Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/c7cbb1-0dcd-42f4-bf63-3df471c01c9e/1/rdzaMzUILw6XO62uSI8I7xdgt7s.roa
File: rdzaMzUILw6XO62uSI8I7xdgt7s.roa (raw, json)
Hash identifier: dTlgjkaPpdjbp84TyV7EmIH2OQXxPkcBDtDoXe5Ys+U=
Subject key identifier: AD:DC:DA:33:35:08:2F:0E:97:3B:AD:AE:48:8F:08:EF:17:60:B7:BB
Certificate issuer: /CN=ff329b98904a2ece8482e0f258f5c34fead58ce2
Certificate serial: 0185711E72F6B8325DB02944AC2429F4FC96
Authority key identifier: FF:32:9B:98:90:4A:2E:CE:84:82:E0:F2:58:F5:C3:4F:EA:D5:8C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zKbmJBKLs6EguDyWPXDT-rVjOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/c7cbb1-0dcd-42f4-bf63-3df471c01c9e/1/rdzaMzUILw6XO62uSI8I7xdgt7s.roa
Signing time: Mon 02 Jan 2023 06:14:58 +0000
ROA not before: Mon 02 Jan 2023 06:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1930
IP address blocks: 192.136.52.0/24 maxlen: 24
192.92.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:72:f6:b8:32:5d:b0:29:44:ac:24:29:f4:fc:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff329b98904a2ece8482e0f258f5c34fead58ce2
Validity
Not Before: Jan 2 06:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=addcda3335082f0e973badae488f08ef1760b7bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d6:5d:65:c4:eb:6b:81:fc:12:e5:a2:25:22:
14:9e:fd:8a:93:89:e7:ba:7d:de:4d:4b:c9:14:00:
be:dd:6a:6d:d1:f7:99:c8:92:ae:b0:62:98:10:1d:
36:a6:29:6e:95:0a:e4:90:4e:b0:49:47:69:29:83:
c8:0a:ad:a7:08:38:9e:03:ac:47:a5:ba:32:31:8e:
9a:23:91:ad:71:e0:12:4c:6d:1b:65:bd:72:e1:bf:
50:71:72:9a:e4:76:d5:9e:8b:c4:1e:d4:7a:8f:4b:
6d:54:1d:3b:4a:a4:12:d4:3f:d7:1f:e1:1f:4b:84:
23:99:c8:69:58:c9:14:15:16:25:14:af:27:28:ab:
26:7b:0d:78:62:c1:4a:8d:d9:2d:a7:8a:29:e8:23:
b4:d5:e9:e5:4c:d4:43:c9:0c:85:90:91:19:90:20:
3c:28:9e:30:3f:e8:62:21:1d:3c:56:3c:cf:4b:43:
d4:4f:12:2e:8a:b3:84:50:37:54:8e:50:2b:ab:45:
c7:3d:d1:7b:6e:c2:9c:00:0a:8b:bf:ad:02:e4:41:
be:6b:fa:9a:d8:f6:57:66:8d:69:4b:4c:4a:0e:3d:
9b:1b:21:4e:c7:30:22:f6:16:8e:7c:1a:0d:ec:90:
d1:c1:d0:69:4f:d0:e7:66:1e:3f:46:67:2e:15:d0:
42:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DC:DA:33:35:08:2F:0E:97:3B:AD:AE:48:8F:08:EF:17:60:B7:BB
X509v3 Authority Key Identifier:
keyid:FF:32:9B:98:90:4A:2E:CE:84:82:E0:F2:58:F5:C3:4F:EA:D5:8C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zKbmJBKLs6EguDyWPXDT-rVjOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c7cbb1-0dcd-42f4-bf63-3df471c01c9e/1/rdzaMzUILw6XO62uSI8I7xdgt7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c7cbb1-0dcd-42f4-bf63-3df471c01c9e/1/_zKbmJBKLs6EguDyWPXDT-rVjOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.92.133.0/24
