Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/751958-abeb-459e-8141-b95520c872c5/1/ZB2IwuaSgu3n_ECji5v8BQfDhG4.roa
File: ZB2IwuaSgu3n_ECji5v8BQfDhG4.roa (raw, json)
Hash identifier: uVs76ZY3maBiomL95KRJntvQKVkSym8SHVxW5wLElrw=
Subject key identifier: 64:1D:88:C2:E6:92:82:ED:E7:FC:40:A3:8B:9B:FC:05:07:C3:84:6E
Certificate issuer: /CN=0274d086796d4d779ad164c24c223f26b3284ed4
Certificate serial: 0185700B8A647706049339D01C12504AFA14
Authority key identifier: 02:74:D0:86:79:6D:4D:77:9A:D1:64:C2:4C:22:3F:26:B3:28:4E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AnTQhnltTXea0WTCTCI_JrMoTtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/751958-abeb-459e-8141-b95520c872c5/1/ZB2IwuaSgu3n_ECji5v8BQfDhG4.roa
Signing time: Mon 02 Jan 2023 01:14:42 +0000
ROA not before: Mon 02 Jan 2023 01:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204209
IP address blocks: 185.249.89.0/24 maxlen: 24
185.249.90.0/24 maxlen: 24
185.249.91.0/24 maxlen: 24
185.249.88.0/24 maxlen: 24
2a07:fb00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:8a:64:77:06:04:93:39:d0:1c:12:50:4a:fa:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0274d086796d4d779ad164c24c223f26b3284ed4
Validity
Not Before: Jan 2 01:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=641d88c2e69282ede7fc40a38b9bfc0507c3846e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fd:3e:cd:f8:6d:7e:7e:f8:99:d4:2d:72:00:
bb:12:1f:ee:d2:0e:b1:58:2a:95:63:d5:85:b5:07:
6e:c3:37:68:4f:71:d1:e9:c2:0d:76:68:19:47:84:
ab:98:e2:83:cd:6b:cd:ce:68:8d:69:4c:f4:72:01:
20:aa:e2:34:42:e4:1b:f2:cf:44:74:c1:a0:7a:41:
46:66:af:77:c6:ee:75:2d:ea:47:7d:61:ce:60:e9:
1a:e3:f6:e4:41:78:6b:a8:9f:3e:3a:d7:be:03:93:
1b:41:d6:44:c8:c9:2b:78:29:f9:c8:62:dc:f3:3f:
95:26:58:9f:a8:39:5c:ad:42:08:46:7a:49:59:91:
71:57:45:1c:e9:bc:4f:53:0a:21:ee:43:0f:05:1f:
de:da:c2:e0:d7:36:d9:45:7b:45:43:7d:68:ee:fb:
99:57:d0:f0:18:5c:7c:1d:09:2c:f1:95:07:62:f0:
fd:7e:c5:72:bc:f3:8e:27:0d:2b:8d:33:78:03:1e:
b2:6b:66:c5:cd:19:c6:93:a0:b0:07:a1:8d:7b:cf:
99:5a:c1:91:26:20:9e:6c:e9:48:73:45:0d:34:34:
53:a7:92:b7:e2:b9:fb:e4:21:92:b6:b6:d0:99:a5:
3e:bc:33:b0:0a:13:8c:37:85:6e:82:e8:24:45:2a:
f9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1D:88:C2:E6:92:82:ED:E7:FC:40:A3:8B:9B:FC:05:07:C3:84:6E
X509v3 Authority Key Identifier:
keyid:02:74:D0:86:79:6D:4D:77:9A:D1:64:C2:4C:22:3F:26:B3:28:4E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AnTQhnltTXea0WTCTCI_JrMoTtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/751958-abeb-459e-8141-b95520c872c5/1/ZB2IwuaSgu3n_ECji5v8BQfDhG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/751958-abeb-459e-8141-b95520c872c5/1/AnTQhnltTXea0WTCTCI_JrMoTtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.88.0/22
