Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/fztc2N2-UhkAEmuCuUySUQQ_gP4.roa
File: fztc2N2-UhkAEmuCuUySUQQ_gP4.roa (raw, json)
Hash identifier: Vh6ZbYinBPkGbvIYr9EiCOXqfNhw4B9hFhZJ/bH/QlM=
Subject key identifier: 7F:3B:5C:D8:DD:BE:52:19:00:12:6B:82:B9:4C:92:51:04:3F:80:FE
Certificate issuer: /CN=eeb320be89726831f3fd900740f1f906f9b19c6a
Certificate serial: 07F5FA32
Authority key identifier: EE:B3:20:BE:89:72:68:31:F3:FD:90:07:40:F1:F9:06:F9:B1:9C:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rMgvolyaDHz_ZAHQPH5BvmxnGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/fztc2N2-UhkAEmuCuUySUQQ_gP4.roa
Signing time: Tue 05 Apr 2022 08:26:01 +0000
ROA not before: Tue 05 Apr 2022 08:26:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200322
IP address blocks: 185.245.250.0/24 maxlen: 24
185.245.248.0/22 maxlen: 24
2a0d:7080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133560882 (0x7f5fa32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeb320be89726831f3fd900740f1f906f9b19c6a
Validity
Not Before: Apr 5 08:26:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f3b5cd8ddbe521900126b82b94c9251043f80fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:82:5f:2e:bb:13:25:5f:30:e5:d9:0e:a8:05:
f8:0d:9e:69:94:fb:c8:59:31:36:f1:7b:d3:b6:87:
43:03:38:e4:4c:14:e6:c6:a4:6d:2c:9e:54:fd:3e:
54:42:c9:8f:56:5a:10:bd:d2:73:5f:59:13:a7:31:
c2:96:22:c7:39:71:87:e8:3f:e6:6f:ca:15:70:54:
c1:6d:ef:16:57:b2:fd:9b:b1:67:05:29:69:81:1d:
fe:ff:3a:89:96:7d:ab:cb:05:16:60:f8:e6:e2:39:
5b:d3:ec:78:04:22:02:7f:73:c9:3c:fe:9f:38:24:
be:75:53:4e:81:17:be:32:fb:b5:ac:20:d6:4a:56:
6d:7c:ad:0e:04:8a:ab:9c:cf:a3:7d:0c:74:f9:e0:
5d:df:20:be:3a:88:90:27:9b:32:f7:5e:0a:5e:0e:
76:a1:f4:37:b3:d8:68:13:be:d0:7a:47:2f:ba:4b:
f5:d3:ac:22:2b:a5:e6:62:a3:78:78:40:a6:f8:f5:
05:49:4a:1b:40:73:e0:fd:cf:23:85:72:53:30:8c:
9e:1d:2e:87:33:5c:0a:89:5e:3a:cd:c9:00:ae:ef:
92:06:67:c8:5a:44:d3:db:e4:c1:e3:42:64:0e:b9:
69:d3:82:44:2a:cb:79:35:da:d3:31:02:dc:81:72:
f7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3B:5C:D8:DD:BE:52:19:00:12:6B:82:B9:4C:92:51:04:3F:80:FE
X509v3 Authority Key Identifier:
keyid:EE:B3:20:BE:89:72:68:31:F3:FD:90:07:40:F1:F9:06:F9:B1:9C:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rMgvolyaDHz_ZAHQPH5BvmxnGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/fztc2N2-UhkAEmuCuUySUQQ_gP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/7rMgvolyaDHz_ZAHQPH5BvmxnGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.248.0/22
IPv6:
2a0d:7080::/29
