Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/ZSWnv4O7LOj8IGxg15K70Svz0ig.roa
File: ZSWnv4O7LOj8IGxg15K70Svz0ig.roa (raw, json)
Hash identifier: 6qTviCJkJzSMtxUueIkHgeiXrV/xF1jMzEHxhlwnH4c=
Subject key identifier: 65:25:A7:BF:83:BB:2C:E8:FC:20:6C:60:D7:92:BB:D1:2B:F3:D2:28
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 01856F3012A88A0A398A29BD491D654C30CE
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/ZSWnv4O7LOj8IGxg15K70Svz0ig.roa
Signing time: Sun 01 Jan 2023 21:14:59 +0000
ROA not before: Sun 01 Jan 2023 21:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208422
IP address blocks: 45.87.116.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
2a09:e201::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:12:a8:8a:0a:39:8a:29:bd:49:1d:65:4c:30:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Jan 1 21:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6525a7bf83bb2ce8fc206c60d792bbd12bf3d228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:55:3c:d9:79:c3:65:42:b4:31:ab:61:cc:
11:db:05:04:e6:c5:51:f0:15:d2:7e:96:50:10:c6:
09:40:ed:78:90:53:88:9f:89:7c:09:55:6d:25:36:
01:cc:ca:ae:f9:2a:9c:58:64:8b:04:9d:9e:5a:aa:
33:13:91:89:0e:89:6d:0c:c7:af:66:95:40:fa:95:
e1:1a:88:d5:b6:79:a9:95:eb:ce:3a:aa:17:19:f2:
a8:51:97:60:58:3d:5c:d3:90:23:4d:e8:77:ab:41:
84:fe:11:bf:c8:3a:20:71:f0:45:2e:27:43:1c:7b:
bb:33:37:a6:8e:16:88:65:8d:ba:3a:f5:85:00:e1:
1c:41:a7:de:b2:f4:61:ed:34:ee:a6:16:65:f7:5f:
0e:01:a2:38:95:5c:09:5e:31:41:e7:84:c3:5f:c6:
24:e5:a1:f0:8e:6c:34:dd:68:04:ca:83:42:34:60:
cc:da:b6:2a:9a:87:bb:0c:02:74:d0:1e:c6:13:06:
ec:0f:a1:3d:8b:5a:b6:f9:b7:82:5b:ce:d7:11:16:
4a:25:ab:0e:8e:f3:15:b3:c2:48:30:90:54:91:75:
63:79:90:6b:dd:1a:a3:0f:2f:e3:c4:ec:60:54:63:
99:0a:50:6f:fc:b7:11:ae:69:23:f8:65:8c:52:f3:
ba:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:25:A7:BF:83:BB:2C:E8:FC:20:6C:60:D7:92:BB:D1:2B:F3:D2:28
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/ZSWnv4O7LOj8IGxg15K70Svz0ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.116.0/24
185.186.0.0/24
IPv6:
2a09:e201::/48
Signature Algorithm: sha256WithRSAEncryption
7e:06:07:83:42:c2:a6:e4:b7:1f:c3:c1:b3:a7:70:4e:f1:af:
cb:6f:59:55:89:98:09:76:69:09:7d:ae:b3:d0:eb:84:f3:64:
69:5d:88:6f:c1:82:e1:e0:46:bc:23:e6:e5:9d:9e:4a:1e:2a:
c5:86:d0:16:73:1b:79:0d:76:92:b9:96:6e:4e:59:b5:67:c5:
08:fb:42:4e:f1:6e:79:3e:64:7f:92:14:d2:78:a3:c7:55:d1:
5a:20:7e:29:41:f1:a3:e3:6c:e9:f3:e5:d5:b9:3e:1b:a2:da:
35:40:94:bd:bd:59:da:f4:9f:d6:0a:0b:55:c7:7a:d7:a6:96:
63:e0:32:88:f1:6b:31:ae:16:dd:20:a4:35:d0:13:cc:84:c0:
20:aa:b4:a4:2d:f7:37:a3:97:5e:28:62:4c:e0:71:dc:f7:20:
a3:95:f8:be:73:89:ac:f6:51:b6:76:1f:f8:3d:d4:27:d7:26:
3d:6f:84:72:28:82:4d:f5:d0:7c:d3:f8:22:45:6c:00:9e:3c:
52:6f:02:ad:d5:e5:25:09:a5:59:d2:42:03:6a:f4:bb:aa:1e:
9b:d2:3b:61:51:fc:0d:37:29:cd:f4:dc:02:f9:2d:34:74:dd:
b1:de:50:96:39:5a:37:d2:21:86:6f:5a:b1:38:0d:e9:9a:28:
6a:6d:5b:bb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvMBKoigo5iim9SR1lTDDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjMwMTAxMjExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI1YTdiZjgzYmIyY2U4ZmMyMDZjNjBkNzkyYmJkMTJiZjNkMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDdVPNl5w2VCtDGrYcwR2wUE5sVR
8BXSfpZQEMYJQO14kFOIn4l8CVVtJTYBzMqu+SqcWGSLBJ2eWqozE5GJDoltDMev
ZpVA+pXhGojVtnmplevOOqoXGfKoUZdgWD1c05AjTeh3q0GE/hG/yDogcfBFLidD
HHu7MzemjhaIZY26OvWFAOEcQafesvRh7TTuphZl918OAaI4lVwJXjFB54TDX8Yk
5aHwjmw03WgEyoNCNGDM2rYqmoe7DAJ00B7GEwbsD6E9i1q2+beCW87XERZKJasO
jvMVs8JIMJBUkXVjeZBr3RqjDy/jxOxgVGOZClBv/LcRrmkj+GWMUvO6WwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGUlp7+Duyzo/CBsYNeSu9Er89IoMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvWlNXbnY0TzdMT2o4SUd4ZzE1SzcwU3Z6MGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALVd0AwQA
uboAMA8EAgACMAkDBwAqCeIBAAAwDQYJKoZIhvcNAQELBQADggEBAH4GB4NCwqbk
tx/DwbOncE7xr8tvWVWJmAl2aQl9rrPQ64TzZGldiG/BguHgRrwj5uWdnkoeKsWG
0BZzG3kNdpK5lm5OWbVnxQj7Qk7xbnk+ZH+SFNJ4o8dV0VogfilB8aPjbOnz5dW5
Phui2jVAlL29Wdr0n9YKC1XHetemlmPgMojxazGuFt0gpDXQE8yEwCCqtKQt9zej
l14oYkzgcdz3IKOV+L5ziaz2UbZ2H/g91CfXJj1vhHIogk310HzT+CJFbACePFJv
Aq3V5SUJpVnSQgNq9LuqHpvSO2FR/A03Kc303AL5LTR03bHeUJY5WjfSIYZvWrE4
DemaKGptW7s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:42 2025 by rpki-client