Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/ZisLBBENPyAfDNFU6Yu_x8qSteo.roa
File: ZisLBBENPyAfDNFU6Yu_x8qSteo.roa (raw, json)
Hash identifier: 4q3tqBKhYrNi5ZsUAXf+CzQnFuL5Yh2l3+SOpz5K7lI=
Subject key identifier: 66:2B:0B:04:11:0D:3F:20:1F:0C:D1:54:E9:8B:BF:C7:CA:92:B5:EA
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 01856E6FA17A4633DB57F42EB57DF490CF00
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/ZisLBBENPyAfDNFU6Yu_x8qSteo.roa
Signing time: Sun 01 Jan 2023 17:44:47 +0000
ROA not before: Sun 01 Jan 2023 17:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24990
IP address blocks: 217.69.16.0/20 maxlen: 20
185.3.24.0/22 maxlen: 22
2a03:6c80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a1:7a:46:33:db:57:f4:2e:b5:7d:f4:90:cf:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 1 17:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=662b0b04110d3f201f0cd154e98bbfc7ca92b5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:37:e9:ff:86:89:b1:4e:5b:d3:f9:13:78:59:
f6:4d:d8:74:91:8b:a2:cb:a7:aa:dc:1d:a9:a2:21:
1d:72:72:6f:f6:0d:65:12:a6:9b:c5:03:4b:c5:a5:
d4:a0:12:6b:5f:b1:56:76:31:dc:a4:49:02:b3:ed:
39:25:6d:11:73:87:7d:b3:7b:ff:5b:82:bf:b7:ce:
d3:08:f5:15:d5:2a:74:76:7f:55:6d:04:0f:cc:42:
63:86:0e:bc:66:12:f4:0a:b0:cf:7b:51:84:c9:20:
76:a7:be:bd:ac:89:b0:8c:2f:f4:a1:e0:f6:cf:ca:
93:35:b5:4d:9f:25:b2:22:b5:38:4f:25:5f:75:16:
de:7f:b8:d2:e9:81:02:b9:fb:9f:d8:1d:e2:0d:f3:
49:02:7d:82:56:2c:26:11:7e:15:05:61:c8:80:78:
f3:0e:97:3f:ee:8c:67:c5:13:6d:9b:47:3e:be:f8:
32:c3:a4:a8:13:a4:8c:b5:39:16:2f:77:c3:7f:6d:
f6:45:99:06:f5:11:3b:56:56:a6:ac:fd:0c:00:4f:
19:1e:c6:01:5f:d3:70:c7:ec:cf:ea:c8:a3:75:9d:
41:8f:0d:e4:5e:dc:d5:72:ff:0e:63:df:11:98:5e:
5c:28:b8:95:5f:57:a9:af:62:6c:31:19:04:b2:97:
56:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2B:0B:04:11:0D:3F:20:1F:0C:D1:54:E9:8B:BF:C7:CA:92:B5:EA
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/ZisLBBENPyAfDNFU6Yu_x8qSteo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.24.0/22
217.69.16.0/20
IPv6:
2a03:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
09:00:d8:1a:c0:e3:5a:37:ce:79:c1:1e:01:09:cb:d4:ee:ab:
72:50:c6:92:35:e7:d5:eb:2c:27:43:fa:a0:a9:bd:1f:43:ad:
13:6c:f0:20:bf:ce:92:cb:44:31:3c:f3:39:14:a5:23:43:d8:
71:f9:37:7c:85:89:80:63:31:31:66:cf:92:73:ff:ba:5e:7f:
22:3f:51:b2:46:d8:85:7a:06:64:9f:4a:3c:b1:0a:c3:da:47:
d1:e6:21:f2:56:ae:a1:be:4c:d0:e2:88:e5:af:d5:99:39:e6:
0f:fa:7c:27:ec:b8:6f:53:79:b1:d0:3d:12:6f:3a:0c:1e:37:
28:6a:1f:b2:83:ab:0e:a6:38:d0:7a:cf:0d:98:7c:78:a9:27:
14:ac:94:63:a0:18:a7:72:5b:10:85:a0:7f:bb:9e:35:46:53:
83:0c:78:a1:95:24:55:f3:0e:c6:fd:8e:67:22:e9:24:93:ef:
e9:b1:b9:94:6d:81:9c:2d:67:c9:4d:3c:5f:cb:4a:d6:35:e9:
2d:6a:37:74:71:3d:eb:8e:d5:33:3f:68:99:ba:b8:2b:57:a2:
b3:9d:72:01:a8:72:38:11:08:f5:50:da:49:2d:6b:f7:47:d9:
f5:6f:68:f8:61:bb:86:25:3f:6d:ae:2e:0d:35:b9:fd:ae:5b:
8c:df:8e:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVub6F6RjPbV/QutX30kM8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm
ZDE5YjQwHhcNMjMwMTAxMTc0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJiMGIwNDExMGQzZjIwMWYwY2QxNTRlOThiYmZjN2NhOTJiNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzfp/4aJsU5b0/kTeFn2Tdh0kYui
y6eq3B2poiEdcnJv9g1lEqabxQNLxaXUoBJrX7FWdjHcpEkCs+05JW0Rc4d9s3v/
W4K/t87TCPUV1Sp0dn9VbQQPzEJjhg68ZhL0CrDPe1GEySB2p769rImwjC/0oeD2
z8qTNbVNnyWyIrU4TyVfdRbef7jS6YECufuf2B3iDfNJAn2CViwmEX4VBWHIgHjz
Dpc/7oxnxRNtm0c+vvgyw6SoE6SMtTkWL3fDf232RZkG9RE7VlamrP0MAE8ZHsYB
X9Nwx+zP6sijdZ1Bjw3kXtzVcv8OY98RmF5cKLiVX1epr2JsMRkEspdWzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGYrCwQRDT8gHwzRVOmLv8fKkrXqMB8GA1UdIwQY
MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt
NjFiNzkwMmVlMjA0LzEvWmlzTEJCRU5QeUFmRE5GVTZZdV94OHFTdGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0
LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQMYAwQE
2UUQMA0EAgACMAcDBQAqA2yAMA0GCSqGSIb3DQEBCwUAA4IBAQAJANgawONaN855
wR4BCcvU7qtyUMaSNefV6ywnQ/qgqb0fQ60TbPAgv86Sy0QxPPM5FKUjQ9hx+Td8
hYmAYzExZs+Sc/+6Xn8iP1GyRtiFegZkn0o8sQrD2kfR5iHyVq6hvkzQ4ojlr9WZ
OeYP+nwn7LhvU3mx0D0SbzoMHjcoah+yg6sOpjjQes8NmHx4qScUrJRjoBinclsQ
haB/u541RlODDHihlSRV8w7G/Y5nIukkk+/psbmUbYGcLWfJTTxfy0rWNektajd0
cT3rjtUzP2iZurgrV6KznXIBqHI4EQj1UNpJLWv3R9n1b2j4YbuGJT9tri4NNbn9
rluM346Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:39 2025 by rpki-client