Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/sk_Pzh6iD-enI0dGMkgz2Z9LfZY.roa
File: sk_Pzh6iD-enI0dGMkgz2Z9LfZY.roa (raw, json)
Hash identifier: zIfLBt/NSgurYteRCmXfSsw4C9tOGY3uDQb+3YFyU/o=
Subject key identifier: B2:4F:CF:CE:1E:A2:0F:E7:A7:23:47:46:32:48:33:D9:9F:4B:7D:96
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 018572D5D35260EFA534D033D9140A93D922
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/sk_Pzh6iD-enI0dGMkgz2Z9LfZY.roa
Signing time: Mon 02 Jan 2023 14:14:53 +0000
ROA not before: Mon 02 Jan 2023 14:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15594
IP address blocks: 217.116.112.0/20 maxlen: 25
217.10.64.0/20 maxlen: 25
82.116.96.0/19 maxlen: 25
95.174.128.0/19 maxlen: 25
212.9.32.0/19 maxlen: 25
2001:ab7:f000::/36 maxlen: 49
2001:ab7:3000::/36 maxlen: 49
2001:ab7:2000::/36 maxlen: 49
2001:ab7:1000::/36 maxlen: 49
2001:ab7::/36 maxlen: 49
2001:ab7:4000::/36 maxlen: 49
2001:ab0::/29 maxlen: 48
2001:ab0::/36 maxlen: 49
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:d3:52:60:ef:a5:34:d0:33:d9:14:0a:93:d9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Jan 2 14:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b24fcfce1ea20fe7a7234746324833d99f4b7d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ca:0d:14:60:c1:09:ef:b4:ef:10:6a:de:86:
e4:eb:c5:3e:ce:fe:3b:80:55:8a:43:51:5a:0a:2b:
ab:eb:f6:bd:17:db:7d:06:47:e6:42:27:ff:a8:11:
2b:c8:b7:36:4d:7a:a5:9f:3e:f2:14:06:a8:cd:eb:
39:19:37:06:1c:9e:58:23:9b:2a:3f:68:5d:08:05:
39:ba:25:5f:23:75:fb:f3:d7:d4:a9:bb:4f:b7:82:
67:f2:92:ba:04:33:d6:d1:c3:10:4a:9e:0d:c5:f3:
b0:15:19:0b:79:97:e1:d1:eb:4c:2d:89:84:99:b0:
32:64:81:0b:58:c1:13:4b:25:3d:57:b6:8a:8c:9e:
45:51:42:dd:a8:d2:eb:46:f8:74:c7:28:13:a9:0a:
0b:fa:04:e5:0b:ac:d8:1e:f4:44:da:70:f2:6f:81:
8a:b8:19:80:3b:f1:de:6a:04:22:a2:05:0e:6f:ee:
00:2e:e8:f3:c8:37:34:d5:aa:4e:25:55:cb:05:1e:
6b:64:54:73:fc:a5:d4:bc:9a:e5:50:54:73:6f:44:
e3:f2:89:cb:b9:92:e2:10:6a:d2:08:8f:fd:a6:cb:
2e:16:a3:da:9f:a7:d4:ca:25:a0:77:a8:2e:a7:4d:
3e:c7:11:7a:62:ce:9a:aa:3c:4f:3e:91:c5:31:06:
99:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:4F:CF:CE:1E:A2:0F:E7:A7:23:47:46:32:48:33:D9:9F:4B:7D:96
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/sk_Pzh6iD-enI0dGMkgz2Z9LfZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:da:5e:b7:c0:c2:ab:44:e0:06:78:de:bd:33:67:69:9c:ab:
d3:ec:f1:33:11:99:a4:e8:d2:fb:73:95:90:55:b5:57:6d:4a:
3e:2f:08:d7:5b:fa:f0:d1:ce:df:be:53:d0:af:49:36:1d:07:
02:49:8a:d3:b0:51:2a:49:39:48:7e:8f:6b:3d:01:df:03:d3:
47:83:e4:2a:9a:44:13:02:ef:f5:80:f7:59:a6:d0:24:73:58:
45:fb:a6:99:8d:0a:b9:23:44:8c:ec:ef:39:8d:09:af:c9:00:
2e:82:41:91:1e:b5:52:67:33:ff:5d:48:f9:87:b2:03:fd:35:
eb:49:87:65:75:81:c2:37:f0:0d:e0:6c:e5:6e:7d:a5:0e:7a:
5e:1a:cd:bf:22:26:b6:82:17:6e:86:79:5b:15:9b:d0:b6:62:
19:46:54:23:4c:b4:08:27:c3:47:70:39:72:6f:2b:e8:92:de:
15:8c:e3:01:f9:75:67:22:69:62:58:81:c2:39:c4:10:7f:02:
d8:61:03:f4:a4:cc:e4:c5:93:35:56:60:d9:38:3c:56:1d:df:
de:93:1a:30:a4:29:59:9d:9b:73:0a:fd:ab:92:e5:7a:58:3e:
72:61:fc:f4:8c:ed:c2:5d:ff:ac:22:60:27:2a:26:5c:8d:66:
91:82:a9:df
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVy1dNSYO+lNNAz2RQKk9kiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0
MmY1MGQwHhcNMjMwMTAyMTQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjRmY2ZjZTFlYTIwZmU3YTcyMzQ3NDYzMjQ4MzNkOTlmNGI3ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMoNFGDBCe+07xBq3obk68U+zv47
gFWKQ1FaCiur6/a9F9t9BkfmQif/qBEryLc2TXqlnz7yFAaozes5GTcGHJ5YI5sq
P2hdCAU5uiVfI3X789fUqbtPt4Jn8pK6BDPW0cMQSp4NxfOwFRkLeZfh0etMLYmE
mbAyZIELWMETSyU9V7aKjJ5FUULdqNLrRvh0xygTqQoL+gTlC6zYHvRE2nDyb4GK
uBmAO/HeagQiogUOb+4ALujzyDc01apOJVXLBR5rZFRz/KXUvJrlUFRzb0Tj8onL
uZLiEGrSCI/9pssuFqPan6fUyiWgd6gup00+xxF6Ys6aqjxPPpHFMQaZ/wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLJPz84eog/npyNHRjJIM9mfS32WMB8GA1UdIwQY
MBaAFOP3Bwb2wM+9nHOn89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTIt
MDlmZjc5MzA4YmJlLzEvc2tfUHpoNmlELWVuSTBkR01rZ3oyWjlMZlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJl
LzEvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQF
X66AAwQF1AkgAwQE2QpAAwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEB
CwUAA4IBAQA/2l63wMKrROAGeN69M2dpnKvT7PEzEZmk6NL7c5WQVbVXbUo+LwjX
W/rw0c7fvlPQr0k2HQcCSYrTsFEqSTlIfo9rPQHfA9NHg+QqmkQTAu/1gPdZptAk
c1hF+6aZjQq5I0SM7O85jQmvyQAugkGRHrVSZzP/XUj5h7ID/TXrSYdldYHCN/AN
4Gzlbn2lDnpeGs2/Iia2ghduhnlbFZvQtmIZRlQjTLQIJ8NHcDlybyvokt4VjOMB
+XVnImliWIHCOcQQfwLYYQP0pMzkxZM1VmDZODxWHd/ekxowpClZnZtzCv2rkuV6
WD5yYfz0jO3CXf+sImAnKiZcjWaRgqnf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:43 2025 by rpki-client