Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/zs2B7fgEGyYXcuh8e_ngW7-jrmQ.roa
File: zs2B7fgEGyYXcuh8e_ngW7-jrmQ.roa (raw, json)
Hash identifier: EcoP1gqktDJZzHGDxZSJ/G1KqBNIEWzTP0o8PCQniKQ=
Subject key identifier: CE:CD:81:ED:F8:04:1B:26:17:72:E8:7C:7B:F9:E0:5B:BF:A3:AE:64
Certificate issuer: /CN=dac633a14cac7c7a0922ffd980de5f278a3be267
Certificate serial: 01824B7EE32934B43C4DE9D7659084008206
Authority key identifier: DA:C6:33:A1:4C:AC:7C:7A:09:22:FF:D9:80:DE:5F:27:8A:3B:E2:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sYzoUysfHoJIv_ZgN5fJ4o74mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/zs2B7fgEGyYXcuh8e_ngW7-jrmQ.roa
Signing time: Fri 29 Jul 2022 19:46:23 +0000
ROA not before: Fri 29 Jul 2022 19:46:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 213.5.226.0/24 maxlen: 24
91.233.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4b:7e:e3:29:34:b4:3c:4d:e9:d7:65:90:84:00:82:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac633a14cac7c7a0922ffd980de5f278a3be267
Validity
Not Before: Jul 29 19:46:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cecd81edf8041b261772e87c7bf9e05bbfa3ae64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7b:a7:90:f0:47:0c:13:b1:7c:9a:93:8e:50:
9b:1e:9f:c2:71:cd:8b:7f:7c:8a:fc:98:ac:d1:89:
f4:89:b8:62:15:45:c0:7b:95:4c:98:f5:da:3f:a7:
20:65:1a:b2:32:8b:27:69:50:85:0d:b1:5f:05:50:
d7:9f:ff:d3:b8:e1:2d:bc:45:87:51:63:dd:c1:30:
d1:21:b9:a2:75:5a:db:83:13:72:15:43:d6:e4:62:
1a:2f:91:57:69:be:69:4f:4c:ff:f1:e6:8f:eb:86:
69:a7:53:d3:a1:a5:ce:c4:78:2f:bf:85:23:c2:83:
f3:93:0f:20:31:d9:08:53:52:ee:4b:e2:a9:d0:66:
af:e2:12:4c:4f:43:84:b4:04:a5:48:62:f9:4f:28:
ef:d8:7a:ef:d7:e4:a7:db:c7:27:d6:38:f3:b1:43:
24:52:1e:4b:25:bd:73:fd:c8:3a:cb:d1:0d:bd:40:
e8:7b:11:7d:86:68:a5:e5:76:b4:a8:4a:aa:19:a1:
a6:cf:c8:86:c9:d4:44:43:2e:6f:5f:b8:b7:e1:9e:
c0:00:8c:d6:ea:b5:ec:36:be:98:a0:e4:c1:7d:1c:
3a:82:b2:ce:40:0d:20:5c:26:d6:55:02:90:b4:37:
84:c8:67:19:e4:ba:d6:7a:50:4d:56:69:ff:d1:84:
5f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CD:81:ED:F8:04:1B:26:17:72:E8:7C:7B:F9:E0:5B:BF:A3:AE:64
X509v3 Authority Key Identifier:
keyid:DA:C6:33:A1:4C:AC:7C:7A:09:22:FF:D9:80:DE:5F:27:8A:3B:E2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sYzoUysfHoJIv_ZgN5fJ4o74mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/zs2B7fgEGyYXcuh8e_ngW7-jrmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/2sYzoUysfHoJIv_ZgN5fJ4o74mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.61.0/24
213.5.226.0/24
