Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/Ziaf1PIzxi_fqwxG4lffEvTgfhk.roa
File: Ziaf1PIzxi_fqwxG4lffEvTgfhk.roa (raw, json)
Hash identifier: xnZ0gQC/QgrmK2XspjZIVDu5Q5BDt89pWBQHe31xZOc=
Subject key identifier: 66:26:9F:D4:F2:33:C6:2F:DF:AB:0C:46:E2:57:DF:12:F4:E0:7E:19
Certificate issuer: /CN=64950e4e58d6ac27f80f09a5ed2f3028b81ae8ca
Certificate serial: 018570CBF9B1634B5393FE7C338C49A68940
Authority key identifier: 64:95:0E:4E:58:D6:AC:27:F8:0F:09:A5:ED:2F:30:28:B8:1A:E8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZJUOTljWrCf4Dwml7S8wKLga6Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/Ziaf1PIzxi_fqwxG4lffEvTgfhk.roa
Signing time: Mon 02 Jan 2023 04:44:53 +0000
ROA not before: Mon 02 Jan 2023 04:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43997
IP address blocks: 193.35.149.0/24 maxlen: 24
193.35.150.0/23 maxlen: 23
193.35.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f9:b1:63:4b:53:93:fe:7c:33:8c:49:a6:89:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64950e4e58d6ac27f80f09a5ed2f3028b81ae8ca
Validity
Not Before: Jan 2 04:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66269fd4f233c62fdfab0c46e257df12f4e07e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d3:ca:08:65:e3:9a:9b:96:84:8a:8d:06:b9:
c5:49:b3:3a:9a:de:ec:40:7b:13:48:30:d4:97:aa:
da:02:e0:1e:9f:7a:cb:8c:08:3e:c8:54:93:13:e6:
50:4a:7d:4f:4e:84:ad:30:29:9b:80:83:48:96:aa:
90:70:66:91:5e:b7:48:95:a7:97:f5:a5:b2:42:22:
7a:85:99:4d:8f:33:5c:43:df:7b:5e:22:38:57:02:
91:a3:32:e8:45:8a:c8:69:29:fc:9a:f0:2a:40:d6:
5e:0c:fc:0e:bd:0b:b6:01:fe:5a:ad:a0:8d:ff:72:
04:b5:ad:e7:12:31:43:a7:df:99:9f:f3:9f:c1:54:
80:c8:63:5c:9a:aa:e5:31:9f:ef:b9:d6:95:d5:ff:
69:94:cd:77:5f:b8:5a:62:6c:bd:64:41:ef:61:a8:
fc:35:bd:97:ee:d4:6c:0a:a2:f6:e6:1f:54:bb:d2:
c0:78:98:41:91:08:58:d2:a0:0d:f7:2c:00:85:15:
fe:da:8e:05:53:43:64:59:f7:41:d0:36:9d:ca:0d:
65:fc:01:33:3b:1b:34:a7:a4:c2:a1:d2:0e:5e:5c:
c7:88:64:6a:19:2b:6a:9f:4e:7b:fb:58:40:a3:09:
9a:31:02:00:4d:f4:c9:23:7c:40:82:be:cc:c8:a9:
c5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:26:9F:D4:F2:33:C6:2F:DF:AB:0C:46:E2:57:DF:12:F4:E0:7E:19
X509v3 Authority Key Identifier:
keyid:64:95:0E:4E:58:D6:AC:27:F8:0F:09:A5:ED:2F:30:28:B8:1A:E8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZJUOTljWrCf4Dwml7S8wKLga6Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/Ziaf1PIzxi_fqwxG4lffEvTgfhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/ZJUOTljWrCf4Dwml7S8wKLga6Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.148.0/22
