Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/ZDERufwvU3s4-Bcvj6tJS3HhlQw.roa
File: ZDERufwvU3s4-Bcvj6tJS3HhlQw.roa (raw, json)
Hash identifier: Pi2abLe7eD2YFNS08ib+v4PWnknSYukIhWKirBCNq3U=
Subject key identifier: 64:31:11:B9:FC:2F:53:7B:38:F8:17:2F:8F:AB:49:4B:71:E1:95:0C
Certificate issuer: /CN=e45b9daeaa034255ea33114f58b88c1c3e3c7caf
Certificate serial: 018570950D4513058E35B2434F6D2085D0D0
Authority key identifier: E4:5B:9D:AE:AA:03:42:55:EA:33:11:4F:58:B8:8C:1C:3E:3C:7C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5FudrqoDQlXqMxFPWLiMHD48fK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/ZDERufwvU3s4-Bcvj6tJS3HhlQw.roa
Signing time: Mon 02 Jan 2023 03:44:54 +0000
ROA not before: Mon 02 Jan 2023 03:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41632
IP address blocks: 195.138.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:0d:45:13:05:8e:35:b2:43:4f:6d:20:85:d0:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e45b9daeaa034255ea33114f58b88c1c3e3c7caf
Validity
Not Before: Jan 2 03:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643111b9fc2f537b38f8172f8fab494b71e1950c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:38:ea:95:9a:93:c8:76:e8:58:d5:ec:60:24:
01:7c:57:9a:29:f7:3b:4c:5e:fa:98:c2:e0:85:a0:
c2:17:eb:e7:57:94:6d:a0:2c:95:6f:e4:ef:6c:d1:
b8:f0:37:a2:ee:74:9f:b4:a9:f9:e8:89:7b:b4:68:
a6:0d:a4:e5:ad:7f:e6:66:65:aa:40:3f:71:e8:cc:
06:6f:a1:f1:dc:81:77:94:77:27:d6:df:2d:f5:81:
2f:1c:27:9a:5e:86:0d:81:a1:36:1a:49:5a:4e:90:
3b:fb:97:09:ea:79:ed:6a:82:96:73:ae:10:cc:e7:
0f:ef:8a:86:00:a8:db:ef:32:80:7f:ee:3e:89:c5:
25:59:2f:36:c3:1c:c8:7b:5a:11:ae:44:4b:f1:66:
e8:36:a8:25:cf:fd:67:a8:38:d3:da:15:34:34:9c:
a4:02:2d:22:13:2c:0e:1d:54:c3:bf:50:74:df:50:
76:26:ab:9a:91:35:aa:6c:2b:f9:07:4a:39:04:d7:
6f:48:ed:97:f8:3b:ce:25:aa:86:3e:5e:15:d7:b1:
3f:b3:03:6d:4f:9e:1c:6b:55:f9:eb:fd:22:eb:8f:
66:24:6d:fd:fb:ed:c9:7f:92:de:22:d8:d7:3f:37:
75:7b:2e:f3:56:a1:c2:49:a6:c6:30:b0:e3:69:18:
06:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:31:11:B9:FC:2F:53:7B:38:F8:17:2F:8F:AB:49:4B:71:E1:95:0C
X509v3 Authority Key Identifier:
keyid:E4:5B:9D:AE:AA:03:42:55:EA:33:11:4F:58:B8:8C:1C:3E:3C:7C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5FudrqoDQlXqMxFPWLiMHD48fK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/ZDERufwvU3s4-Bcvj6tJS3HhlQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/4d6b88-20c6-4c42-8799-4b917592357c/1/5FudrqoDQlXqMxFPWLiMHD48fK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.215.0/24
