Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/ZpFbAGeE398IvYpTPLB8MFb1Z5U.roa
File: ZpFbAGeE398IvYpTPLB8MFb1Z5U.roa (raw, json)
Hash identifier: v0MP/Y2bq5VT/vnhA+XOBTfHwzP/4tO4QloCBWUgU1w=
Subject key identifier: 66:91:5B:00:67:84:DF:DF:08:BD:8A:53:3C:B0:7C:30:56:F5:67:95
Certificate issuer: /CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
Certificate serial: 0185720C6CDE23DAD588B754691D1141FBBC
Authority key identifier: DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/ZpFbAGeE398IvYpTPLB8MFb1Z5U.roa
Signing time: Mon 02 Jan 2023 10:34:55 +0000
ROA not before: Mon 02 Jan 2023 10:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42184
IP address blocks: 195.66.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:6c:de:23:da:d5:88:b7:54:69:1d:11:41:fb:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
Validity
Not Before: Jan 2 10:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66915b006784dfdf08bd8a533cb07c3056f56795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:8a:ea:14:db:8e:02:22:88:fd:25:d7:51:
1b:3a:20:e8:72:76:3e:ff:56:cc:a2:55:0d:58:8a:
88:c8:dd:52:9e:7d:df:75:aa:c9:05:5f:c7:b3:c4:
a1:6c:72:5a:8f:6f:dd:19:e2:d7:5f:0a:19:56:6a:
d9:76:63:e0:c7:bf:bc:47:64:d2:a1:cb:2e:05:b5:
6b:11:af:d6:04:e7:fb:e5:c0:c0:84:3a:c9:d9:dd:
f2:89:b1:62:2e:9e:46:6e:ce:ac:22:f6:42:25:6e:
5f:9f:2a:43:36:30:bd:3e:66:8a:19:26:c6:96:be:
89:4b:ce:f5:45:82:ea:da:69:59:41:bf:3b:25:d0:
1f:c6:f5:e4:0a:bd:43:d2:80:32:32:d3:4a:f0:61:
5c:90:b9:0c:49:8a:bd:ed:50:10:8a:0d:30:77:ef:
78:46:1e:fc:a0:b4:07:d7:4e:7e:75:70:28:09:15:
6a:56:1c:42:20:8d:0a:df:6c:86:ab:20:a7:eb:0d:
71:56:e1:01:53:9a:a0:bf:34:17:42:39:da:d9:cf:
eb:75:06:79:fa:52:9e:2d:62:dd:4f:0b:86:8f:52:
cf:c2:2f:02:3d:2b:53:ff:58:7d:28:23:70:01:36:
4d:9e:ba:01:0c:16:63:84:a1:63:b9:a7:7b:ed:79:
81:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:91:5B:00:67:84:DF:DF:08:BD:8A:53:3C:B0:7C:30:56:F5:67:95
X509v3 Authority Key Identifier:
keyid:DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/ZpFbAGeE398IvYpTPLB8MFb1Z5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.121.0/24
Signature Algorithm: sha256WithRSAEncryption
62:70:78:1f:74:51:df:6d:30:bc:6a:09:41:dc:91:a9:b0:b9:
c2:5c:63:d4:a2:3b:b3:54:08:b7:ca:95:90:70:6e:c0:d6:cf:
b1:b1:3d:b4:39:6a:b1:58:47:eb:42:d4:94:57:91:05:b6:aa:
ce:b8:de:be:b4:cc:aa:18:b8:1b:02:5c:e3:cd:89:ff:98:cb:
e1:89:41:c8:a6:4c:a6:5f:5c:d5:d6:38:10:70:2f:37:19:a3:
74:ce:e2:d5:d7:69:55:e7:68:da:e2:7a:0a:66:cd:47:a3:25:
78:26:d0:fc:21:98:2e:f4:e6:5e:2d:c2:6e:b9:83:74:ad:55:
29:bf:21:74:b1:8f:49:0d:94:cc:8a:1b:51:94:9d:de:c0:dc:
db:4c:4c:9d:20:1f:3a:a8:a6:5d:04:2a:3a:a3:08:14:e6:00:
a4:1e:e1:34:e6:51:73:86:6c:2c:7f:fe:53:4e:92:d8:ac:af:
ab:13:6b:b0:fd:32:06:66:c7:34:1c:b5:89:20:f2:2e:4c:be:
a6:85:5d:68:ed:1d:ba:97:c4:06:0a:5b:a3:1e:92:e3:ec:ad:
ba:ed:1e:6d:92:1b:89:18:ca:51:d6:a4:45:12:64:76:7b:30:
02:d9:79:0d:3f:da:fe:f7:44:6b:5f:37:a8:d3:49:ea:49:d7:
4f:48:2f:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDGzeI9rViLdUaR0RQfu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYwZmYzNjVkNGJkOTA4ZGU5MDJlZWRhMDNiMjc5YzJm
ODA5ZDMwHhcNMjMwMTAyMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjkxNWIwMDY3ODRkZmRmMDhiZDhhNTMzY2IwN2MzMDU2ZjU2Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEOK6hTbjgIiiP0l11EbOiDocnY+
/1bMolUNWIqIyN1Snn3fdarJBV/Hs8ShbHJaj2/dGeLXXwoZVmrZdmPgx7+8R2TS
ocsuBbVrEa/WBOf75cDAhDrJ2d3yibFiLp5Gbs6sIvZCJW5fnypDNjC9PmaKGSbG
lr6JS871RYLq2mlZQb87JdAfxvXkCr1D0oAyMtNK8GFckLkMSYq97VAQig0wd+94
Rh78oLQH105+dXAoCRVqVhxCII0K32yGqyCn6w1xVuEBU5qgvzQXQjna2c/rdQZ5
+lKeLWLdTwuGj1LPwi8CPStT/1h9KCNwATZNnroBDBZjhKFjuad77XmBuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGaRWwBnhN/fCL2KUzywfDBW9WeVMB8GA1UdIwQY
MBaAFNqvD/Nl1L2QjekC7toDsnnC+AnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83NzkyNjAtN2JlOS00YjY2LTlkZjAt
NDA5MTc2Zjg0NmQzLzEvWnBGYkFHZUUzOThJdllwVFBMQjhNRmIxWjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83NzkyNjAtN2JlOS00YjY2LTlkZjAtNDA5MTc2Zjg0NmQz
LzEvMnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0J5MA0G
CSqGSIb3DQEBCwUAA4IBAQBicHgfdFHfbTC8aglB3JGpsLnCXGPUojuzVAi3ypWQ
cG7A1s+xsT20OWqxWEfrQtSUV5EFtqrOuN6+tMyqGLgbAlzjzYn/mMvhiUHIpkym
X1zV1jgQcC83GaN0zuLV12lV52ja4noKZs1HoyV4JtD8IZgu9OZeLcJuuYN0rVUp
vyF0sY9JDZTMihtRlJ3ewNzbTEydIB86qKZdBCo6owgU5gCkHuE05lFzhmwsf/5T
TpLYrK+rE2uw/TIGZsc0HLWJIPIuTL6mhV1o7R26l8QGClujHpLj7K267R5tkhuJ
GMpR1qRFEmR2ezAC2XkNP9r+90RrXzeo00nqSddPSC+j
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:20:36 2025 by rpki-client