:aa:37:d3:3c:40:ca:c7:d5:59:d8:66:fb:
ec:5a:b7:98:23:1d:74:5e:1d:cb:e4:18:67:44:5b:
b8:ba:93:ba:f1:65:80:fa:33:79:e1:bd:83:84:67:
bb:4f:eb:32:a5:93:07:ba:88:1f:81:48:c9:90:a2:
e0:d4:c9:e6:d8:bb:19:b9:fd:96:9b:df:cc:87:63:
2b:22:c8:49:92:67:eb:ad:02:10:ce:e9:bd:fe:1b:
26:6e:30:4f:25:39:fb:80:b9:83:69:d9:19:f4:98:
a3:c5:5f:43:77:d2:a4:d0:0b:b0:d3:4d:58:3c:7f:
ce:49:a4:d4:a0:d6:2a:2a:bf:80:73:42:98:f7:9c:
4e:aa:8b:91:5b:37:5b:64:3c:f4:9b:57:5b:22:34:
10:4c:64:c3:ce:77:10:2d:64:13:60:2b:e5:f4:d4:
0a:c7:98:78:7f:c9:af:e6:e4:fe:3f:89:04:94:2a:
a7:f9:b4:77:ac:04:9b:a4:38:a3:31:1a:b2:35:b4:
2f:22:b1:82:88:bf:d6:ea:0b:13:e6:d8:72:bf:c6:
20:a1:c9:ba:0d:80:ca:85:1b:17:16:67:09:26:a0:
43:7f:ba:d3:c5:e4:dc:f5:c5:85:0e:95:3a:fe:ae:
46:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3D:5D:18:E0:5C:44:76:9D:7E:94:21:37:F9:94:93:18:FF:18:67
X509v3 Authority Key Identifier:
keyid:8E:C1:82:03:C2:55:A1:D0:BF:15:87:54:2C:76:26:F2:67:38:D6:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsGCA8JVodC_FYdULHYm8mc41sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/ZT1dGOBcRHadfpQhN_mUkxj_GGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/jsGCA8JVodC_FYdULHYm8mc41sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.80.0/21
Signature Algorithm: sha256WithRSAEncryption
40:54:4b:08:d1:c9:62:c3:ef:b7:d2:5f:a1:19:9d:a4:32:e7:
cf:a5:70:d4:92:bf:4f:58:d4:5f:9d:36:67:19:cf:6e:fe:ab:
12:53:3e:e0:25:70:02:90:ae:0a:2a:bc:70:ca:6f:49:fe:fc:
ac:c3:de:ac:66:aa:a3:d2:57:58:2b:96:c8:1d:2f:6a:66:7d:
ee:53:cf:b4:53:99:38:bf:78:58:47:0d:f5:6c:75:87:f6:1c:
76:3a:c9:d3:85:55:b3:d9:71:8b:7e:91:db:eb:06:18:da:8c:
17:ff:12:52:e1:87:ea:da:59:89:d3:05:9b:fe:61:60:2d:b2:
dc:9c:cb:be:70:ec:0c:c7:37:40:75:54:0e:0d:eb:4b:39:47:
b8:0d:0c:66:7b:7a:b7:72:8b:34:55:47:06:c5:dd:c5:0b:b3:
b0:20:17:c6:d2:89:b6:db:0f:c9:fd:ba:e8:e0:bf:4d:81:31:
f0:15:cf:6a:9c:95:9e:89:2f:ad:0a:b7:41:ef:9a:e0:c9:c5:
e3:8e:d6:a9:e4:dc:a1:85:0c:bb:d7:06:ed:e4:83:2d:64:71:
22:2c:fc:09:a1:66:a2:ea:c5:88:2e:f7:2b:ae:a5:39:3d:76:
f2:fa:36:19:36:7d:b2:f0:af:36:b7:61:94:7e:e2:41:50:36:
27:ee:ed:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtisHuzuXoxvCHUoC5fvX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzE4MjAzYzI1NWExZDBiZjE1ODc1NDJjNzYyNmYyNjcz
OGQ2YzEwHhcNMjMwMTAxMTMzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNkNWQxOGUwNWM0NDc2OWQ3ZTk0MjEzN2Y5OTQ5MzE4ZmYxODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn23kLTDZxsr+AkQRTiFjtbeqN9M8
QMrH1VnYZvvsWreYIx10Xh3L5BhnRFu4upO68WWA+jN54b2DhGe7T+sypZMHuogf
gUjJkKLg1Mnm2LsZuf2Wm9/Mh2MrIshJkmfrrQIQzum9/hsmbjBPJTn7gLmDadkZ
9JijxV9Dd9Kk0Auw001YPH/OSaTUoNYqKr+Ac0KY95xOqouRWzdbZDz0m1dbIjQQ
TGTDzncQLWQTYCvl9NQKx5h4f8mv5uT+P4kElCqn+bR3rASbpDijMRqyNbQvIrGC
iL/W6gsT5thyv8Ygocm6DYDKhRsXFmcJJqBDf7rTxeTc9cWFDpU6/q5GYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU9XRjgXER2nX6UITf5lJMY/xhnMB8GA1UdIwQY
MBaAFI7BggPCVaHQvxWHVCx2JvJnONbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNHQ0E4SlZvZENfRllkVUxIWW04bWM0MXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82NTE5ZTAtYjMyNy00NTRlLWJiN2Et
MWEzYmUyNGI3NmRiLzEvWlQxZEdPQmNSSGFkZnBRaE5fbVVreGpfR0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82NTE5ZTAtYjMyNy00NTRlLWJiN2EtMWEzYmUyNGI3NmRi
LzEvanNHQ0E4SlZvZENfRllkVUxIWW04bWM0MXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXuhQMA0G
CSqGSIb3DQEBCwUAA4IBAQBAVEsI0cliw++30l+hGZ2kMufPpXDUkr9PWNRfnTZn
Gc9u/qsSUz7gJXACkK4KKrxwym9J/vysw96sZqqj0ldYK5bIHS9qZn3uU8+0U5k4
v3hYRw31bHWH9hx2OsnThVWz2XGLfpHb6wYY2owX/xJS4Yfq2lmJ0wWb/mFgLbLc
nMu+cOwMxzdAdVQODetLOUe4DQxme3q3cos0VUcGxd3FC7OwIBfG0om22w/J/bro
4L9NgTHwFc9qnJWeiS+tCrdB75rgycXjjtap5NyhhQy71wbt5IMtZHEiLPwJoWai
6sWILvcrrqU5PXby+jYZNn2y8K82t2GUfuJBUDYn7u38
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:21 2025 by rpki-client