Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/3c6876-96ae-48af-ae7a-ff05d446e7fd/1/zd8vO4_kV8gRCBQqGHQOTeKZC20.roa
File: zd8vO4_kV8gRCBQqGHQOTeKZC20.roa (raw, json)
Hash identifier: 0NrvnZpHRV9+yk9+6mbcpgI30p0ifFccEssEX8qRwQ4=
Subject key identifier: CD:DF:2F:3B:8F:E4:57:C8:11:08:14:2A:18:74:0E:4D:E2:99:0B:6D
Certificate issuer: /CN=b9114dff36b948b56c211d25f398751d35b93cc2
Certificate serial: 01856F5DAE0D44761C75E3C755E8CDA06448
Authority key identifier: B9:11:4D:FF:36:B9:48:B5:6C:21:1D:25:F3:98:75:1D:35:B9:3C:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRFN_za5SLVsIR0l85h1HTW5PMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/3c6876-96ae-48af-ae7a-ff05d446e7fd/1/zd8vO4_kV8gRCBQqGHQOTeKZC20.roa
Signing time: Sun 01 Jan 2023 22:04:48 +0000
ROA not before: Sun 01 Jan 2023 22:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51088
IP address blocks: 185.46.173.0/24 maxlen: 24
2a12:4180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:ae:0d:44:76:1c:75:e3:c7:55:e8:cd:a0:64:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9114dff36b948b56c211d25f398751d35b93cc2
Validity
Not Before: Jan 1 22:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cddf2f3b8fe457c81108142a18740e4de2990b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b9:5a:d4:5e:12:47:82:e2:96:f5:e5:38:b7:
60:35:b9:64:cc:68:93:74:c4:6e:cb:7b:2e:e6:21:
00:f5:ba:29:63:8d:41:16:7a:0e:15:aa:f7:cc:bc:
e4:14:53:f9:f8:6e:b8:f4:9d:34:ab:19:f6:7b:6e:
49:aa:28:92:7f:b6:47:59:af:92:f4:6d:ff:75:a9:
31:a2:a0:50:78:f3:44:7c:27:3f:99:d6:d6:5e:97:
dc:1a:07:dc:b0:fd:d6:1d:4f:36:73:e1:36:3b:0b:
19:a5:d0:ba:85:92:ef:0b:f5:87:2b:a7:e8:6b:ce:
8e:53:c9:29:b5:94:25:8a:4e:ec:f5:3c:59:cf:18:
f0:fa:92:11:fa:13:d5:e7:13:b2:3d:7a:ba:0c:82:
41:7c:55:26:8a:cb:bc:bd:c3:14:f9:ad:81:d9:eb:
88:f5:7b:1f:fc:d0:c2:cb:ea:d5:cd:cd:50:9c:1a:
09:20:62:b4:34:1e:a3:f6:89:a0:25:3a:7e:23:e3:
75:ac:16:b2:90:88:ab:9d:d1:58:12:ce:5f:f4:f2:
d6:3b:d6:e9:6c:9c:ec:85:9f:cf:e8:6a:17:d7:16:
db:d5:02:8e:f5:9a:cc:ee:1d:60:4c:92:71:cf:26:
8b:92:7a:ad:12:91:9f:2d:73:77:3b:30:95:68:fb:
3b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DF:2F:3B:8F:E4:57:C8:11:08:14:2A:18:74:0E:4D:E2:99:0B:6D
X509v3 Authority Key Identifier:
keyid:B9:11:4D:FF:36:B9:48:B5:6C:21:1D:25:F3:98:75:1D:35:B9:3C:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRFN_za5SLVsIR0l85h1HTW5PMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/3c6876-96ae-48af-ae7a-ff05d446e7fd/1/zd8vO4_kV8gRCBQqGHQOTeKZC20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/3c6876-96ae-48af-ae7a-ff05d446e7fd/1/uRFN_za5SLVsIR0l85h1HTW5PMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.173.0/24
