Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/ze99qOPlzxlax4_lrpn4q2aNUWM.roa
File: ze99qOPlzxlax4_lrpn4q2aNUWM.roa (raw, json)
Hash identifier: 3nigRiyzRQKh/ctZuJR+hcjgf7LE2GeY8DQbuqxesPQ=
Subject key identifier: CD:EF:7D:A8:E3:E5:CF:19:5A:C7:8F:E5:AE:99:F8:AB:66:8D:51:63
Certificate issuer: /CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Certificate serial: 018756BAE7D0AC8F346EED4332F5A25F2E37
Authority key identifier: 5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/ze99qOPlzxlax4_lrpn4q2aNUWM.roa
Signing time: Thu 06 Apr 2023 13:21:42 +0000
ROA not before: Thu 06 Apr 2023 13:21:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51984
IP address blocks: 185.182.152.0/24 maxlen: 24
185.182.155.0/24 maxlen: 24
185.182.154.0/24 maxlen: 24
185.182.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:ba:e7:d0:ac:8f:34:6e:ed:43:32:f5:a2:5f:2e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Validity
Not Before: Apr 6 13:21:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdef7da8e3e5cf195ac78fe5ae99f8ab668d5163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:be:d6:07:af:df:7d:26:b0:c1:47:77:db:4f:
88:63:e2:52:75:36:da:ab:f8:6c:89:c9:cc:20:a9:
bb:63:82:23:92:e1:b9:b1:84:85:93:13:44:8c:d6:
2a:fc:24:c3:b8:0c:53:e7:07:c3:84:6e:29:33:a3:
46:06:5b:ba:6f:6f:29:c8:8b:f9:a3:eb:a5:19:e2:
3e:d6:ab:7d:06:15:f9:a5:c3:f1:32:42:2c:74:ec:
7d:36:d6:d9:db:5a:86:79:23:c5:d0:0b:29:95:cb:
db:62:a3:5a:ea:84:e5:46:05:ce:5a:ce:6d:c1:23:
62:78:84:de:eb:3f:4b:e0:fc:79:97:01:51:ad:87:
db:11:03:18:97:c6:6a:69:08:9e:74:ee:e1:8f:17:
a8:99:18:0f:7d:06:5c:f0:5a:93:aa:18:65:bb:2d:
85:3c:63:6b:34:8b:cb:e4:89:9c:17:cd:c7:24:ec:
d0:ca:03:58:89:c5:23:6e:22:d2:0c:c1:be:7a:00:
7a:03:17:88:ad:3a:7f:6c:83:01:aa:e0:1d:df:4c:
0f:ff:17:60:bf:48:70:67:0d:bc:ff:eb:77:b6:a7:
ab:ff:0f:28:a4:3c:bc:05:4e:d5:2b:df:b2:14:61:
1f:3e:b6:98:ad:28:0c:4b:16:5d:08:64:58:78:87:
06:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:EF:7D:A8:E3:E5:CF:19:5A:C7:8F:E5:AE:99:F8:AB:66:8D:51:63
X509v3 Authority Key Identifier:
keyid:5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/ze99qOPlzxlax4_lrpn4q2aNUWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.152.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:34:83:1a:50:85:b2:e1:e4:8a:bd:19:23:b3:58:2e:e4:ce:
5c:28:25:a2:0d:cd:d2:90:8b:48:89:68:a7:82:43:5a:63:53:
01:2d:67:2f:f0:62:04:2b:71:de:71:fd:26:41:37:2b:a5:56:
c1:5a:48:83:ce:7f:8e:36:d7:d3:ba:9a:21:d8:09:21:0a:8a:
f5:6f:b2:1c:ad:50:ce:34:c0:6a:ec:c2:c1:db:96:2f:cc:77:
ed:bd:a2:0e:c9:48:14:d6:b2:8d:91:18:16:bb:ab:73:77:62:
5e:73:48:b5:d0:6f:b3:cf:64:4f:30:33:5d:c5:03:1a:98:2f:
00:9f:62:78:35:97:02:1d:e9:b9:e9:a6:14:36:22:9e:5c:80:
30:5d:3e:d6:f1:86:b0:3b:50:a4:88:f8:e1:a8:78:65:de:96:
4e:00:9a:5a:8b:1c:73:7b:76:f3:e4:d3:48:8c:64:8b:dd:1a:
7e:49:69:e2:23:0e:a1:c6:ec:72:9c:52:18:f4:c1:69:0d:af:
24:61:d6:26:94:35:d9:39:d1:58:39:46:7a:88:56:8b:33:8b:
af:e7:d6:88:5e:f2:d9:dc:b8:66:92:a9:32:9c:e2:7f:c9:cb:
be:f3:4a:05:4e:91:57:8c:a0:cd:fa:14:22:21:7d:40:cf:40:
70:e6:9d:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdWuufQrI80bu1DMvWiXy43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYWEzNTQwMWU1Mjk3YjNiNTI3ZTg0ZjkzZWE4YWExMTBk
OTdiOTUwHhcNMjMwNDA2MTMyMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGVmN2RhOGUzZTVjZjE5NWFjNzhmZTVhZTk5ZjhhYjY2OGQ1MTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn77WB6/ffSawwUd320+IY+JSdTba
q/hsicnMIKm7Y4IjkuG5sYSFkxNEjNYq/CTDuAxT5wfDhG4pM6NGBlu6b28pyIv5
o+ulGeI+1qt9BhX5pcPxMkIsdOx9NtbZ21qGeSPF0AsplcvbYqNa6oTlRgXOWs5t
wSNieITe6z9L4Px5lwFRrYfbEQMYl8ZqaQiedO7hjxeomRgPfQZc8FqTqhhluy2F
PGNrNIvL5ImcF83HJOzQygNYicUjbiLSDMG+egB6AxeIrTp/bIMBquAd30wP/xdg
v0hwZw28/+t3tqer/w8opDy8BU7VK9+yFGEfPraYrSgMSxZdCGRYeIcGmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3vfajj5c8ZWseP5a6Z+KtmjVFjMB8GA1UdIwQY
MBaAFFuqNUAeUpeztSfoT5PqiqEQ2XuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2Et
NDQwMDE3MDBiOGNhLzEvemU5OXFPUGx6eGxheDRfbHJwbjRxMmFOVVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2EtNDQwMDE3MDBiOGNh
LzEvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubaYMA0G
CSqGSIb3DQEBCwUAA4IBAQCsNIMaUIWy4eSKvRkjs1gu5M5cKCWiDc3SkItIiWin
gkNaY1MBLWcv8GIEK3Hecf0mQTcrpVbBWkiDzn+ONtfTupoh2AkhCor1b7IcrVDO
NMBq7MLB25YvzHftvaIOyUgU1rKNkRgWu6tzd2Jec0i10G+zz2RPMDNdxQMamC8A
n2J4NZcCHem56aYUNiKeXIAwXT7W8YawO1CkiPjhqHhl3pZOAJpaixxze3bz5NNI
jGSL3Rp+SWniIw6hxuxynFIY9MFpDa8kYdYmlDXZOdFYOUZ6iFaLM4uv59aIXvLZ
3LhmkqkynOJ/ycu+80oFTpFXjKDN+hQiIX1Az0Bw5p1K
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:01:14 2025 by rpki-client