Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/ZcYdn2uQnl-14WkTHhLMWlSvf3M.roa
File: ZcYdn2uQnl-14WkTHhLMWlSvf3M.roa (raw, json)
Hash identifier: jlofRoyomOc+H79YzgRj10iZssQo16IELWIDauarEco=
Subject key identifier: 65:C6:1D:9F:6B:90:9E:5F:B5:E1:69:13:1E:12:CC:5A:54:AF:7F:73
Certificate issuer: /CN=bfd786b24b4b30275bcc8d5244e34ee00481d790
Certificate serial: 02797976
Authority key identifier: BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/ZcYdn2uQnl-14WkTHhLMWlSvf3M.roa
Signing time: Sat 01 Jan 2022 06:57:19 +0000
ROA not before: Sat 01 Jan 2022 06:57:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6831
IP address blocks: 188.94.190.0/24 maxlen: 24
195.178.28.0/23 maxlen: 24
193.238.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41515382 (0x2797976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd786b24b4b30275bcc8d5244e34ee00481d790
Validity
Not Before: Jan 1 06:57:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65c61d9f6b909e5fb5e169131e12cc5a54af7f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:b0:4b:51:a5:c1:5a:21:9c:c6:eb:81:85:
bf:ff:dc:8e:08:17:2d:65:56:12:ef:02:fa:82:0f:
d5:40:aa:78:8c:59:1a:82:56:05:8b:ec:35:bd:2c:
e5:3c:50:f6:51:d3:2c:93:02:0a:d4:0c:22:7a:40:
03:df:0d:2a:65:25:a3:df:e8:07:6c:f0:15:db:5c:
23:f8:93:34:72:98:44:30:cf:18:a6:f6:bc:17:30:
89:20:75:a2:f7:81:16:51:67:fe:e6:8c:6b:d6:71:
0a:d6:c6:af:22:d0:87:ee:55:0b:ca:c5:15:10:ab:
63:e0:e3:bc:e9:46:a2:9b:28:10:75:94:de:ea:61:
f2:f1:50:24:93:10:39:bd:03:31:08:eb:68:fa:5c:
4b:ec:92:d6:c0:fb:d6:cd:78:89:17:8e:34:5b:dd:
2c:16:d3:f7:fe:79:03:1d:a6:2c:f2:5a:f8:40:17:
b1:83:3a:62:2c:c2:4e:ba:39:be:a1:3c:1b:33:33:
6f:88:f6:39:ab:e1:e1:10:99:1a:04:3e:42:63:f1:
46:1c:c1:8f:d3:33:f7:ab:3c:b9:50:7d:c5:45:c7:
b3:91:94:c2:a7:17:4a:53:03:54:01:42:73:7a:39:
8b:f1:b9:91:ab:8f:88:4a:12:9d:69:ca:9b:b4:fc:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C6:1D:9F:6B:90:9E:5F:B5:E1:69:13:1E:12:CC:5A:54:AF:7F:73
X509v3 Authority Key Identifier:
keyid:BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/ZcYdn2uQnl-14WkTHhLMWlSvf3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/v9eGsktLMCdbzI1SRONO4ASB15A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.190.0/24
193.238.100.0/22
195.178.28.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:57:5a:14:26:bc:22:d0:ab:d3:04:a3:e6:e8:fb:5e:25:9f:
43:67:88:50:c7:62:32:d9:07:19:46:55:72:0f:1e:58:e5:05:
c4:8a:4a:4a:11:93:9e:57:03:b3:1b:8a:7c:26:4f:14:4c:3a:
6d:13:47:52:6b:65:82:47:5c:d0:f8:db:e6:63:f5:b9:ae:90:
7d:3c:e8:b5:d9:3e:77:15:d2:c6:a7:9c:57:35:2d:93:a3:21:
c2:76:1c:cf:7b:04:d7:09:65:54:f1:ce:82:44:6a:ef:26:f8:
38:04:81:71:4a:6b:e8:15:89:83:54:24:6d:25:63:7c:69:71:
73:ba:cf:f8:20:02:db:1e:99:ce:8d:6a:b0:14:e0:86:de:5c:
2d:98:5b:71:63:52:d8:af:75:ba:b8:e8:a0:7b:e6:40:cd:fc:
bd:7e:9b:65:15:34:7d:3f:4a:8e:99:db:5a:2c:1d:5d:8f:d2:
9d:2c:a4:8b:87:8f:9f:c4:4e:b6:54:8f:21:49:58:10:66:e7:
91:39:72:a0:ca:f3:f1:e0:23:24:a3:84:bd:6f:b1:04:44:e6:
d0:d6:7c:51:64:ee:4e:31:27:4b:5c:47:ca:91:0f:b0:08:7e:
7f:1b:44:ad:0d:78:3e:4a:f7:18:54:43:7e:23:ac:35:91:87:
bb:f2:fe:6c
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAnl5djANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmQ3ODZiMjRiNGIzMDI3NWJjYzhkNTI0NGUzNGVlMDA0ODFkNzkwMB4XDTIyMDEw
MTA2NTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVjNjFkOWY2Yjkw
OWU1ZmI1ZTE2OTEzMWUxMmNjNWE1NGFmN2Y3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZ3sEtRpcFaIZzG64GFv//cjggXLWVWEu8C+oIP1UCqeIxZ
GoJWBYvsNb0s5TxQ9lHTLJMCCtQMInpAA98NKmUlo9/oB2zwFdtcI/iTNHKYRDDP
GKb2vBcwiSB1oveBFlFn/uaMa9ZxCtbGryLQh+5VC8rFFRCrY+DjvOlGopsoEHWU
3uph8vFQJJMQOb0DMQjraPpcS+yS1sD71s14iReONFvdLBbT9/55Ax2mLPJa+EAX
sYM6YizCTro5vqE8GzMzb4j2Oavh4RCZGgQ+QmPxRhzBj9Mz96s8uVB9xUXHs5GU
wqcXSlMDVAFCc3o5i/G5kauPiEoSnWnKm7T8gPcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRlxh2fa5CeX7XhaRMeEsxaVK9/czAfBgNVHSMEGDAWgBS/14ayS0swJ1vM
jVJE407gBIHXkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y5ZUdza3RMTUNkYnpJMVNST05PNEFTQjE1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTE0ZWJlLTQ1ZGQtNDRkYi1iOWI3LTFhMWY5MzY0NTRlYy8x
L1pjWWRuMnVRbmwtMTRXa1RIaExNV2xTdmYzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTE0ZWJlLTQ1ZGQtNDRkYi1iOWI3LTFhMWY5MzY0NTRlYy8xL3Y5ZUdza3RMTUNk
YnpJMVNST05PNEFTQjE1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALxevgMEAsHuZAMEAcOyHDANBgkq
hkiG9w0BAQsFAAOCAQEATVdaFCa8ItCr0wSj5uj7XiWfQ2eIUMdiMtkHGUZVcg8e
WOUFxIpKShGTnlcDsxuKfCZPFEw6bRNHUmtlgkdc0Pjb5mP1ua6QfTzotdk+dxXS
xqecVzUtk6MhwnYcz3sE1wllVPHOgkRq7yb4OASBcUpr6BWJg1QkbSVjfGlxc7rP
+CAC2x6Zzo1qsBTght5cLZhbcWNS2K91urjooHvmQM38vX6bZRU0fT9KjpnbWiwd
XY/SnSyki4ePn8ROtlSPIUlYEGbnkTlyoMrz8eAjJKOEvW+xBETm0NZ8UWTuTjEn
S1xHypEPsAh+fxtErQ14Pkr3GFRDfiOsNZGHu/L+bA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:05 2025 by rpki-client