Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/Zl_be25SI9s7TGEDGv6xeBiU6eM.roa
File: Zl_be25SI9s7TGEDGv6xeBiU6eM.roa (raw, json)
Hash identifier: w/pc4zCq7M9my3B0UmBvM45E/ffu7CFwYD/KR3J8C74=
Subject key identifier: 66:5F:DB:7B:6E:52:23:DB:3B:4C:61:03:1A:FE:B1:78:18:94:E9:E3
Certificate issuer: /CN=926b9336fcaf3657cedeba53c47e948010877e20
Certificate serial: 01856CF87A63CF0C8120B27E431F0004CC10
Authority key identifier: 92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/Zl_be25SI9s7TGEDGv6xeBiU6eM.roa
Signing time: Sun 01 Jan 2023 10:55:01 +0000
ROA not before: Sun 01 Jan 2023 10:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200428
IP address blocks: 185.151.60.0/22 maxlen: 22
2a0a:2640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:7a:63:cf:0c:81:20:b2:7e:43:1f:00:04:cc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926b9336fcaf3657cedeba53c47e948010877e20
Validity
Not Before: Jan 1 10:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=665fdb7b6e5223db3b4c61031afeb1781894e9e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:26:1b:82:ad:5e:89:3f:36:98:37:0a:68:84:
92:80:82:09:fc:da:9a:fa:ab:a4:ca:2f:76:57:70:
e4:ea:02:1b:dc:73:79:25:a7:9b:9f:2f:49:d1:2f:
c4:24:c8:e8:a1:4d:28:64:38:7d:ea:0c:2e:0d:b5:
69:32:22:f2:86:58:1d:59:aa:f7:9c:6a:34:dd:25:
5e:2a:e8:61:6e:47:7f:17:08:2e:b0:b6:af:dd:11:
f4:1b:1b:03:7c:a9:63:16:05:16:a3:47:82:0c:13:
7c:c1:24:60:17:d2:95:da:63:f8:76:f7:ea:0f:6e:
ff:b8:c0:19:e7:be:fb:cc:46:56:0c:13:41:10:ee:
49:24:15:a4:54:a0:a0:bc:29:45:45:d8:34:55:af:
42:04:e3:1b:e9:68:65:e5:b7:89:27:a6:3c:9b:a3:
bf:80:db:e2:08:d3:d5:64:ba:01:06:b3:35:64:04:
f6:5b:fc:f6:46:d9:98:fd:57:04:56:14:ed:9d:27:
c2:57:cd:44:8b:7d:37:83:bc:60:44:bb:13:69:a2:
53:de:dd:35:27:dd:82:b2:53:f4:f4:34:0d:a0:fd:
44:1f:88:8e:17:b4:a3:69:d3:d8:54:cc:68:f9:66:
a3:06:f3:13:81:05:55:6b:42:3c:bc:98:42:02:59:
44:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5F:DB:7B:6E:52:23:DB:3B:4C:61:03:1A:FE:B1:78:18:94:E9:E3
X509v3 Authority Key Identifier:
keyid:92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/Zl_be25SI9s7TGEDGv6xeBiU6eM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.60.0/22
IPv6:
2a0a:2640::/29
Signature Algorithm: sha256WithRSAEncryption
cd:d0:37:3f:10:42:dd:1f:8e:b2:bf:0d:51:f5:2b:b1:2d:16:
74:23:f7:90:a9:dc:78:80:ad:46:58:c7:54:91:00:3e:84:2c:
3e:9d:6a:82:9d:c9:fc:56:0c:9a:96:3b:e6:f7:07:6d:9d:87:
5e:f3:f2:5e:11:e1:6e:45:93:a9:5e:31:54:42:e3:ca:7e:c7:
5c:0e:c8:d4:de:79:46:4c:10:af:8b:43:5e:0c:e3:54:3d:0a:
70:73:43:78:fc:fd:4a:0b:ad:61:db:20:ad:da:fa:31:58:b7:
ad:d0:35:c1:f3:18:89:93:62:ee:62:78:c2:47:9f:d4:fb:c5:
af:98:0e:66:64:2e:69:b6:a8:17:48:ff:56:5b:1f:84:51:af:
e1:bc:03:01:01:f8:80:25:4e:02:67:3c:ab:3b:74:57:20:66:
80:3a:07:7a:17:89:95:05:36:d6:c6:8a:9a:cd:ce:77:a1:2b:
3d:bd:13:aa:3d:7e:cd:1d:0e:a7:c8:ec:99:ba:e5:81:b1:28:
87:e1:8f:e9:c3:55:7a:f4:1f:3a:5c:b9:2e:13:ee:1b:2b:b6:
65:94:fb:3e:e2:f1:99:cc:02:ea:4a:53:99:a6:05:cc:71:d1:
e3:a4:65:c3:9b:21:f9:4b:35:bb:3e:2a:aa:d8:66:62:34:2f:
32:4c:65:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+HpjzwyBILJ+Qx8ABMwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmI5MzM2ZmNhZjM2NTdjZWRlYmE1M2M0N2U5NDgwMTA4
NzdlMjAwHhcNMjMwMTAxMTA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjVmZGI3YjZlNTIyM2RiM2I0YzYxMDMxYWZlYjE3ODE4OTRlOWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCYbgq1eiT82mDcKaISSgIIJ/Nqa
+qukyi92V3Dk6gIb3HN5Jaebny9J0S/EJMjooU0oZDh96gwuDbVpMiLyhlgdWar3
nGo03SVeKuhhbkd/FwgusLav3RH0GxsDfKljFgUWo0eCDBN8wSRgF9KV2mP4dvfq
D27/uMAZ5777zEZWDBNBEO5JJBWkVKCgvClFRdg0Va9CBOMb6Whl5beJJ6Y8m6O/
gNviCNPVZLoBBrM1ZAT2W/z2RtmY/VcEVhTtnSfCV81Ei303g7xgRLsTaaJT3t01
J92CslP09DQNoP1EH4iOF7SjadPYVMxo+WajBvMTgQVVa0I8vJhCAllEHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGZf23tuUiPbO0xhAxr+sXgYlOnjMB8GA1UdIwQY
MBaAFJJrkzb8rzZXzt66U8R+lIAQh34gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTct
MDZhMjRmYTc0NjY3LzEvWmxfYmUyNVNJOXM3VEdFREd2NnhlQmlVNmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTctMDZhMjRmYTc0NjY3
LzEva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZc8MA0E
AgACMAcDBQMqCiZAMA0GCSqGSIb3DQEBCwUAA4IBAQDN0Dc/EELdH46yvw1R9Sux
LRZ0I/eQqdx4gK1GWMdUkQA+hCw+nWqCncn8Vgyaljvm9wdtnYde8/JeEeFuRZOp
XjFUQuPKfsdcDsjU3nlGTBCvi0NeDONUPQpwc0N4/P1KC61h2yCt2voxWLet0DXB
8xiJk2LuYnjCR5/U+8WvmA5mZC5ptqgXSP9WWx+EUa/hvAMBAfiAJU4CZzyrO3RX
IGaAOgd6F4mVBTbWxoqazc53oSs9vROqPX7NHQ6nyOyZuuWBsSiH4Y/pw1V69B86
XLkuE+4bK7ZllPs+4vGZzALqSlOZpgXMcdHjpGXDmyH5SzW7Piqq2GZiNC8yTGUp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:43 2025 by rpki-client