Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/zciPbioRzQ8wiAhUsSbNDnhVZj4.roa
File: zciPbioRzQ8wiAhUsSbNDnhVZj4.roa (raw, json)
Hash identifier: Lnt9qaZHo2yIyPAJSWR06MVaibzPeAwnP+IBOClRWmY=
Subject key identifier: CD:C8:8F:6E:2A:11:CD:0F:30:88:08:54:B1:26:CD:0E:78:55:66:3E
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 01856F79618B17705C5628BC520ABF52E50A
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/zciPbioRzQ8wiAhUsSbNDnhVZj4.roa
Signing time: Sun 01 Jan 2023 22:35:03 +0000
ROA not before: Sun 01 Jan 2023 22:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204533
IP address blocks: 185.248.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:61:8b:17:70:5c:56:28:bc:52:0a:bf:52:e5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Jan 1 22:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdc88f6e2a11cd0f30880854b126cd0e7855663e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8d:08:fa:75:04:d9:62:e3:2c:23:0e:15:68:
e3:91:a3:94:59:b8:ea:fd:9b:a1:39:4b:85:ac:fd:
3e:26:73:e8:68:e9:6f:fa:25:71:9b:53:2a:7e:bc:
b2:c7:dd:30:20:02:24:00:4f:11:e0:12:43:2f:fd:
21:fc:2a:9e:1d:45:01:2f:32:17:10:47:1a:d5:d8:
9d:59:f7:ee:24:c1:be:06:bb:c7:c7:2f:27:3d:cd:
df:08:28:85:57:f3:cb:42:fe:8a:f2:a4:51:d4:96:
f6:da:fb:59:e0:48:ee:15:f0:4f:d8:28:4f:a1:1a:
e2:d6:07:16:8e:06:7d:f5:b5:83:32:37:f6:6d:12:
97:8a:31:88:35:25:04:c9:90:44:bb:1a:2a:54:92:
2c:9a:35:aa:b7:2d:33:0d:16:6a:d0:1c:e9:b8:f4:
f9:23:21:5f:4b:c4:c3:ce:b5:c3:58:8b:f6:dd:5b:
b4:fd:b4:8a:1d:5f:42:89:89:ba:40:53:13:e6:c7:
6c:c2:a1:4e:17:80:6c:85:00:1b:04:b3:e6:18:25:
ee:6d:a7:40:66:9e:9e:f1:e9:1e:09:91:a1:b6:5a:
a2:23:ff:44:a8:51:f7:da:6d:0f:8c:70:46:e4:59:
48:40:61:07:db:97:88:92:76:ae:fb:56:b7:16:e8:
b1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C8:8F:6E:2A:11:CD:0F:30:88:08:54:B1:26:CD:0E:78:55:66:3E
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/zciPbioRzQ8wiAhUsSbNDnhVZj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.32.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:35:29:ad:b6:95:b9:b5:ce:d9:69:77:01:90:02:02:41:84:
22:8c:fe:b7:5d:ea:77:43:e9:9d:c7:53:b4:a0:a1:16:9e:ae:
22:36:f1:81:f3:9c:30:d1:0d:77:c2:fc:e5:4d:ad:63:43:b7:
cc:e9:b9:b0:6d:14:3e:41:b4:23:91:c9:7f:6e:a5:5e:9f:ae:
da:14:b8:c8:dc:8e:f7:02:05:84:27:36:68:9f:73:07:e0:d6:
cd:0e:5d:22:df:a8:21:1f:c8:a0:97:5a:ae:75:c7:d0:d8:c0:
14:ad:c9:5a:52:76:14:91:68:cb:6a:7a:59:65:15:98:5d:b8:
45:41:b4:ee:a0:d1:5e:38:7c:e9:fb:de:dc:45:e4:0a:f9:12:
d7:fe:d3:80:6c:25:3e:c9:89:ed:54:2a:b5:6d:59:5f:1a:95:
50:84:16:4e:4a:a1:b3:19:4a:04:eb:3d:05:5f:30:6d:98:c6:
08:9c:3f:3b:c2:42:3c:c8:6c:6d:b7:f0:d1:14:b0:84:87:11:
e8:b1:b3:b2:55:00:fc:71:5a:00:f2:cb:30:10:84:ca:73:ea:
ee:dc:eb:c2:8d:3d:b9:9b:13:f6:49:0a:3d:01:e3:f5:03:a6:
ed:e6:52:a3:c1:1f:7a:d0:18:dc:96:ca:c9:1e:a5:a7:f7:4a:
f5:d8:2c:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveWGLF3BcVii8Ugq/UuUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjMwMTAxMjIzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGM4OGY2ZTJhMTFjZDBmMzA4ODA4NTRiMTI2Y2QwZTc4NTU2NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho0I+nUE2WLjLCMOFWjjkaOUWbjq
/ZuhOUuFrP0+JnPoaOlv+iVxm1Mqfryyx90wIAIkAE8R4BJDL/0h/CqeHUUBLzIX
EEca1didWffuJMG+BrvHxy8nPc3fCCiFV/PLQv6K8qRR1Jb22vtZ4EjuFfBP2ChP
oRri1gcWjgZ99bWDMjf2bRKXijGINSUEyZBEuxoqVJIsmjWqty0zDRZq0BzpuPT5
IyFfS8TDzrXDWIv23Vu0/bSKHV9CiYm6QFMT5sdswqFOF4BshQAbBLPmGCXubadA
Zp6e8ekeCZGhtlqiI/9EqFH32m0PjHBG5FlIQGEH25eIknau+1a3FuixBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3Ij24qEc0PMIgIVLEmzQ54VWY+MB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvemNpUGJpb1J6UTh3aUFoVXNTYk5EbmhWWmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufggMA0G
CSqGSIb3DQEBCwUAA4IBAQAtNSmttpW5tc7ZaXcBkAICQYQijP63Xep3Q+mdx1O0
oKEWnq4iNvGB85ww0Q13wvzlTa1jQ7fM6bmwbRQ+QbQjkcl/bqVen67aFLjI3I73
AgWEJzZon3MH4NbNDl0i36ghH8igl1qudcfQ2MAUrclaUnYUkWjLanpZZRWYXbhF
QbTuoNFeOHzp+97cReQK+RLX/tOAbCU+yYntVCq1bVlfGpVQhBZOSqGzGUoE6z0F
XzBtmMYInD87wkI8yGxtt/DRFLCEhxHosbOyVQD8cVoA8sswEITKc+ru3OvCjT25
mxP2SQo9AeP1A6bt5lKjwR960BjclsrJHqWn90r12Cw0
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:22:27 2025 by rpki-client