Signature Algorithm: sha256WithRSAEncryption
87:fa:f2:f7:e7:ba:74:63:77:93:80:b7:28:34:45:e4:e7:9f:
f1:31:f7:dd:83:43:13:eb:ca:ba:bf:e6:ff:21:7c:bd:14:84:
d1:37:d5:b3:18:01:a9:9b:37:92:4a:40:50:80:d3:07:31:de:
d3:81:18:42:9a:2d:3a:c2:9b:65:b5:85:2c:cc:46:94:3d:9e:
69:41:75:3a:01:4b:43:c0:68:af:f9:2f:e0:18:3f:43:a7:c1:
a8:33:7e:73:7c:f2:fb:9c:b6:53:fa:e3:a4:83:99:bb:8e:78:
cc:d7:a0:22:2d:4f:db:5d:74:20:9a:3d:47:3a:c2:ac:08:61:
5f:52:87:9a:4c:1a:e1:fb:14:49:4f:26:b7:0a:78:d8:08:ed:
a3:ae:3f:71:4f:b2:90:34:d5:49:13:fd:55:20:d7:09:72:99:
f8:85:5e:88:81:97:70:a3:a5:99:96:33:90:43:ce:48:97:ac:
3f:dd:52:96:af:f1:7b:9e:bb:2c:52:9c:48:3d:c5:98:26:d5:
cc:16:ae:de:14:75:c0:71:b2:a6:0a:79:16:fd:4b:5d:a8:d6:
e2:19:9b:83:8b:06:67:0c:57:87:d0:c8:8b:30:b9:5c:fb:6e:
f6:f8:68:c8:1b:43:1a:06:bb:fd:45:c6:60:13:e3:57:a3:f6:
29:22:07:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy/mxY0tTk/58M4xJpolAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0OTUwZTRlNThkNmFjMjdmODBmMDlhNWVkMmYzMDI4Yjgx
YWU4Y2EwHhcNMjMwMTAyMDQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjI2OWZkNGYyMzNjNjJmZGZhYjBjNDZlMjU3ZGYxMmY0ZTA3ZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNPKCGXjmpuWhIqNBrnFSbM6mt7s
QHsTSDDUl6raAuAen3rLjAg+yFSTE+ZQSn1PToStMCmbgINIlqqQcGaRXrdIlaeX
9aWyQiJ6hZlNjzNcQ997XiI4VwKRozLoRYrIaSn8mvAqQNZeDPwOvQu2Af5araCN
/3IEta3nEjFDp9+Zn/OfwVSAyGNcmqrlMZ/vudaV1f9plM13X7haYmy9ZEHvYaj8
Nb2X7tRsCqL25h9Uu9LAeJhBkQhY0qAN9ywAhRX+2o4FU0NkWfdB0Dadyg1l/AEz
Oxs0p6TCodIOXlzHiGRqGStqn057+1hAowmaMQIATfTJI3xAgr7MyKnFyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGYmn9TyM8Yv36sMRuJX3xL04H4ZMB8GA1UdIwQY
MBaAFGSVDk5Y1qwn+A8Jpe0vMCi4GujKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkpVT1RsaldyQ2Y0RHdtbDdTOHdLTGdhNk1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zMDAyMTEtMDkwOS00MjA2LTkxMzYt
ZTY2ZDQxMWZhNmEwLzEvWmlhZjFQSXp4aV9mcXd4RzRsZmZFdlRnZmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zMDAyMTEtMDkwOS00MjA2LTkxMzYtZTY2ZDQxMWZhNmEw
LzEvWkpVT1RsaldyQ2Y0RHdtbDdTOHdLTGdhNk1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSOUMA0G
CSqGSIb3DQEBCwUAA4IBAQCH+vL357p0Y3eTgLcoNEXk55/xMffdg0MT68q6v+b/
IXy9FITRN9WzGAGpmzeSSkBQgNMHMd7TgRhCmi06wptltYUszEaUPZ5pQXU6AUtD
wGiv+S/gGD9Dp8GoM35zfPL7nLZT+uOkg5m7jnjM16AiLU/bXXQgmj1HOsKsCGFf
UoeaTBrh+xRJTya3CnjYCO2jrj9xT7KQNNVJE/1VINcJcpn4hV6IgZdwo6WZljOQ
Q85Il6w/3VKWr/F7nrssUpxIPcWYJtXMFq7eFHXAcbKmCnkW/UtdqNbiGZuDiwZn
DFeH0MiLMLlc+272+GjIG0MaBrv9RcZgE+NXo/YpIgfh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:30 2025 by rpki-client