Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/0ZyBbw_bdB1aLDtMOnEM2ijamRo.roa
File: 0ZyBbw_bdB1aLDtMOnEM2ijamRo.roa (raw, json)
Hash identifier: EvC0+ucX9ldndWgpe8RkQH0uoamal2z9EDg5r7DQSOQ=
Subject key identifier: D1:9C:81:6F:0F:DB:74:1D:5A:2C:3B:4C:3A:71:0C:DA:28:DA:99:1A
Certificate issuer: /CN=cd919eb5c2108360155de7fb4f216a055ae31f09
Certificate serial: 01857271093A0167993FBC95C89FAE18BC40
Authority key identifier: CD:91:9E:B5:C2:10:83:60:15:5D:E7:FB:4F:21:6A:05:5A:E3:1F:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZGetcIQg2AVXef7TyFqBVrjHwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/0ZyBbw_bdB1aLDtMOnEM2ijamRo.roa
Signing time: Mon 02 Jan 2023 12:24:48 +0000
ROA not before: Mon 02 Jan 2023 12:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57004
IP address blocks: 185.191.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:09:3a:01:67:99:3f:bc:95:c8:9f:ae:18:bc:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd919eb5c2108360155de7fb4f216a055ae31f09
Validity
Not Before: Jan 2 12:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d19c816f0fdb741d5a2c3b4c3a710cda28da991a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b9:25:d8:80:7b:a1:27:75:3f:c7:83:ba:61:
b0:39:22:98:4e:c2:a2:82:14:d6:49:46:9b:a0:34:
d4:78:ba:c7:dd:5c:24:2b:63:a2:af:86:5c:bb:08:
b2:c9:e4:f0:22:70:f0:80:5c:86:a4:62:86:e0:25:
60:87:0d:4c:95:b5:d8:8f:ac:27:f6:9c:a8:94:ff:
37:9f:27:8b:68:ea:c1:06:4c:b5:59:df:ff:67:e1:
25:c5:93:98:ff:d6:20:df:3c:e5:27:5b:ec:93:ee:
fd:a4:56:9d:4b:ba:8b:b2:32:a8:86:df:80:36:b1:
32:e9:80:3d:49:96:f1:15:f8:42:d2:dc:bf:31:f9:
ba:f6:1c:1d:55:9f:cd:6a:56:dc:45:72:e2:bf:8c:
c9:2c:a0:23:fa:b4:b4:81:de:67:61:5e:c8:71:5d:
33:ff:58:55:a3:00:4a:bd:c4:5f:78:a7:94:07:d9:
2c:93:c6:e4:66:45:9a:f1:cb:e9:25:c6:04:90:a4:
ed:f5:d2:e6:0e:b7:2a:1e:cd:68:26:a5:5b:2f:b0:
c7:a3:bf:f1:34:48:85:d6:6f:74:64:fb:5d:f2:f1:
e7:bd:d5:a2:78:1d:49:08:ea:38:1d:57:fe:63:e4:
70:7a:43:23:81:23:d3:b5:ce:81:22:8d:83:06:3f:
fd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9C:81:6F:0F:DB:74:1D:5A:2C:3B:4C:3A:71:0C:DA:28:DA:99:1A
X509v3 Authority Key Identifier:
keyid:CD:91:9E:B5:C2:10:83:60:15:5D:E7:FB:4F:21:6A:05:5A:E3:1F:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZGetcIQg2AVXef7TyFqBVrjHwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/0ZyBbw_bdB1aLDtMOnEM2ijamRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/zZGetcIQg2AVXef7TyFqBVrjHwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:0c:da:f3:cf:75:19:ef:0c:ac:45:43:3b:57:ee:ca:71:27:
