Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/sz_0MuGzLxLpBeTw6UTJqXwWycI.roa
File: sz_0MuGzLxLpBeTw6UTJqXwWycI.roa (raw, json)
Hash identifier: eD10ydu84zS30HWHxVfz+C9D8sEjBHnz5GZjVwRBXI4=
Subject key identifier: B3:3F:F4:32:E1:B3:2F:12:E9:05:E4:F0:E9:44:C9:A9:7C:16:C9:C2
Certificate issuer: /CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Certificate serial: 018570829A90AC1A13FE7B0BFA0D67DD5548
Authority key identifier: 35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/sz_0MuGzLxLpBeTw6UTJqXwWycI.roa
Signing time: Mon 02 Jan 2023 03:24:45 +0000
ROA not before: Mon 02 Jan 2023 03:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 91.213.160.0/24 maxlen: 24
2001:67c:68::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:9a:90:ac:1a:13:fe:7b:0b:fa:0d:67:dd:55:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080
Validity
Not Before: Jan 2 03:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b33ff432e1b32f12e905e4f0e944c9a97c16c9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:19:6f:4f:17:ee:2c:fc:0a:2c:93:51:f8:13:
57:a9:d0:89:3f:bd:6b:0e:39:5a:91:1a:42:0d:d2:
ff:ea:9c:5b:99:6f:5d:f1:3a:58:22:e7:d6:13:18:
c6:4a:44:ea:c7:bb:d3:34:36:ad:46:14:44:7d:27:
fe:ec:96:8c:d7:2b:8c:6e:15:e8:05:6a:c4:f9:e4:
34:7f:20:dc:07:33:1b:12:e4:f1:1c:d1:bc:e8:d2:
84:40:5d:a4:f0:92:e0:09:f6:fe:12:b3:50:9e:0d:
8c:5b:1a:68:f2:47:3e:56:d5:4f:9c:16:18:fb:6e:
f5:c3:ae:ad:b9:97:ca:0c:22:63:9e:9e:d7:3c:bc:
4b:a4:d4:3e:3f:6a:71:9f:c5:8b:0a:29:4e:9e:cf:
6d:00:23:b6:96:38:f0:41:99:83:78:9b:4b:b7:77:
35:e7:0b:6e:6e:2d:1a:d2:39:cf:0f:0a:60:2d:0e:
53:9a:6c:9b:6b:1b:c7:de:40:d9:a8:26:4a:55:ef:
2a:11:e0:b1:09:0a:50:80:41:ba:a0:cc:bd:b5:74:
f6:7c:fb:6b:95:71:62:8f:eb:7a:a3:d8:39:9a:58:
db:47:87:95:11:4f:5f:a4:7a:27:5c:3d:e3:da:55:
f8:e6:af:87:34:fe:00:1f:a5:40:cf:82:3a:78:84:
5b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3F:F4:32:E1:B3:2F:12:E9:05:E4:F0:E9:44:C9:A9:7C:16:C9:C2
X509v3 Authority Key Identifier:
keyid:35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/sz_0MuGzLxLpBeTw6UTJqXwWycI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.160.0/24
IPv6:
2001:67c:68::/48
Signature Algorithm: sha256WithRSAEncryption
8b:84:2a:26:00:5a:fa:1c:90:98:40:76:d9:5d:e0:19:56:c4:
43:f1:a0:1d:13:84:02:b2:8e:6e:76:4d:9b:4f:52:5b:0c:9c:
91:84:57:1a:e4:4d:94:63:01:6f:5d:b4:22:90:c8:42:ff:00:
de:cf:d1:1b:13:7e:0c:d8:a7:87:30:65:b6:ec:58:e5:a6:98:
1c:2a:80:31:45:4a:6e:cd:fa:a5:86:54:d1:cb:cb:6d:8d:9d:
67:8b:da:4b:35:58:a6:65:9a:4a:20:06:de:76:20:e8:ab:e1:
2b:61:50:07:1b:e0:c1:ed:73:4d:67:8b:8b:a8:df:65:ad:ac:
d7:aa:54:53:99:04:39:42:9b:a5:91:29:69:0a:8c:13:23:ac:
59:28:f2:8a:e4:6e:88:b3:ca:5f:21:10:39:19:26:ed:c0:fc:
b4:05:d2:83:02:4d:06:75:cd:20:ce:f5:d4:bd:b6:a9:e9:7e:
aa:a0:eb:64:b4:0c:0a:56:0d:cf:0f:a3:50:8b:fa:c4:ce:4f:
d1:6a:fb:06:67:97:93:34:37:40:6a:00:14:27:89:3a:4d:58:
bb:60:b9:91:e6:f6:49:0a:22:fe:56:84:9c:15:78:86:a7:2a:
47:1b:cc:24:44:2a:10:4a:56:55:7d:c1:2d:4c:69:db:c6:88:
16:82:7b:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwgpqQrBoT/nsL+g1n3VVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTRmZjY3ZjNiOGQ0ZjZmNmJkYTIzZWNiYmM3YjBmMDlm
ZTYwODAwHhcNMjMwMTAyMDMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNmZjQzMmUxYjMyZjEyZTkwNWU0ZjBlOTQ0YzlhOTdjMTZjOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhlvTxfuLPwKLJNR+BNXqdCJP71r
DjlakRpCDdL/6pxbmW9d8TpYIufWExjGSkTqx7vTNDatRhREfSf+7JaM1yuMbhXo
BWrE+eQ0fyDcBzMbEuTxHNG86NKEQF2k8JLgCfb+ErNQng2MWxpo8kc+VtVPnBYY
+271w66tuZfKDCJjnp7XPLxLpNQ+P2pxn8WLCilOns9tACO2ljjwQZmDeJtLt3c1
5wtubi0a0jnPDwpgLQ5TmmybaxvH3kDZqCZKVe8qEeCxCQpQgEG6oMy9tXT2fPtr
lXFij+t6o9g5mljbR4eVEU9fpHonXD3j2lX45q+HNP4AH6VAz4I6eIRbPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLM/9DLhsy8S6QXk8OlEyal8FsnCMB8GA1UdIwQY
MBaAFDUU/2fzuNT29r2iPsu8ew8J/mCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQt
ODg1NGM5MmQ0N2IxLzEvc3pfME11R3pMeExwQmVUdzZVVEpxWHdXeWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQtODg1NGM5MmQ0N2Ix
LzEvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9WgMA8E
AgACMAkDBwAgAQZ8AGgwDQYJKoZIhvcNAQELBQADggEBAIuEKiYAWvockJhAdtld
4BlWxEPxoB0ThAKyjm52TZtPUlsMnJGEVxrkTZRjAW9dtCKQyEL/AN7P0RsTfgzY
p4cwZbbsWOWmmBwqgDFFSm7N+qWGVNHLy22NnWeL2ks1WKZlmkogBt52IOir4Sth
UAcb4MHtc01ni4uo32WtrNeqVFOZBDlCm6WRKWkKjBMjrFko8orkboizyl8hEDkZ
Ju3A/LQF0oMCTQZ1zSDO9dS9tqnpfqqg62S0DApWDc8Po1CL+sTOT9Fq+wZnl5M0
N0BqABQniTpNWLtguZHm9kkKIv5WhJwVeIanKkcbzCREKhBKVlV9wS1MadvGiBaC
e/g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:33 2025 by rpki-client