Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/znKYMA8x_ycQlP7m-hC4YiTJ9q4.roa
File: znKYMA8x_ycQlP7m-hC4YiTJ9q4.roa (raw, json)
Hash identifier: 6o9dX0xqk1Dy8TvZgpO+T59t2Kcqgq2TQ1X1Gl7kLIo=
Subject key identifier: CE:72:98:30:0F:31:FF:27:10:94:FE:E6:FA:10:B8:62:24:C9:F6:AE
Certificate issuer: /CN=c1db67b85104e4db598fea15678699c92473bda0
Certificate serial: 018A1E826E81C686D6737EBEB7858C5DD760
Authority key identifier: C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/znKYMA8x_ycQlP7m-hC4YiTJ9q4.roa
Signing time: Tue 22 Aug 2023 18:29:38 +0000
ROA not before: Tue 22 Aug 2023 18:29:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208626
IP address blocks: 185.64.76.0/24 maxlen: 24
2a0c:dd80:3000::/48 maxlen: 48
2a0c:dd80:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1e:82:6e:81:c6:86:d6:73:7e:be:b7:85:8c:5d:d7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1db67b85104e4db598fea15678699c92473bda0
Validity
Not Before: Aug 22 18:29:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce7298300f31ff271094fee6fa10b86224c9f6ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:15:f9:dc:84:65:0a:22:00:4b:3b:a9:e9:5b:
e1:e5:be:32:3d:bf:2a:ba:14:ec:d9:0c:2e:4d:5b:
0a:63:fd:57:87:f9:de:60:41:1c:e7:dc:3f:6c:28:
d5:8f:5d:30:10:f1:72:28:84:ea:7c:47:df:c8:2e:
92:e4:8c:b9:1f:30:33:c1:03:5f:22:16:02:ad:34:
f0:19:d1:81:7a:46:d0:43:3c:ae:56:4a:0e:c0:30:
67:6b:62:f4:a0:48:75:cb:61:b2:d5:fe:dc:70:63:
aa:d2:cf:62:e6:5e:b6:b5:0e:3b:ed:d9:ae:88:00:
15:3e:2a:35:c8:62:87:41:e7:2d:3c:8c:c0:04:45:
b7:3f:02:74:47:4b:60:a5:cf:72:ac:4b:fc:45:80:
03:c2:a7:aa:c4:f6:9f:4b:a9:eb:09:dd:57:70:44:
73:87:ab:7d:74:5e:3e:0a:f0:a3:36:49:b9:f2:95:
06:de:ed:02:be:a7:de:bb:88:49:56:54:ab:55:6a:
d5:1c:2a:5a:dc:b9:f8:aa:fd:24:1d:f9:da:0a:ef:
12:96:6c:d8:3f:c8:47:35:fc:54:21:c6:51:1f:c2:
28:3d:d5:8d:16:05:44:da:3d:49:cb:06:ec:89:37:
ce:b9:c3:8e:50:25:db:04:60:20:95:62:0d:52:b1:
a6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:72:98:30:0F:31:FF:27:10:94:FE:E6:FA:10:B8:62:24:C9:F6:AE
X509v3 Authority Key Identifier:
keyid:C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/znKYMA8x_ycQlP7m-hC4YiTJ9q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/wdtnuFEE5NtZj-oVZ4aZySRzvaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.76.0/24
IPv6:
2a0c:dd80:1000::/48
2a0c:dd80:3000::/48
Signature Algorithm: sha256WithRSAEncryption
