Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/0ZIkfKWN34MqQYI9lN0UJsz1nzw.roa
File: 0ZIkfKWN34MqQYI9lN0UJsz1nzw.roa (raw, json)
Hash identifier: vmzR8FTvzSQd9+rNjWnQFCSJcJFeAQL4blXALodpyA8=
Subject key identifier: D1:92:24:7C:A5:8D:DF:83:2A:41:82:3D:94:DD:14:26:CC:F5:9F:3C
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: FAC0FF
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/0ZIkfKWN34MqQYI9lN0UJsz1nzw.roa
Signing time: Sat 01 Jan 2022 13:00:58 +0000
ROA not before: Sat 01 Jan 2022 13:00:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 195.182.198.0/23 maxlen: 23
195.182.200.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16433407 (0xfac0ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 13:00:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d192247ca58ddf832a41823d94dd1426ccf59f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b8:8c:08:6c:66:40:33:24:fb:37:fb:fb:ca:
e9:c3:32:a7:93:d7:36:d8:6f:20:26:d7:68:88:a4:
c3:a4:b1:72:f9:e7:58:6d:8a:16:88:c1:7e:5b:29:
42:1c:14:95:74:89:76:21:0e:15:ed:80:d6:89:e0:
b3:01:c1:c5:ac:23:42:48:dc:b8:de:82:e6:98:16:
eb:83:c5:f8:14:fb:ee:fb:96:56:bc:73:72:6d:4d:
e8:aa:f1:cb:7b:89:d2:22:42:70:3e:5e:88:48:83:
56:1f:a3:36:b1:50:cc:be:bf:5b:60:6d:d4:66:24:
6f:9f:f7:98:55:72:ee:d2:d0:8d:4f:35:9d:1e:ff:
27:79:5e:2e:f4:62:38:a5:06:6a:ff:34:60:bc:51:
29:73:7e:61:4e:f9:0d:54:84:c7:e3:ee:8b:0e:09:
22:6b:9f:c9:77:47:45:1e:b1:d5:fc:7b:f7:88:5d:
a6:7c:17:e4:4a:31:99:71:4b:5d:78:eb:46:ab:e6:
ea:1d:df:12:44:d3:7c:8b:f9:06:e5:7f:ce:b6:62:
4d:49:fe:9c:5a:12:c1:dc:dd:13:28:bd:82:5e:0d:
cd:7d:6e:56:d2:12:58:12:86:65:95:8f:93:41:e8:
7a:04:c8:23:af:60:39:3b:5f:35:02:79:96:35:80:
d4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:92:24:7C:A5:8D:DF:83:2A:41:82:3D:94:DD:14:26:CC:F5:9F:3C
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/0ZIkfKWN34MqQYI9lN0UJsz1nzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.198.0-195.182.201.255
Signature Algorithm: sha256WithRSAEncryption
95:08:9e:b1:8c:46:73:c1:00:75:f1:20:db:41:e4:32:89:dc:
65:38:ba:07:5a:96:df:c5:cc:ce:37:68:30:96:65:d9:04:e4:
33:68:05:9a:db:f3:bc:36:8a:af:16:43:27:cc:01:96:25:dc:
40:cf:cf:c7:0a:bd:fa:c8:27:08:5b:be:31:c3:ce:34:06:f0:
e3:00:63:e7:96:96:fc:f4:a4:37:a1:2d:0b:8d:75:c7:a7:b4:
a0:83:7a:62:4f:b4:78:c3:fb:17:93:06:9e:73:34:53:72:14:
c8:d2:3b:4e:1c:7c:74:ce:a9:b7:2d:db:44:d3:d8:b5:e6:1d:
89:b8:d8:2f:44:9d:13:9a:39:1c:82:a5:03:2c:06:8c:cb:90:
1f:de:2f:9b:c2:af:fd:d5:a2:0d:3b:04:45:15:6f:dc:f4:f7:
5f:e1:cd:00:7e:1a:5f:6c:68:3c:ab:cb:ca:07:3e:73:30:ba:
f5:27:eb:b8:d6:1e:30:fc:5d:68:be:47:fe:53:95:3b:58:5b:
1f:6a:84:d2:1e:31:e9:85:2d:d4:a6:93:b8:7e:0c:0a:2e:98:
2c:9b:6c:1d:0d:41:3c:b4:f7:99:9b:88:bb:76:18:cf:2d:33:
fc:01:95:09:44:00:bb:03:7f:b5:ee:59:d3:c8:15:f8:dd:4c:
3c:49:2a:1a
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAPrA/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmQyMWU4MDRhYjc3MTNhZDc4NzdkZGU2MDNhYTc4MjRiMzE5ODNjMB4XDTIyMDEw
MTEzMDA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE5MjI0N2NhNThk
ZGY4MzJhNDE4MjNkOTRkZDE0MjZjY2Y1OWYzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKW4jAhsZkAzJPs3+/vK6cMyp5PXNthvICbXaIikw6Sxcvnn
WG2KFojBflspQhwUlXSJdiEOFe2A1ongswHBxawjQkjcuN6C5pgW64PF+BT77vuW
Vrxzcm1N6Krxy3uJ0iJCcD5eiEiDVh+jNrFQzL6/W2Bt1GYkb5/3mFVy7tLQjU81
nR7/J3leLvRiOKUGav80YLxRKXN+YU75DVSEx+Puiw4JImufyXdHRR6x1fx794hd
pnwX5EoxmXFLXXjrRqvm6h3fEkTTfIv5BuV/zrZiTUn+nFoSwdzdEyi9gl4NzX1u
VtISWBKGZZWPk0HoegTII69gOTtfNQJ5ljWA1GsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTRkiR8pY3fgypBgj2U3RQmzPWfPDAfBgNVHSMEGDAWgBTC0h6ASrdxOteH
fd5gOqeCSzGYPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d0SWVnRXEzY1RyWGgzM2VZRHFuZ2tzeG1Edy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMDRiNDQ2LTRhZTEtNGZlNS1iNjQ2LTU5YWUwOWVkYmViOS8x
LzBaSWtmS1dOMzRNcVFZSTlsTjBVSnN6MW56dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MDRiNDQ2LTRhZTEtNGZlNS1iNjQ2LTU5YWUwOWVkYmViOS8xL3d0SWVnRXEzY1Ry
WGgzM2VZRHFuZ2tzeG1Edy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBw7bGAwQBw7bIMA0GCSqGSIb3
DQEBCwUAA4IBAQCVCJ6xjEZzwQB18SDbQeQyidxlOLoHWpbfxczON2gwlmXZBOQz
aAWa2/O8NoqvFkMnzAGWJdxAz8/HCr36yCcIW74xw840BvDjAGPnlpb89KQ3oS0L
jXXHp7Sgg3piT7R4w/sXkwaeczRTchTI0jtOHHx0zqm3LdtE09i15h2JuNgvRJ0T
mjkcgqUDLAaMy5Af3i+bwq/91aINOwRFFW/c9Pdf4c0AfhpfbGg8q8vKBz5zMLr1
J+u41h4w/F1ovkf+U5U7WFsfaoTSHjHphS3UppO4fgwKLpgsm2wdDUE8tPeZm4i7
dhjPLTP8AZUJRAC7A3+17lnTyBX43Uw8SSoa
-----END CERTIFICATE-----