Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/8ZG_yb3YALBvSolcdqgyAYAFfyk.roa
File: 8ZG_yb3YALBvSolcdqgyAYAFfyk.roa (raw, json)
Hash identifier: O+Os8kD/Ms3RAwQ1kCmOfa6p0N+XB4W6YOZ8CdP/eck=
Subject key identifier: F1:91:BF:C9:BD:D8:00:B0:6F:4A:89:5C:76:A8:32:01:80:05:7F:29
Certificate issuer: /CN=ce46ea629afb0c2d54200b5a65727be18cbb45a4
Certificate serial: 01856FCBB7C971EC03BB876805B2A21CE7AA
Authority key identifier: CE:46:EA:62:9A:FB:0C:2D:54:20:0B:5A:65:72:7B:E1:8C:BB:45:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkbqYpr7DC1UIAtaZXJ74Yy7RaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/8ZG_yb3YALBvSolcdqgyAYAFfyk.roa
Signing time: Mon 02 Jan 2023 00:04:59 +0000
ROA not before: Mon 02 Jan 2023 00:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206854
IP address blocks: 185.172.214.0/24 maxlen: 24
185.172.215.0/24 maxlen: 24
185.172.213.0/24 maxlen: 24
185.172.212.0/24 maxlen: 24
185.172.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b7:c9:71:ec:03:bb:87:68:05:b2:a2:1c:e7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce46ea629afb0c2d54200b5a65727be18cbb45a4
Validity
Not Before: Jan 2 00:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f191bfc9bdd800b06f4a895c76a8320180057f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8b:d2:51:c7:4c:32:65:a0:bd:86:be:17:dc:
5c:54:ca:3f:9a:77:9a:6c:b7:9f:9f:1b:13:51:9b:
96:06:00:71:77:fd:1e:6a:3b:dc:14:1a:68:1a:08:
5a:ff:32:73:7a:12:ff:5c:d4:02:9b:1c:eb:cb:5c:
93:bc:ef:66:e2:84:4f:45:69:cf:2e:fd:1e:d1:a2:
63:6c:34:34:ec:dd:c1:4e:d1:0a:1d:7c:53:31:6d:
e0:c8:1f:e3:cd:5c:3b:9e:81:26:5d:5a:0a:1c:61:
24:ff:6b:76:4e:33:45:4b:1d:60:b0:50:7f:19:b3:
af:32:c6:e6:bb:ea:e0:28:52:2e:83:82:7f:48:d4:
11:80:e7:70:3c:f2:50:86:f8:09:7b:ec:e3:ab:43:
2d:81:00:f0:0d:3e:ef:42:00:eb:b0:f9:97:04:b9:
49:89:57:82:0e:f9:73:d2:63:08:75:fc:e3:f7:13:
e6:ee:1b:ec:6a:4d:58:cd:c6:c4:93:82:a3:ea:7e:
cb:1b:23:cf:a2:d3:1a:69:00:0f:58:95:18:40:57:
f3:9a:23:31:26:b9:8c:fa:91:e5:51:f5:7e:a2:96:
95:65:25:49:0e:a8:c4:9e:32:e1:54:da:9c:83:7e:
80:0d:5b:82:50:f7:d9:36:ec:58:ec:0b:61:08:cb:
7b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:91:BF:C9:BD:D8:00:B0:6F:4A:89:5C:76:A8:32:01:80:05:7F:29
X509v3 Authority Key Identifier:
keyid:CE:46:EA:62:9A:FB:0C:2D:54:20:0B:5A:65:72:7B:E1:8C:BB:45:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkbqYpr7DC1UIAtaZXJ74Yy7RaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/8ZG_yb3YALBvSolcdqgyAYAFfyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2be009-1ef1-4d57-8f01-7e184b070bbd/1/zkbqYpr7DC1UIAtaZXJ74Yy7RaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.212.0/22