IPv6:
2a12:4180::/29
Signature Algorithm: sha256WithRSAEncryption
d0:fe:7a:fc:b7:df:ef:4d:81:02:51:85:27:9b:8a:77:7e:2e:
cc:74:98:a9:c4:ae:ec:85:d6:92:1d:8d:bc:4f:b0:8f:05:06:
e2:07:03:83:f1:f1:3b:55:3e:cf:c9:0a:4c:1f:e1:62:04:e3:
f4:92:55:48:8e:a6:00:09:f6:13:54:ac:12:9c:7c:91:e8:01:
4f:94:eb:cf:d3:a7:31:02:94:82:4b:58:fc:ea:e0:53:e0:a7:
23:7d:47:c2:8b:0e:78:4c:b8:52:bf:6b:0f:f1:07:47:70:80:
51:6c:25:25:2c:25:88:16:37:46:7a:fd:59:0e:8b:1e:57:ef:
0c:96:21:19:65:00:57:c8:5d:f4:54:dc:90:d8:ef:df:64:af:
14:13:b9:d2:40:5d:9a:38:cf:3e:b8:0f:26:31:c8:39:68:0a:
da:2d:78:9f:8b:43:e6:04:dd:77:b1:a7:38:29:42:c2:55:e1:
9f:90:e4:1e:53:e5:bf:44:b9:e8:1f:bd:5e:b0:34:ee:e9:f4:
78:06:5c:1d:cc:aa:f0:1d:83:1d:a0:bd:c9:14:d6:57:a4:ff:
c2:6d:03:ea:a8:5e:75:72:33:fb:d1:ef:89:48:af:79:ef:73:
03:b6:0d:7b:70:60:63:a7:74:61:0b:db:d7:64:f0:f5:05:73:
46:c0:8f:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvXa4NRHYcdePHVejNoGRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTE0ZGZmMzZiOTQ4YjU2YzIxMWQyNWYzOTg3NTFkMzVi
OTNjYzIwHhcNMjMwMTAxMjIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRmMmYzYjhmZTQ1N2M4MTEwODE0MmExODc0MGU0ZGUyOTkwYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbla1F4SR4LilvXlOLdgNblkzGiT
dMRuy3su5iEA9bopY41BFnoOFar3zLzkFFP5+G649J00qxn2e25JqiiSf7ZHWa+S
9G3/dakxoqBQePNEfCc/mdbWXpfcGgfcsP3WHU82c+E2OwsZpdC6hZLvC/WHK6fo
a86OU8kptZQlik7s9TxZzxjw+pIR+hPV5xOyPXq6DIJBfFUmisu8vcMU+a2B2euI
9Xsf/NDCy+rVzc1QnBoJIGK0NB6j9omgJTp+I+N1rBaykIirndFYEs5f9PLWO9bp
bJzshZ/P6GoX1xbb1QKO9ZrM7h1gTJJxzyaLknqtEpGfLXN3OzCVaPs7RQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM3fLzuP5FfIEQgUKhh0Dk3imQttMB8GA1UdIwQY
MBaAFLkRTf82uUi1bCEdJfOYdR01uTzCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJGTl96YTVTTFZzSVIwbDg1aDFIVFc1UE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zYzY4NzYtOTZhZS00OGFmLWFlN2Et
ZmYwNWQ0NDZlN2ZkLzEvemQ4dk80X2tWOGdSQ0JRcUdIUU9UZUtaQzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zYzY4NzYtOTZhZS00OGFmLWFlN2EtZmYwNWQ0NDZlN2Zk
LzEvdVJGTl96YTVTTFZzSVIwbDg1aDFIVFc1UE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuS6tMA0E
AgACMAcDBQMqEkGAMA0GCSqGSIb3DQEBCwUAA4IBAQDQ/nr8t9/vTYECUYUnm4p3
fi7MdJipxK7shdaSHY28T7CPBQbiBwOD8fE7VT7PyQpMH+FiBOP0klVIjqYACfYT
VKwSnHyR6AFPlOvP06cxApSCS1j86uBT4KcjfUfCiw54TLhSv2sP8QdHcIBRbCUl
LCWIFjdGev1ZDoseV+8MliEZZQBXyF30VNyQ2O/fZK8UE7nSQF2aOM8+uA8mMcg5
aAraLXifi0PmBN13sac4KULCVeGfkOQeU+W/RLnoH71esDTu6fR4BlwdzKrwHYMd
oL3JFNZXpP/CbQPqqF51cjP70e+JSK9573MDtg17cGBjp3RhC9vXZPD1BXNGwI9l
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:58 2025 by rpki-client