6d:f4:15:49:a8:43:21:c1:d2:67:1e:68:a9:49:64:45:4d:fc:
6c:0e:5c:70:bd:db:bc:79:bf:30:fb:11:fc:09:ba:1b:19:dc:
1b:ec:b6:bb:bb:10:32:4d:fc:ef:4f:c9:0e:3f:21:21:84:04:
be:d7:6e:31:b0:4f:d3:fb:09:cb:38:84:7f:38:ac:8d:89:8d:
66:45:6b:e0:ae:71:a7:f2:ee:33:10:b3:44:e4:6b:4f:3e:63:
45:a7:fe:33:ea:9a:28:c3:a7:92:e8:46:cc:2b:af:85:dd:fa:
d2:ac:02:9a:62:a4:f3:32:89:bf:11:7a:13:b8:37:29:3a:fa:
c7:be:e4:c6:f7:2c:f9:87:c7:32:81:35:f7:7f:37:5e:05:73:
dd:2d:9a:bc:e6:e2:93:72:e5:d3:f2:44:6a:7d:6a:6f:ac:7f:
36:c1:f1:34:c0:62:53:76:7f:73:ad:29:7d:79:e6:21:3a:47:
3a:57:47:aa:53:e0:74:6f:d5:d6:25:33:f9:e6:34:e2:32:38:
b2:b4:86:7b:d0:28:2a:ed:0a:97:4f:46:c8:9c:f3:b9:9d:e2:
e8:a4:0c:b3:26:3c:84:3c:d9:9e:62:99:f5:b0:85:a4:b6:c0:
84:0e:95:19:f2:df:b6:bf:32:03:1c:c1:37:d9:b0:45:20:f5:
f4:d9:64:90
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYoegm6BxobWc36+t4WMXddgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZGI2N2I4NTEwNGU0ZGI1OThmZWExNTY3ODY5OWM5MjQ3
M2JkYTAwHhcNMjMwODIyMTgyOTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTcyOTgzMDBmMzFmZjI3MTA5NGZlZTZmYTEwYjg2MjI0YzlmNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRX53IRlCiIASzup6Vvh5b4yPb8q
uhTs2QwuTVsKY/1Xh/neYEEc59w/bCjVj10wEPFyKITqfEffyC6S5Iy5HzAzwQNf
IhYCrTTwGdGBekbQQzyuVkoOwDBna2L0oEh1y2Gy1f7ccGOq0s9i5l62tQ477dmu
iAAVPio1yGKHQectPIzABEW3PwJ0R0tgpc9yrEv8RYADwqeqxPafS6nrCd1XcERz
h6t9dF4+CvCjNkm58pUG3u0Cvqfeu4hJVlSrVWrVHCpa3Ln4qv0kHfnaCu8SlmzY
P8hHNfxUIcZRH8IoPdWNFgVE2j1JywbsiTfOucOOUCXbBGAglWINUrGmsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM5ymDAPMf8nEJT+5voQuGIkyfauMB8GA1UdIwQY
MBaAFMHbZ7hRBOTbWY/qFWeGmckkc72gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjkt
N2Q0YzhmMzdmNWZkLzEvem5LWU1BOHhfeWNRbFA3bS1oQzRZaVRKOXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjktN2Q0YzhmMzdmNWZk
LzEvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuUBMMBgE
AgACMBIDBwAqDN2AEAADBwAqDN2AMAAwDQYJKoZIhvcNAQELBQADggEBAG30FUmo
QyHB0mceaKlJZEVN/GwOXHC927x5vzD7EfwJuhsZ3Bvstru7EDJN/O9PyQ4/ISGE
BL7XbjGwT9P7Ccs4hH84rI2JjWZFa+Cucafy7jMQs0Tka08+Y0Wn/jPqmijDp5Lo
Rswrr4Xd+tKsAppipPMyib8RehO4Nyk6+se+5Mb3LPmHxzKBNfd/N14Fc90tmrzm
4pNy5dPyRGp9am+sfzbB8TTAYlN2f3OtKX155iE6RzpXR6pT4HRv1dYlM/nmNOIy
OLK0hnvQKCrtCpdPRsic87md4uikDLMmPIQ82Z5imfWwhaS2wIQOlRny37a/MgMc
wTfZsEUg9fTZZJA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:48 2025 by rpki-client