Signature Algorithm: sha256WithRSAEncryption
49:da:1a:64:1e:ff:7a:c0:eb:3b:0f:bf:c6:0e:b8:6c:12:01:
39:b3:c1:23:e3:1f:08:d5:b9:04:f7:49:91:9d:68:45:d7:bc:
cd:5d:25:68:03:12:2a:7e:b0:f6:8e:48:1e:dc:cc:9d:4c:3c:
6d:f5:5d:64:48:4b:e2:13:8c:97:c0:01:22:81:cf:6b:78:d7:
cf:3e:0e:a3:b8:c2:6a:3d:68:d2:48:94:37:57:6b:fa:7a:c0:
c9:4e:64:17:6d:8d:be:6f:dc:79:bd:8b:09:5d:3b:78:e0:b0:
21:1f:2e:69:57:e2:60:16:39:f0:fb:35:8f:d9:2d:8a:ec:7f:
12:1f:dc:64:9b:85:06:56:8d:8b:ce:90:9b:a1:1b:b7:d3:e5:
2e:1b:d1:c4:fd:bf:3a:f2:16:22:ea:e2:52:c4:2e:8e:48:4b:
d7:a7:0b:3c:88:87:fd:c3:a6:d7:26:bb:a7:68:0e:d1:59:fd:
3b:24:12:42:b1:d2:47:85:2b:04:47:38:48:05:57:05:31:8a:
4c:90:37:ff:11:14:28:11:72:ac:f9:0a:1c:b6:bc:e3:a8:6b:
12:32:6b:02:51:6d:e3:a0:e7:39:4e:8d:9a:ad:79:38:7a:2a:
c5:77:8e:dd:72:4c:b7:ec:6d:a3:bf:02:69:b9:c9:79:17:d5:
a7:67:4b:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy7fJcewDu4doBbKiHOeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDZlYTYyOWFmYjBjMmQ1NDIwMGI1YTY1NzI3YmUxOGNi
YjQ1YTQwHhcNMjMwMTAyMDAwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTkxYmZjOWJkZDgwMGIwNmY0YTg5NWM3NmE4MzIwMTgwMDU3ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgovSUcdMMmWgvYa+F9xcVMo/mnea
bLefnxsTUZuWBgBxd/0eajvcFBpoGgha/zJzehL/XNQCmxzry1yTvO9m4oRPRWnP
Lv0e0aJjbDQ07N3BTtEKHXxTMW3gyB/jzVw7noEmXVoKHGEk/2t2TjNFSx1gsFB/
GbOvMsbmu+rgKFIug4J/SNQRgOdwPPJQhvgJe+zjq0MtgQDwDT7vQgDrsPmXBLlJ
iVeCDvlz0mMIdfzj9xPm7hvsak1YzcbEk4Kj6n7LGyPPotMaaQAPWJUYQFfzmiMx
JrmM+pHlUfV+opaVZSVJDqjEnjLhVNqcg36ADVuCUPfZNuxY7AthCMt75QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGRv8m92ACwb0qJXHaoMgGABX8pMB8GA1UdIwQY
MBaAFM5G6mKa+wwtVCALWmVye+GMu0WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemticVlwcjdEQzFVSUF0YVpYSjc0WXk3UmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yYmUwMDktMWVmMS00ZDU3LThmMDEt
N2UxODRiMDcwYmJkLzEvOFpHX3liM1lBTEJ2U29sY2RxZ3lBWUFGZnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yYmUwMDktMWVmMS00ZDU3LThmMDEtN2UxODRiMDcwYmJk
LzEvemticVlwcjdEQzFVSUF0YVpYSjc0WXk3UmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuazUMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ2hpkHv96wOs7D7/GDrhsEgE5s8Ej4x8I1bkE90mR
nWhF17zNXSVoAxIqfrD2jkge3MydTDxt9V1kSEviE4yXwAEigc9reNfPPg6juMJq
PWjSSJQ3V2v6esDJTmQXbY2+b9x5vYsJXTt44LAhHy5pV+JgFjnw+zWP2S2K7H8S
H9xkm4UGVo2LzpCboRu30+UuG9HE/b868hYi6uJSxC6OSEvXpws8iIf9w6bXJrun
aA7RWf07JBJCsdJHhSsERzhIBVcFMYpMkDf/ERQoEXKs+QoctrzjqGsSMmsCUW3j
oOc5To2arXk4eirFd47dcky37G2jvwJpucl5F9WnZ0tc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:27 2025 by rpki-client