Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/zh6sTaQnLQLcJab17dbkUxc4YOI.roa
File: zh6sTaQnLQLcJab17dbkUxc4YOI.roa (raw, json)
Hash identifier: apfmjTdR2s8d8Jmt2RPn29WJxL1/b35PO03faS+llsk=
Subject key identifier: CE:1E:AC:4D:A4:27:2D:02:DC:25:A6:F5:ED:D6:E4:53:17:38:60:E2
Certificate issuer: /CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Certificate serial: 018976E46497FDB9A51F6210F3268A7E87A1
Authority key identifier: 6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/zh6sTaQnLQLcJab17dbkUxc4YOI.roa
Signing time: Fri 21 Jul 2023 05:20:26 +0000
ROA not before: Fri 21 Jul 2023 05:20:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57293
IP address blocks: 149.255.144.0/21 maxlen: 21
149.255.144.0/20 maxlen: 20
5.197.240.0/20 maxlen: 20
185.146.112.0/22 maxlen: 22
5.197.208.0/20 maxlen: 20
5.197.0.0/17 maxlen: 17
5.197.224.0/20 maxlen: 20
5.197.0.0/16 maxlen: 21
149.255.152.0/21 maxlen: 21
5.197.128.0/17 maxlen: 17
5.197.128.0/21 maxlen: 21
5.197.128.0/20 maxlen: 20
5.197.136.0/21 maxlen: 21
5.197.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:76:e4:64:97:fd:b9:a5:1f:62:10:f3:26:8a:7e:87:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Validity
Not Before: Jul 21 05:20:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce1eac4da4272d02dc25a6f5edd6e453173860e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:97:6d:02:c2:56:53:57:23:ab:c1:85:96:ae:
6d:ce:4e:66:b7:96:9b:86:1c:13:e5:a0:50:62:1d:
04:9c:5a:57:3b:ab:28:f9:a3:b3:ae:1d:89:01:c1:
72:39:a1:2f:2d:10:22:5f:44:1f:b3:fd:38:80:79:
9c:98:2c:9d:ea:f5:4d:3d:69:05:03:33:84:e8:db:
45:3d:01:9e:42:84:a9:a0:55:bb:28:47:d5:d3:9a:
e7:d7:04:1e:ca:47:10:94:36:b2:ce:66:1c:cd:0d:
97:1b:6a:44:10:e8:aa:d6:36:b9:a4:de:7b:4b:af:
96:86:98:de:8d:bd:97:0a:83:69:58:15:13:a9:7f:
9f:65:e4:52:18:2b:b4:56:1a:ce:20:da:30:fe:b1:
f8:0e:07:1c:79:2c:21:f5:34:0c:9b:75:9a:9e:33:
bd:1a:50:64:99:29:eb:10:26:6a:25:bc:d6:f3:ff:
4d:43:19:ce:49:f4:75:f4:c1:8b:f7:7d:a4:5c:1f:
22:53:78:eb:2f:86:9d:c5:09:43:06:25:e3:37:77:
28:55:f8:f9:2d:a9:09:82:c1:5d:07:3d:31:42:35:
60:e6:35:d6:b0:9a:b2:83:37:03:fc:a3:76:2b:80:
71:bf:42:59:98:21:8a:86:f7:fa:29:a2:f5:fb:8e:
e2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:1E:AC:4D:A4:27:2D:02:DC:25:A6:F5:ED:D6:E4:53:17:38:60:E2
X509v3 Authority Key Identifier:
keyid:6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/zh6sTaQnLQLcJab17dbkUxc4YOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.197.0.0/16
