Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/zAI5w7G_kjTBu9QgGEN34RYcMNY.roa
File: zAI5w7G_kjTBu9QgGEN34RYcMNY.roa (raw, json)
Hash identifier: LJEVEXvOmCc3tLitOqpp+dsvnlkcj8iVxjMOG4zJpVE=
Subject key identifier: CC:02:39:C3:B1:BF:92:34:C1:BB:D4:20:18:43:77:E1:16:1C:30:D6
Certificate issuer: /CN=82fa25b2fcb1468114b738928ab20d8761bf8831
Certificate serial: 0188DE6403E385DA9D4323091EE419B5069C
Authority key identifier: 82:FA:25:B2:FC:B1:46:81:14:B7:38:92:8A:B2:0D:87:61:BF:88:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gvolsvyxRoEUtziSirINh2G_iDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/zAI5w7G_kjTBu9QgGEN34RYcMNY.roa
Signing time: Wed 21 Jun 2023 14:37:56 +0000
ROA not before: Wed 21 Jun 2023 14:37:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25215
IP address blocks: 155.140.82.0/24 maxlen: 24
155.140.91.0/24 maxlen: 24
155.140.90.0/24 maxlen: 24
155.140.90.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:64:03:e3:85:da:9d:43:23:09:1e:e4:19:b5:06:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82fa25b2fcb1468114b738928ab20d8761bf8831
Validity
Not Before: Jun 21 14:37:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc0239c3b1bf9234c1bbd420184377e1161c30d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:05:f8:09:47:cb:f5:6e:86:8c:93:da:ba:b0:
c5:0d:2b:48:69:24:0b:b1:e6:9b:48:a5:39:83:16:
95:cf:a2:ca:34:bb:d2:cb:dc:b0:19:1f:7a:21:ca:
d0:70:a1:ed:ce:75:63:81:34:a0:ba:d5:48:81:9d:
6f:20:78:e4:1d:7f:93:21:82:14:84:15:d3:28:37:
8e:0c:ce:22:87:51:d1:16:ee:e8:3c:84:fa:81:d0:
65:47:c2:02:dd:72:f6:8e:17:52:8a:fb:f8:15:41:
37:72:22:f9:c9:8d:28:70:5e:08:6f:7c:9e:60:51:
fe:9e:f5:54:1c:c2:db:31:a7:11:dc:b1:65:03:1c:
36:d0:81:fc:72:cf:00:fb:a0:d2:8a:6b:03:25:5e:
b6:53:e5:7a:72:bc:83:0a:e2:f5:e6:30:5d:64:30:
7c:d4:f8:fd:a5:5d:14:74:3e:3b:48:92:9c:c9:bc:
f0:cf:63:c4:a0:e5:42:1a:95:75:a4:d4:bf:d9:f9:
97:43:ad:e4:0a:f4:4e:c8:0f:ac:18:1d:03:a3:50:
06:b9:32:69:67:2b:1d:ac:ca:6b:c9:6c:7c:ba:17:
41:3f:c4:75:66:86:9a:a5:76:89:a1:e9:3d:8e:bb:
75:ee:be:66:d2:3b:d0:22:30:18:29:a2:93:66:80:
89:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:02:39:C3:B1:BF:92:34:C1:BB:D4:20:18:43:77:E1:16:1C:30:D6
X509v3 Authority Key Identifier:
keyid:82:FA:25:B2:FC:B1:46:81:14:B7:38:92:8A:B2:0D:87:61:BF:88:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gvolsvyxRoEUtziSirINh2G_iDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/zAI5w7G_kjTBu9QgGEN34RYcMNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/gvolsvyxRoEUtziSirINh2G_iDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.140.82.0/24