IPv6:
2a07:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
3f:e3:76:46:8f:ff:bc:20:a0:17:a8:bc:26:f6:4c:3d:b7:be:
fd:3b:c6:9c:fe:05:b1:67:68:96:98:7a:36:39:48:c5:f3:87:
4d:5d:4e:b7:72:07:5e:1d:38:35:3b:21:ae:29:07:5b:0c:87:
a9:2c:f0:41:6a:88:14:59:de:27:76:ca:78:06:d1:21:9d:15:
3c:2f:39:32:2f:21:16:dc:00:f5:69:4a:75:ee:a7:1b:4b:0b:
93:f1:c5:e8:7c:1f:22:08:d6:11:fc:c9:23:33:fe:7f:b7:dc:
8a:af:50:8d:a0:40:3a:0e:59:12:56:23:a6:fa:99:c1:39:a3:
6e:ac:c6:57:96:a1:8d:64:51:58:6e:88:08:26:af:45:7a:94:
43:05:ca:d0:db:bd:b7:e7:1f:37:f5:0a:3a:55:aa:da:5f:eb:
92:5e:4b:96:e0:35:d4:ad:7c:53:a9:ae:af:2f:a7:78:6a:07:
02:91:6d:ac:18:90:87:b5:2e:f4:29:87:e7:1c:2d:8a:38:ea:
28:74:12:f7:c5:a0:8c:4d:ea:f3:39:95:44:d1:59:ed:1b:bd:
d0:3f:35:96:d0:eb:d5:f2:7c:95:8c:f9:fa:12:83:e5:0f:d4:
9c:7e:61:be:e6:45:d2:bc:08:77:bb:c1:df:77:c0:09:fd:03:
36:5c:ef:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwC4pkdwYEkznQHBJQSvoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNzRkMDg2Nzk2ZDRkNzc5YWQxNjRjMjRjMjIzZjI2YjMy
ODRlZDQwHhcNMjMwMTAyMDExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFkODhjMmU2OTI4MmVkZTdmYzQwYTM4YjliZmMwNTA3YzM4NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf0+zfhtfn74mdQtcgC7Eh/u0g6x
WCqVY9WFtQduwzdoT3HR6cINdmgZR4SrmOKDzWvNzmiNaUz0cgEgquI0QuQb8s9E
dMGgekFGZq93xu51LepHfWHOYOka4/bkQXhrqJ8+Ote+A5MbQdZEyMkreCn5yGLc
8z+VJlifqDlcrUIIRnpJWZFxV0Uc6bxPUwoh7kMPBR/e2sLg1zbZRXtFQ31o7vuZ
V9DwGFx8HQks8ZUHYvD9fsVyvPOOJw0rjTN4Ax6ya2bFzRnGk6CwB6GNe8+ZWsGR
JiCebOlIc0UNNDRTp5K34rn75CGStrbQmaU+vDOwChOMN4VugugkRSr5AwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGQdiMLmkoLt5/xAo4ub/AUHw4RuMB8GA1UdIwQY
MBaAFAJ00IZ5bU13mtFkwkwiPyazKE7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW5UUWhubHRUWGVhMFdUQ1RDSV9Kck1vVHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC83NTE5NTgtYWJlYi00NTllLTgxNDEt
Yjk1NTIwYzg3MmM1LzEvWkIySXd1YVNndTNuX0VDamk1djhCUWZEaEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC83NTE5NTgtYWJlYi00NTllLTgxNDEtYjk1NTIwYzg3MmM1
LzEvQW5UUWhubHRUWGVhMFdUQ1RDSV9Kck1vVHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuflYMA0E
AgACMAcDBQAqB/sAMA0GCSqGSIb3DQEBCwUAA4IBAQA/43ZGj/+8IKAXqLwm9kw9
t779O8ac/gWxZ2iWmHo2OUjF84dNXU63cgdeHTg1OyGuKQdbDIepLPBBaogUWd4n
dsp4BtEhnRU8LzkyLyEW3AD1aUp17qcbSwuT8cXofB8iCNYR/MkjM/5/t9yKr1CN
oEA6DlkSViOm+pnBOaNurMZXlqGNZFFYbogIJq9FepRDBcrQ27235x839Qo6Vara
X+uSXkuW4DXUrXxTqa6vL6d4agcCkW2sGJCHtS70KYfnHC2KOOoodBL3xaCMTerz
OZVE0VntG73QPzWW0OvV8nyVjPn6EoPlD9ScfmG+5kXSvAh3u8Hfd8AJ/QM2XO8k
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:39 2025 by rpki-client