Signature Algorithm: sha256WithRSAEncryption
40:27:40:48:31:c3:03:a2:58:03:46:f1:4d:37:89:42:01:0c:
19:80:14:4b:b8:e0:31:ad:ed:2e:2c:3f:2c:32:ef:0e:7a:cf:
b8:b4:60:9f:ee:9c:b7:7c:e7:84:55:73:a2:f8:0b:b5:26:cc:
dc:81:49:bc:3b:a2:be:cd:16:bf:a5:bc:63:73:12:0b:d0:cd:
be:e1:18:1e:6c:be:e2:bf:84:e1:a1:61:0c:31:fe:5e:a5:09:
be:20:93:45:ba:3e:0b:8a:8f:d1:e0:c7:d9:1b:70:f9:f8:67:
8f:ca:58:f6:c3:03:77:86:30:1c:25:2f:96:3b:4a:6a:e5:4b:
d4:ba:aa:34:7b:eb:a1:57:49:59:36:12:34:71:34:a2:2d:f2:
97:7a:df:d8:e9:91:77:1f:e2:b0:fb:7a:89:e2:13:54:ae:a9:
b2:21:1a:c8:8a:c7:5d:f5:fb:14:32:9b:79:ad:1d:b6:58:0a:
5c:6e:78:dd:2a:67:ba:0a:af:c5:1c:eb:67:69:8b:cc:b8:84:
fc:6f:ea:7e:2b:85:fd:13:08:74:dd:a0:ce:69:c2:c5:60:b6:
5c:7b:27:1c:d5:db:2c:f9:25:7a:02:10:07:ec:d6:b6:9c:0b:
2b:8d:66:25:83:86:43:ee:ac:4a:50:1c:eb:1a:9f:f3:bf:f1:
ce:37:01:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJLfuMpNLQ8TenXZZCEAIIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzYzM2ExNGNhYzdjN2EwOTIyZmZkOTgwZGU1ZjI3OGEz
YmUyNjcwHhcNMjIwNzI5MTk0NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWNkODFlZGY4MDQxYjI2MTc3MmU4N2M3YmY5ZTA1YmJmYTNhZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3unkPBHDBOxfJqTjlCbHp/Ccc2L
f3yK/Jis0Yn0ibhiFUXAe5VMmPXaP6cgZRqyMosnaVCFDbFfBVDXn//TuOEtvEWH
UWPdwTDRIbmidVrbgxNyFUPW5GIaL5FXab5pT0z/8eaP64Zpp1PToaXOxHgvv4Uj
woPzkw8gMdkIU1LuS+Kp0Gav4hJMT0OEtASlSGL5Tyjv2Hrv1+Sn28cn1jjzsUMk
Uh5LJb1z/cg6y9ENvUDoexF9hmil5Xa0qEqqGaGmz8iGydREQy5vX7i34Z7AAIzW
6rXsNr6YoOTBfRw6grLOQA0gXCbWVQKQtDeEyGcZ5LrWelBNVmn/0YRfmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM7Nge34BBsmF3LofHv54Fu/o65kMB8GA1UdIwQY
MBaAFNrGM6FMrHx6CSL/2YDeXyeKO+JnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNZem9VeXNmSG9KSXZfWmdONWZKNG83NG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jODUyYjUtYWNjNC00ZDcwLWFlZWIt
MjQ1MTVhMTRjNDU2LzEvenMyQjdmZ0VHeVlYY3VoOGVfbmdXNy1qcm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jODUyYjUtYWNjNC00ZDcwLWFlZWItMjQ1MTVhMTRjNDU2
LzEvMnNZem9VeXNmSG9KSXZfWmdONWZKNG83NG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+k9AwQA
1QXiMA0GCSqGSIb3DQEBCwUAA4IBAQBAJ0BIMcMDolgDRvFNN4lCAQwZgBRLuOAx
re0uLD8sMu8Oes+4tGCf7py3fOeEVXOi+Au1JszcgUm8O6K+zRa/pbxjcxIL0M2+
4RgebL7iv4ThoWEMMf5epQm+IJNFuj4Lio/R4MfZG3D5+GePylj2wwN3hjAcJS+W
O0pq5UvUuqo0e+uhV0lZNhI0cTSiLfKXet/Y6ZF3H+Kw+3qJ4hNUrqmyIRrIisdd
9fsUMpt5rR22WApcbnjdKme6Cq/FHOtnaYvMuIT8b+p+K4X9Ewh03aDOacLFYLZc
eycc1dss+SV6AhAH7Na2nAsrjWYlg4ZD7qxKUBzrGp/zv/HONwEb
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:17:00 2025 by rpki-client