155.140.90.0/23
Signature Algorithm: sha256WithRSAEncryption
53:a6:92:1b:30:f1:86:8c:94:5d:52:c1:d2:a6:13:45:1a:57:
db:a4:65:a2:81:ee:11:0c:2b:8b:eb:17:f0:d3:ec:94:ad:1e:
2f:68:3a:b0:ed:c8:51:c1:95:93:5d:9c:16:59:8b:dc:a7:d1:
ad:eb:3b:f3:0b:fd:62:cf:a5:c6:3c:2c:98:98:9e:da:4d:17:
b2:f9:da:61:7a:a5:c4:12:29:8d:65:30:36:9e:4a:9b:92:7b:
32:ca:e9:9f:f0:03:3f:09:73:61:0d:86:da:d6:84:ea:73:87:
8e:e6:c3:35:ed:2a:ee:4a:87:d5:7e:d6:29:18:55:3f:0f:04:
1b:c6:f1:22:b6:ff:b0:9c:b1:54:fd:72:1a:24:44:3f:85:64:
18:45:e7:6a:80:bb:f6:b8:0f:34:57:78:c3:ae:f4:2a:5a:0b:
dd:79:ee:1e:06:d3:f2:fb:1c:c7:80:f0:68:e5:b1:94:c7:a7:
91:ba:e1:08:b6:fc:08:ff:02:eb:c9:32:ca:67:75:3d:05:94:
d8:32:75:e1:3d:60:41:68:7b:3a:46:bd:26:8b:12:7c:09:2c:
b2:95:ac:2b:d5:db:73:2f:d3:92:ba:d0:f3:b5:7b:bc:f9:0e:
d8:bc:da:bf:9e:87:bc:15:40:b4:7b:53:d1:35:b9:00:c2:ba:
05:ac:83:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjeZAPjhdqdQyMJHuQZtQacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZmEyNWIyZmNiMTQ2ODExNGI3Mzg5MjhhYjIwZDg3NjFi
Zjg4MzEwHhcNMjMwNjIxMTQzNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAyMzljM2IxYmY5MjM0YzFiYmQ0MjAxODQzNzdlMTE2MWMzMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwX4CUfL9W6GjJPaurDFDStIaSQL
seabSKU5gxaVz6LKNLvSy9ywGR96IcrQcKHtznVjgTSgutVIgZ1vIHjkHX+TIYIU
hBXTKDeODM4ih1HRFu7oPIT6gdBlR8IC3XL2jhdSivv4FUE3ciL5yY0ocF4Ib3ye
YFH+nvVUHMLbMacR3LFlAxw20IH8cs8A+6DSimsDJV62U+V6cryDCuL15jBdZDB8
1Pj9pV0UdD47SJKcybzwz2PEoOVCGpV1pNS/2fmXQ63kCvROyA+sGB0Do1AGuTJp
ZysdrMpryWx8uhdBP8R1ZoaapXaJoek9jrt17r5m0jvQIjAYKaKTZoCJBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMwCOcOxv5I0wbvUIBhDd+EWHDDWMB8GA1UdIwQY
MBaAFIL6JbL8sUaBFLc4koqyDYdhv4gxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZvbHN2eXhSb0VVdHppU2lySU5oMkdfaURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMzcxYTYtZjVmMy00M2JmLWFmZjQt
NzY4NWM5NjcwMDE3LzEvekFJNXc3R19ralRCdTlRZ0dFTjM0UlljTU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMzcxYTYtZjVmMy00M2JmLWFmZjQtNzY4NWM5NjcwMDE3
LzEvZ3ZvbHN2eXhSb0VVdHppU2lySU5oMkdfaURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAm4xSAwQB
m4xaMA0GCSqGSIb3DQEBCwUAA4IBAQBTppIbMPGGjJRdUsHSphNFGlfbpGWige4R
DCuL6xfw0+yUrR4vaDqw7chRwZWTXZwWWYvcp9Gt6zvzC/1iz6XGPCyYmJ7aTRey
+dpheqXEEimNZTA2nkqbknsyyumf8AM/CXNhDYba1oTqc4eO5sM17SruSofVftYp
GFU/DwQbxvEitv+wnLFU/XIaJEQ/hWQYRedqgLv2uA80V3jDrvQqWgvdee4eBtPy
+xzHgPBo5bGUx6eRuuEItvwI/wLryTLKZ3U9BZTYMnXhPWBBaHs6Rr0mixJ8CSyy
lawr1dtzL9OSutDztXu8+Q7YvNq/noe8FUC0e1PRNbkAwroFrIPk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:55 2025 by rpki-client