149.255.144.0/20
185.146.112.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:51:be:bb:5d:d2:59:3f:b9:17:fe:29:2f:ae:14:31:93:e7:
85:fb:ab:6c:0e:62:9f:89:08:6d:93:aa:32:09:b0:df:1b:b0:
41:fa:fb:11:67:83:38:bb:24:0f:4f:d5:9d:c3:dd:fe:78:bb:
8f:23:33:35:16:ce:4c:94:fd:7a:9c:d5:e7:7f:16:f5:d1:5d:
f6:32:cc:f5:78:3a:fd:d3:52:9c:15:09:b2:67:9f:64:33:6b:
b9:23:c4:fb:d8:1f:81:50:52:2c:83:47:c6:09:da:75:d0:1a:
11:a7:56:89:98:f5:47:b4:7b:db:cf:da:ba:ec:a1:62:b1:fb:
6d:ba:42:8b:26:de:79:89:04:45:15:ba:72:be:19:25:b8:df:
7b:3d:aa:3f:52:b6:ca:a8:fe:2e:60:c0:41:aa:c8:71:b1:e0:
ac:77:0f:77:46:d9:d8:7e:09:2f:69:30:c9:bf:f6:3f:43:e5:
ed:3d:b6:28:c7:ab:39:cf:a2:19:4b:70:f6:25:3c:06:2d:0d:
96:f9:3f:97:3a:3d:15:2b:8a:95:92:6e:39:e3:0f:2e:9d:46:
c0:c1:12:32:84:fd:e5:99:a5:09:84:92:0e:e6:22:e7:d4:ef:
67:96:3c:fa:c7:b3:3c:f6:b4:09:8a:4a:58:92:60:63:4f:00:
24:2b:15:83
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYl25GSX/bmlH2IQ8yaKfoehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjA4MThiMTg2YjBiOWNiMDlhZjU0MjBkMWU1YWUzMzRm
ZTM5NzQwHhcNMjMwNzIxMDUyMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTFlYWM0ZGE0MjcyZDAyZGMyNWE2ZjVlZGQ2ZTQ1MzE3Mzg2MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5dtAsJWU1cjq8GFlq5tzk5mt5ab
hhwT5aBQYh0EnFpXO6so+aOzrh2JAcFyOaEvLRAiX0Qfs/04gHmcmCyd6vVNPWkF
AzOE6NtFPQGeQoSpoFW7KEfV05rn1wQeykcQlDayzmYczQ2XG2pEEOiq1ja5pN57
S6+Whpjejb2XCoNpWBUTqX+fZeRSGCu0VhrOINow/rH4DgcceSwh9TQMm3WanjO9
GlBkmSnrECZqJbzW8/9NQxnOSfR19MGL932kXB8iU3jrL4adxQlDBiXjN3coVfj5
LakJgsFdBz0xQjVg5jXWsJqygzcD/KN2K4Bxv0JZmCGKhvf6KaL1+47iIQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFM4erE2kJy0C3CWm9e3W5FMXOGDiMB8GA1UdIwQY
MBaAFGsggYsYawucsJr1Qg0eWuM0/jl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDct
ZTVjOWMyZThlOWJmLzEvemg2c1RhUW5MUUxjSmFiMTdkYmtVeGM0WU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDctZTVjOWMyZThlOWJm
LzEvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMABcUDBASV
/5ADBAK5knAwDQYJKoZIhvcNAQELBQADggEBALhRvrtd0lk/uRf+KS+uFDGT54X7
q2wOYp+JCG2TqjIJsN8bsEH6+xFngzi7JA9P1Z3D3f54u48jMzUWzkyU/Xqc1ed/
FvXRXfYyzPV4Ov3TUpwVCbJnn2Qza7kjxPvYH4FQUiyDR8YJ2nXQGhGnVomY9Ue0
e9vP2rrsoWKx+226Qosm3nmJBEUVunK+GSW433s9qj9Stsqo/i5gwEGqyHGx4Kx3
D3dG2dh+CS9pMMm/9j9D5e09tijHqznPohlLcPYlPAYtDZb5P5c6PRUripWSbjnj
Dy6dRsDBEjKE/eWZpQmEkg7mIufU72eWPPrHszz2tAmKSliSYGNPACQrFYM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:35 2025 by rpki-client