192.136.52.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:2d:4c:e3:28:d8:ff:78:6d:18:aa:f3:6c:df:4f:3f:95:27:
dd:9c:8c:a7:d8:60:b7:a0:6d:1d:1b:80:a2:99:81:7a:99:95:
a4:0d:5d:59:de:d4:2b:97:24:bb:e4:50:6f:19:ec:96:c2:34:
3b:ce:65:cf:2d:c1:f3:e9:4f:88:58:1b:f2:9a:92:ff:f2:a1:
e6:2d:d5:09:0e:81:69:28:07:67:5f:da:68:3f:db:69:f2:4f:
52:77:57:d9:c3:33:0c:5a:1c:e4:4a:0b:27:95:a4:99:85:3a:
21:b6:9b:f1:93:93:2b:de:bb:85:43:9d:f7:a8:d8:43:c7:cb:
97:1b:8e:fc:96:c6:ab:54:76:5e:69:f1:83:86:19:bf:63:c0:
e4:b6:38:05:42:68:fb:79:0c:12:28:a2:3e:9e:f9:0f:8b:fe:
da:59:8c:6f:20:7f:4d:d6:04:25:4a:c7:e2:4b:ee:d1:cf:f3:
2f:0e:a2:d5:f9:b2:83:c2:6d:44:c6:6e:79:14:b5:f9:46:df:
ea:5a:84:cf:87:61:db:d1:0d:6e:5b:d2:65:fc:3b:fb:53:51:
dd:a0:a7:51:d6:a0:97:81:0b:00:7e:a2:53:d3:ec:62:1f:61:
84:1f:50:61:b1:4d:81:0d:e1:ce:28:b2:e5:89:2e:51:d7:8b:
25:3e:95:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxHnL2uDJdsClErCQp9PyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzI5Yjk4OTA0YTJlY2U4NDgyZTBmMjU4ZjVjMzRmZWFk
NThjZTIwHhcNMjMwMTAyMDYxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGRjZGEzMzM1MDgyZjBlOTczYmFkYWU0ODhmMDhlZjE3NjBiN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9ZdZcTra4H8EuWiJSIUnv2Kk4nn
un3eTUvJFAC+3Wpt0feZyJKusGKYEB02pilulQrkkE6wSUdpKYPICq2nCDieA6xH
pboyMY6aI5GtceASTG0bZb1y4b9QcXKa5HbVnovEHtR6j0ttVB07SqQS1D/XH+Ef
S4QjmchpWMkUFRYlFK8nKKsmew14YsFKjdktp4op6CO01enlTNRDyQyFkJEZkCA8
KJ4wP+hiIR08VjzPS0PUTxIuirOEUDdUjlArq0XHPdF7bsKcAAqLv60C5EG+a/qa
2PZXZo1pS0xKDj2bGyFOxzAi9haOfBoN7JDRwdBpT9DnZh4/RmcuFdBCNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK3c2jM1CC8OlzutrkiPCO8XYLe7MB8GA1UdIwQY
MBaAFP8ym5iQSi7OhILg8lj1w0/q1YziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pLYm1KQktMczZFZ3VEeVdQWERULXJWak9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9jN2NiYjEtMGRjZC00MmY0LWJmNjMt
M2RmNDcxYzAxYzllLzEvcmR6YU16VUlMdzZYTzYydVNJOEk3eGRndDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9jN2NiYjEtMGRjZC00MmY0LWJmNjMtM2RmNDcxYzAxYzll
LzEvX3pLYm1KQktMczZFZ3VEeVdQWERULXJWak9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwFyFAwQA
wIg0MA0GCSqGSIb3DQEBCwUAA4IBAQCeLUzjKNj/eG0YqvNs308/lSfdnIyn2GC3
oG0dG4CimYF6mZWkDV1Z3tQrlyS75FBvGeyWwjQ7zmXPLcHz6U+IWBvympL/8qHm
LdUJDoFpKAdnX9poP9tp8k9Sd1fZwzMMWhzkSgsnlaSZhTohtpvxk5Mr3ruFQ533
qNhDx8uXG478lsarVHZeafGDhhm/Y8DktjgFQmj7eQwSKKI+nvkPi/7aWYxvIH9N
1gQlSsfiS+7Rz/MvDqLV+bKDwm1Exm55FLX5Rt/qWoTPh2Hb0Q1uW9Jl/Dv7U1Hd
oKdR1qCXgQsAfqJT0+xiH2GEH1BhsU2BDeHOKLLliS5R14slPpVw
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:25 2025 by rpki-client