Signature Algorithm: sha256WithRSAEncryption
03:6b:fd:e9:14:28:07:1f:30:b4:23:93:83:cc:8c:db:1a:f1:
30:f5:c4:bd:c4:1f:fd:33:b8:c5:37:0d:f0:cb:ad:e4:65:f0:
79:9d:f8:91:39:47:f9:e9:0f:9a:b8:8a:26:25:46:65:12:97:
62:16:61:19:41:53:40:f4:be:85:8b:d1:c2:5f:7c:8c:e7:bc:
ac:6f:0a:e1:9f:ac:4e:a3:54:fc:09:60:b9:e4:8a:36:36:50:
cb:cc:12:23:2d:25:ec:4b:a2:af:2a:f5:e0:b3:11:17:b3:2b:
56:37:ae:7d:0b:be:29:4f:ba:4f:32:db:24:13:ba:d0:44:8c:
0f:49:36:21:d0:95:9d:cd:7c:72:22:6d:9a:f3:f6:c2:96:b8:
d2:0d:ce:a1:ad:62:63:e8:5c:3f:12:3e:61:ae:6f:1a:f8:96:
b4:61:5c:9c:ba:6a:02:80:6f:4e:d7:4c:7d:15:92:51:c5:33:
8d:73:f6:b0:69:74:61:2e:d9:7d:15:3d:b7:17:19:77:dd:58:
a4:89:53:51:2a:95:a8:79:61:20:58:5a:65:1d:d9:81:30:7c:
13:42:4a:ab:77:b3:59:7b:3f:09:a9:35:e5:cf:e7:8b:40:e6:
fa:32:ba:5b:94:08:d2:19:1e:3a:1c:2e:93:68:c0:47:88:9f:
10:8e:31:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlQ1FEwWONbJDT20ghdDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NWI5ZGFlYWEwMzQyNTVlYTMzMTE0ZjU4Yjg4YzFjM2Uz
YzdjYWYwHhcNMjMwMTAyMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMxMTFiOWZjMmY1MzdiMzhmODE3MmY4ZmFiNDk0YjcxZTE5NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTjqlZqTyHboWNXsYCQBfFeaKfc7
TF76mMLghaDCF+vnV5RtoCyVb+TvbNG48Dei7nSftKn56Il7tGimDaTlrX/mZmWq
QD9x6MwGb6Hx3IF3lHcn1t8t9YEvHCeaXoYNgaE2GklaTpA7+5cJ6nntaoKWc64Q
zOcP74qGAKjb7zKAf+4+icUlWS82wxzIe1oRrkRL8WboNqglz/1nqDjT2hU0NJyk
Ai0iEywOHVTDv1B031B2JquakTWqbCv5B0o5BNdvSO2X+DvOJaqGPl4V17E/swNt
T54ca1X56/0i649mJG39++3Jf5LeItjXPzd1ey7zVqHCSabGMLDjaRgGMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQxEbn8L1N7OPgXL4+rSUtx4ZUMMB8GA1UdIwQY
MBaAFORbna6qA0JV6jMRT1i4jBw+PHyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUZ1ZHJxb0RRbFhxTXhGUFdMaU1IRDQ4Zks4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80ZDZiODgtMjBjNi00YzQyLTg3OTkt
NGI5MTc1OTIzNTdjLzEvWkRFUnVmd3ZVM3M0LUJjdmo2dEpTM0hobFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80ZDZiODgtMjBjNi00YzQyLTg3OTktNGI5MTc1OTIzNTdj
LzEvNUZ1ZHJxb0RRbFhxTXhGUFdMaU1IRDQ4Zks4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4rXMA0G
CSqGSIb3DQEBCwUAA4IBAQADa/3pFCgHHzC0I5ODzIzbGvEw9cS9xB/9M7jFNw3w
y63kZfB5nfiROUf56Q+auIomJUZlEpdiFmEZQVNA9L6Fi9HCX3yM57ysbwrhn6xO
o1T8CWC55Io2NlDLzBIjLSXsS6KvKvXgsxEXsytWN659C74pT7pPMtskE7rQRIwP
STYh0JWdzXxyIm2a8/bClrjSDc6hrWJj6Fw/Ej5hrm8a+Ja0YVycumoCgG9O10x9
FZJRxTONc/awaXRhLtl9FT23Fxl33VikiVNRKpWoeWEgWFplHdmBMHwTQkqrd7NZ
ez8JqTXlz+eLQOb6MrpblAjSGR46HC6TaMBHiJ8QjjHt
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:13 2025 by rpki-client