Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/Z2pkyNd-4e5kzvJabRhgI-7COKc.roa
File: Z2pkyNd-4e5kzvJabRhgI-7COKc.roa (raw, json)
Hash identifier: lH7Z224aGOCqqFm5hhGIYwWRVgtCXrBjabUK5+TQfoE=
Subject key identifier: 67:6A:64:C8:D7:7E:E1:EE:64:CE:F2:5A:6D:18:60:23:EE:C2:38:A7
Certificate issuer: /CN=18d801de9fe8a6680758817823ae36ba065c610d
Certificate serial: 0A89DA61
Authority key identifier: 18:D8:01:DE:9F:E8:A6:68:07:58:81:78:23:AE:36:BA:06:5C:61:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GNgB3p_opmgHWIF4I642ugZcYQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/Z2pkyNd-4e5kzvJabRhgI-7COKc.roa
Signing time: Sat 01 Jan 2022 02:01:27 +0000
ROA not before: Sat 01 Jan 2022 02:01:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21473
IP address blocks: 213.206.160.0/19 maxlen: 24
77.72.216.0/21 maxlen: 24
77.72.221.0/24 maxlen: 24
213.183.64.0/19 maxlen: 24
2a02:24d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176806497 (0xa89da61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18d801de9fe8a6680758817823ae36ba065c610d
Validity
Not Before: Jan 1 02:01:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=676a64c8d77ee1ee64cef25a6d186023eec238a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:80:42:04:73:69:b1:fb:71:05:18:ae:7c:99:
19:0c:93:94:fe:4c:d3:f6:fd:4c:06:c8:29:71:c6:
e7:b4:0d:30:62:46:d6:44:53:01:bd:f1:46:15:3a:
51:30:f5:fc:bd:0f:8b:cf:9c:97:51:c5:48:fc:9d:
b9:eb:a6:43:09:66:9e:23:c1:07:d5:8a:cf:98:f9:
17:b7:ee:ca:68:d5:1b:a5:84:88:71:25:e1:a7:20:
eb:8c:ba:01:03:4a:a4:d6:f0:2d:9a:57:33:68:0b:
18:0b:48:f4:e6:df:a7:f4:57:7b:b0:b3:89:a4:fe:
44:ef:74:ad:6b:f5:74:47:9c:3c:a4:ac:58:bf:18:
df:7f:44:88:54:52:18:dd:74:b3:7e:be:85:7d:37:
ae:ea:b9:51:dc:97:92:af:31:52:13:87:fa:f6:a6:
50:1a:a2:9b:bc:e4:56:07:aa:d9:64:bd:14:c3:3f:
d5:bb:f8:61:13:8f:e3:d7:50:97:ac:0e:b7:c3:04:
5d:84:db:3b:91:3e:0e:db:85:e6:c8:30:ab:64:38:
24:ee:be:c2:a9:14:65:f2:ac:40:1b:27:63:92:5d:
60:9a:c1:87:76:43:b9:00:b9:cc:8d:53:17:69:c7:
62:b2:a5:8e:a1:69:40:d3:42:dc:68:29:aa:e9:57:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6A:64:C8:D7:7E:E1:EE:64:CE:F2:5A:6D:18:60:23:EE:C2:38:A7
X509v3 Authority Key Identifier:
keyid:18:D8:01:DE:9F:E8:A6:68:07:58:81:78:23:AE:36:BA:06:5C:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNgB3p_opmgHWIF4I642ugZcYQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/Z2pkyNd-4e5kzvJabRhgI-7COKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/GNgB3p_opmgHWIF4I642ugZcYQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.216.0/21
213.183.64.0/19
213.206.160.0/19
IPv6:
2a02:24d8::/32
Signature Algorithm: sha256WithRSAEncryption
22:d3:c0:8f:ce:94:30:4d:13:1b:2d:5d:b9:29:13:1c:15:1d:
06:9e:ec:9d:fa:9e:e6:50:c5:e5:18:80:ca:c1:65:03:a7:16:
f6:4e:59:4c:8a:38:30:c1:6c:57:cc:50:a6:cf:b1:9e:cf:81:
fb:78:64:9e:90:b1:c8:c8:17:7a:4b:49:d7:08:9d:46:bf:b1:
05:c8:c3:36:11:31:85:74:ad:bb:3c:fe:b8:4e:2f:4a:2b:cd:
e8:95:b8:89:c9:a2:1d:f0:18:e8:ca:48:46:1a:e5:72:4a:b3:
3e:78:6b:f4:40:35:fa:e3:67:1e:ba:6f:c8:4f:93:33:9b:02:
44:63:c3:b8:7e:3c:29:e2:bc:37:73:97:05:ee:52:32:24:d8:
3d:e8:db:29:dd:0a:86:e8:47:b3:2b:dd:c8:10:d2:2e:db:0f:
1c:e2:9d:8e:41:30:d4:31:9a:bf:77:4b:8b:05:23:77:1b:8d:
23:5a:a3:d9:db:c8:e0:25:57:b4:65:de:04:04:24:24:1a:31:
08:10:34:55:35:5e:19:4d:3c:4d:a8:de:ce:87:96:e8:1f:69:
17:85:b8:57:86:ff:36:8c:4f:dc:5b:d5:e0:4a:69:81:e8:fe:
12:dc:ef:96:9d:bc:2e:af:73:71:83:cf:bd:41:26:9b:6c:44:
22:f0:a7:e8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEConaYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OGQ4MDFkZTlmZThhNjY4MDc1ODgxNzgyM2FlMzZiYTA2NWM2MTBkMB4XDTIyMDEw
MTAyMDEyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc2YTY0YzhkNzdl
ZTFlZTY0Y2VmMjVhNmQxODYwMjNlZWMyMzhhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmAQgRzabH7cQUYrnyZGQyTlP5M0/b9TAbIKXHG57QNMGJG
1kRTAb3xRhU6UTD1/L0Pi8+cl1HFSPydueumQwlmniPBB9WKz5j5F7fuymjVG6WE
iHEl4acg64y6AQNKpNbwLZpXM2gLGAtI9Obfp/RXe7CziaT+RO90rWv1dEecPKSs
WL8Y339EiFRSGN10s36+hX03ruq5UdyXkq8xUhOH+vamUBqim7zkVgeq2WS9FMM/
1bv4YROP49dQl6wOt8MEXYTbO5E+DtuF5sgwq2Q4JO6+wqkUZfKsQBsnY5JdYJrB
h3ZDuQC5zI1TF2nHYrKljqFpQNNC3GgpqulX+ysCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRnamTI137h7mTO8lptGGAj7sI4pzAfBgNVHSMEGDAWgBQY2AHen+imaAdY
gXgjrja6BlxhDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dOZ0IzcF9vcG1nSFdJRjRJNjQydWdaY1lRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvOTVjM2M4LTZhYjEtNDk1MS04ZjU5LTY1NTAzYTkzMDZhMC8x
L1oycGt5TmQtNGU1a3p2SmFiUmhnSS03Q09LYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
OTVjM2M4LTZhYjEtNDk1MS04ZjU5LTY1NTAzYTkzMDZhMC8xL0dOZ0IzcF9vcG1n
SFdJRjRJNjQydWdaY1lRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA01I2AMEBdW3QAMEBdXOoDANBAIA
AjAHAwUAKgIk2DANBgkqhkiG9w0BAQsFAAOCAQEAItPAj86UME0TGy1duSkTHBUd
Bp7snfqe5lDF5RiAysFlA6cW9k5ZTIo4MMFsV8xQps+xns+B+3hknpCxyMgXektJ
1widRr+xBcjDNhExhXStuzz+uE4vSivN6JW4icmiHfAY6MpIRhrlckqzPnhr9EA1
+uNnHrpvyE+TM5sCRGPDuH48KeK8N3OXBe5SMiTYPejbKd0KhuhHsyvdyBDSLtsP
HOKdjkEw1DGav3dLiwUjdxuNI1qj2dvI4CVXtGXeBAQkJBoxCBA0VTVeGU08Taje
zoeW6B9pF4W4V4b/NoxP3FvV4Eppgej+Etzvlp28Lq9zcYPPvUEmm2xEIvCn6A==
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:34:23 2025 by rpki-client