48:ef:8e:43:a2:fc:44:6b:8e:93:a1:a8:94:31:03:15:b8:9e:
8b:cb:b5:51:95:cf:b5:12:51:4b:1f:7c:45:84:c4:8c:d1:a7:
9d:72:0f:8f:fe:be:f7:73:96:50:c7:b5:6d:f9:5c:b8:72:10:
d1:31:0b:c3:7a:96:1a:e6:b5:d1:f5:d5:a7:22:eb:fc:a0:1f:
de:4b:5e:b9:0f:d4:c9:df:21:6d:f0:0f:f4:b6:10:5a:05:a7:
29:e5:5e:36:a6:4e:9d:f2:58:1b:e9:f5:fa:c3:a4:81:78:76:
5b:6b:63:55:c2:a8:8c:84:61:36:24:de:4f:0c:e6:6b:26:92:
eb:79:fd:c6:10:8b:a3:9e:42:4a:20:e8:f4:74:8c:a0:48:8e:
b9:f5:dc:ec:6c:32:17:3f:6e:b3:be:fa:e5:36:0a:cf:fb:92:
d7:83:d1:6d:64:95:6f:ab:e9:37:f9:10:f5:02:33:d8:88:82:
b0:59:24:8f:03:84:54:ac:cb:05:38:52:02:e0:4b:76:91:fd:
8c:39:6c:87:8b:84:7a:4e:53:43:8c:91:38:e7:7b:2f:26:fd:
a5:3c:65:47:58:18:53:32:39:35:eb:f8:a6:1e:84:f5:cf:6e:
c5:70:36:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycQk6AWeZP7yVyJ+uGLxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTE5ZWI1YzIxMDgzNjAxNTVkZTdmYjRmMjE2YTA1NWFl
MzFmMDkwHhcNMjMwMTAyMTIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTljODE2ZjBmZGI3NDFkNWEyYzNiNGMzYTcxMGNkYTI4ZGE5OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLkl2IB7oSd1P8eDumGwOSKYTsKi
ghTWSUaboDTUeLrH3VwkK2Oir4ZcuwiyyeTwInDwgFyGpGKG4CVghw1MlbXYj6wn
9pyolP83nyeLaOrBBky1Wd//Z+ElxZOY/9Yg3zzlJ1vsk+79pFadS7qLsjKoht+A
NrEy6YA9SZbxFfhC0ty/Mfm69hwdVZ/NalbcRXLiv4zJLKAj+rS0gd5nYV7IcV0z
/1hVowBKvcRfeKeUB9ksk8bkZkWa8cvpJcYEkKTt9dLmDrcqHs1oJqVbL7DHo7/x
NEiF1m90ZPtd8vHnvdWieB1JCOo4HVf+Y+RwekMjgSPTtc6BIo2DBj/9IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGcgW8P23QdWiw7TDpxDNoo2pkaMB8GA1UdIwQY
MBaAFM2RnrXCEINgFV3n+08hagVa4x8JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpHZXRjSVFnMkFWWGVmN1R5RnFCVnJqSHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80ZmM3ODAtYjI5Ni00MGI3LTk1MDgt
OWY4ZTZhMTg0Mzc0LzEvMFp5QmJ3X2JkQjFhTER0TU9uRU0yaWphbVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80ZmM3ODAtYjI5Ni00MGI3LTk1MDgtOWY4ZTZhMTg0Mzc0
LzEvelpHZXRjSVFnMkFWWGVmN1R5RnFCVnJqSHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub/IMA0G
CSqGSIb3DQEBCwUAA4IBAQCpDNrzz3UZ7wysRUM7V+7KcSdI745DovxEa46ToaiU
MQMVuJ6Ly7VRlc+1ElFLH3xFhMSM0aedcg+P/r73c5ZQx7Vt+Vy4chDRMQvDepYa
5rXR9dWnIuv8oB/eS165D9TJ3yFt8A/0thBaBacp5V42pk6d8lgb6fX6w6SBeHZb
a2NVwqiMhGE2JN5PDOZrJpLref3GEIujnkJKIOj0dIygSI659dzsbDIXP26zvvrl
NgrP+5LXg9FtZJVvq+k3+RD1AjPYiIKwWSSPA4RUrMsFOFIC4Et2kf2MOWyHi4R6
TlNDjJE453svJv2lPGVHWBhTMjk16/imHoT1z27FcDZl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:56 2025 by rpki-client