Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/zQCbJBxzYvIrPRyjOFX9KOObX3w.roa
File: zQCbJBxzYvIrPRyjOFX9KOObX3w.roa (raw, json)
Hash identifier: 6Mn0+ape3SgSYYGFGYh7Z9qOs18SXlneXstQTzsu0oY=
Subject key identifier: CD:00:9B:24:1C:73:62:F2:2B:3D:1C:A3:38:55:FD:28:E3:9B:5F:7C
Certificate issuer: /CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Certificate serial: 01856F66F5CC6EB37D362588061427C5CA61
Authority key identifier: 41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/zQCbJBxzYvIrPRyjOFX9KOObX3w.roa
Signing time: Sun 01 Jan 2023 22:14:56 +0000
ROA not before: Sun 01 Jan 2023 22:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54103
IP address blocks: 195.128.163.0/24 maxlen: 24
195.128.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f5:cc:6e:b3:7d:36:25:88:06:14:27:c5:ca:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Validity
Not Before: Jan 1 22:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd009b241c7362f22b3d1ca33855fd28e39b5f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:89:59:b6:02:b8:c4:01:65:ae:5c:5f:aa:
b8:fa:f6:ee:79:a4:88:b3:c0:22:d9:92:d2:78:01:
3b:d3:15:0d:99:2a:0c:77:cc:10:04:bf:35:96:72:
af:79:5c:11:1e:7a:81:bb:07:f3:3c:24:2b:b4:11:
de:3c:04:c4:f8:c0:74:36:28:35:df:b0:7e:7b:9e:
b3:5d:e8:89:ed:9f:89:06:f8:36:5e:bc:b2:42:d9:
e9:9e:01:7e:27:0d:f9:ce:ea:e5:75:27:fd:87:39:
e3:9f:af:9b:2f:af:36:8f:5e:ef:35:90:8e:db:8f:
a3:ff:69:aa:eb:a9:9e:d6:0e:9c:f6:61:da:c8:10:
9e:45:3a:27:bc:78:e9:63:46:5c:c1:4a:4c:08:63:
ca:fb:3f:5a:d8:76:3f:a2:aa:51:a2:53:52:be:33:
18:6b:95:b3:82:8a:04:76:43:41:3b:67:c8:f2:22:
19:97:0d:1c:2d:27:69:89:b2:fa:7f:35:d5:14:3e:
33:18:38:55:5c:eb:8c:2d:78:83:75:58:f6:17:f4:
ee:ff:5b:a9:a7:29:41:18:e4:85:a1:aa:0b:6d:b3:
9b:91:b1:fd:c4:ca:7c:8c:89:2e:92:13:bd:87:2d:
58:03:4b:2e:b9:05:86:a0:2b:dc:9c:62:33:9c:b6:
ab:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:00:9B:24:1C:73:62:F2:2B:3D:1C:A3:38:55:FD:28:E3:9B:5F:7C
X509v3 Authority Key Identifier:
keyid:41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/zQCbJBxzYvIrPRyjOFX9KOObX3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.163.0/24
195.128.179.0/24
Signature Algorithm: sha256WithRSAEncryption
26:c5:04:d9:1b:12:d4:15:b0:7c:e2:7b:28:92:43:3a:d3:3d:
38:d7:df:8c:28:04:3b:96:4f:37:c1:61:9d:c4:55:3d:7a:e1:
86:6c:a5:0f:1b:18:76:88:00:30:bd:d4:6d:14:5b:71:1d:25:
cc:00:8e:4d:4d:87:ee:0a:7e:fd:a3:48:4b:88:56:7d:bd:1a:
95:0a:f3:f3:e7:df:29:4d:1a:99:5d:b8:f2:d8:81:00:0d:08:
43:77:e0:68:72:f6:42:1c:48:b6:f0:cf:db:39:0e:e9:a4:76:
c9:39:d8:8b:c9:52:ee:19:80:0f:83:aa:50:d3:d6:49:76:4b:
65:a9:d5:00:87:b3:48:63:26:08:e6:15:ee:fd:26:e0:e9:7c:
74:8e:d2:c4:31:fb:18:f3:ce:b4:ee:72:2f:8e:99:33:b3:fb:
75:32:6c:22:6b:fe:77:dc:f0:6f:0b:b8:7e:fa:66:e8:c0:1f:
02:82:0f:7d:6b:29:6c:56:9f:b6:ac:01:01:4c:a3:a1:ff:b0:
79:2b:bc:fa:34:33:0b:1a:a9:be:31:a1:a7:cb:b1:67:17:dc:
47:41:36:d8:96:1d:2d:87:71:a7:3a:b1:8f:18:a0:0f:f4:d0:
b1:0f:22:b1:fc:0a:42:84:8e:1f:8b:f4:39:7a:85:09:85:b4:
9d:06:89:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZvXMbrN9NiWIBhQnxcphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOTYyMzBlNThkZWNjMGNiY2ZiMTVmNTZhYTY0ZGVkZDFm
Mzg5ZjUwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDAwOWIyNDFjNzM2MmYyMmIzZDFjYTMzODU1ZmQyOGUzOWI1ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwyJWbYCuMQBZa5cX6q4+vbueaSI
s8Ai2ZLSeAE70xUNmSoMd8wQBL81lnKveVwRHnqBuwfzPCQrtBHePATE+MB0Nig1
37B+e56zXeiJ7Z+JBvg2XryyQtnpngF+Jw35zurldSf9hznjn6+bL682j17vNZCO
24+j/2mq66me1g6c9mHayBCeRTonvHjpY0ZcwUpMCGPK+z9a2HY/oqpRolNSvjMY
a5WzgooEdkNBO2fI8iIZlw0cLSdpibL6fzXVFD4zGDhVXOuMLXiDdVj2F/Tu/1up
pylBGOSFoaoLbbObkbH9xMp8jIkukhO9hy1YA0suuQWGoCvcnGIznLarWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM0AmyQcc2LyKz0cozhV/Sjjm198MB8GA1UdIwQY
MBaAFEGWIw5Y3swMvPsV9WqmTe3R84n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQt
MmJlZmZmZDU3ZmI3LzEvelFDYkpCeHpZdklyUFJ5ak9GWDlLT09iWDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQtMmJlZmZmZDU3ZmI3
LzEvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4CjAwQA
w4CzMA0GCSqGSIb3DQEBCwUAA4IBAQAmxQTZGxLUFbB84nsokkM60z0419+MKAQ7
lk83wWGdxFU9euGGbKUPGxh2iAAwvdRtFFtxHSXMAI5NTYfuCn79o0hLiFZ9vRqV
CvPz598pTRqZXbjy2IEADQhDd+BocvZCHEi28M/bOQ7ppHbJOdiLyVLuGYAPg6pQ
09ZJdktlqdUAh7NIYyYI5hXu/Sbg6Xx0jtLEMfsY88607nIvjpkzs/t1Mmwia/53
3PBvC7h++mbowB8Cgg99aylsVp+2rAEBTKOh/7B5K7z6NDMLGqm+MaGny7FnF9xH
QTbYlh0th3GnOrGPGKAP9NCxDyKx/ApChI4fi/Q5eoUJhbSdBolm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:56 2025 by rpki-client