Signature Algorithm: sha256WithRSAEncryption
5b:9a:75:97:18:20:d7:46:15:e2:f4:65:1e:73:6f:c6:30:f6:
95:8a:0a:df:9c:d2:9f:ef:ea:92:15:90:a9:b9:5b:0b:2c:30:
63:ef:b2:af:df:b6:b6:49:68:a6:90:08:82:64:07:7c:d2:18:
d1:2a:c6:a6:50:44:02:8d:a0:79:7b:d0:fd:86:f4:df:e4:f1:
53:97:a6:78:f3:cd:71:3a:90:5e:95:ad:91:c6:83:75:1a:30:
aa:eb:88:da:14:4e:53:f4:c2:ed:27:25:b3:a0:e7:93:90:e1:
70:4a:3d:e3:70:6a:82:57:9d:0b:89:8a:9d:35:f5:99:81:74:
b2:72:6b:7a:f5:45:05:43:85:52:a4:50:27:3f:8e:50:0e:4b:
b6:bf:43:bd:68:2d:7f:da:ab:49:61:4c:26:11:38:a4:17:f8:
aa:89:84:62:19:59:96:9f:b2:e4:0c:bf:72:31:d7:2e:1e:26:
ca:79:1e:e8:ee:e4:7a:4a:39:f9:9e:64:c8:b8:7c:fb:d2:b8:
18:89:5d:6c:7f:e9:a7:ce:1c:d3:bb:12:96:18:6b:a7:2e:6b:
62:8f:81:a2:66:33:2d:89:ae:45:b0:cc:2c:1b:da:da:31:f8:
19:09:43:6e:29:4d:67:eb:bb:14:67:2a:55:82:db:a2:86:04:
83:86:24:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB/X6MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWIzMjBiZTg5NzI2ODMxZjNmZDkwMDc0MGYxZjkwNmY5YjE5YzZhMB4XDTIyMDQw
NTA4MjYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2YzYjVjZDhkZGJl
NTIxOTAwMTI2YjgyYjk0YzkyNTEwNDNmODBmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2CXy67EyVfMOXZDqgF+A2eaZT7yFkxNvF707aHQwM45EwU
5sakbSyeVP0+VELJj1ZaEL3Sc19ZE6cxwpYixzlxh+g/5m/KFXBUwW3vFley/Zux
ZwUpaYEd/v86iZZ9q8sFFmD45uI5W9PseAQiAn9zyTz+nzgkvnVTToEXvjL7tawg
1kpWbXytDgSKq5zPo30MdPngXd8gvjqIkCebMvdeCl4OdqH0N7PYaBO+0HpHL7pL
9dOsIiul5mKjeHhApvj1BUlKG0Bz4P3PI4VyUzCMnh0uhzNcColeOs3JAK7vkgZn
yFpE09vkweNCZA65adOCRCrLeTXa0zEC3IFy9xsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR/O1zY3b5SGQASa4K5TJJRBD+A/jAfBgNVHSMEGDAWgBTusyC+iXJoMfP9
kAdA8fkG+bGcajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdyTWd2b2x5YURIel9aQUhRUEg1QnZteG5Hby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZDkwYmU4LWY2MDUtNGZjOC04ZjA5LTAyMTA0MGFhM2M4YS8x
L2Z6dGMyTjItVWhrQUVtdUN1VXlTVVFRX2dQNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZDkwYmU4LWY2MDUtNGZjOC04ZjA5LTAyMTA0MGFhM2M4YS8xLzdyTWd2b2x5YURI
el9aQUhRUEg1QnZteG5Hby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn1+DANBAIAAjAHAwUDKg1wgDAN
BgkqhkiG9w0BAQsFAAOCAQEAW5p1lxgg10YV4vRlHnNvxjD2lYoK35zSn+/qkhWQ
qblbCywwY++yr9+2tkloppAIgmQHfNIY0SrGplBEAo2geXvQ/Yb03+TxU5emePPN
cTqQXpWtkcaDdRowquuI2hROU/TC7Scls6Dnk5DhcEo943BqgledC4mKnTX1mYF0
snJrevVFBUOFUqRQJz+OUA5Ltr9DvWgtf9qrSWFMJhE4pBf4qomEYhlZlp+y5Ay/
cjHXLh4mynke6O7keko5+Z5kyLh8+9K4GIldbH/pp84c07sSlhhrpy5rYo+BomYz
LYmuRbDMLBva2jH4GQlDbilNZ+u7FGcqVYLbooYEg4YkJg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:39 2025 by rpki-client