Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2e82cb-4a6e-408f-af20-843154a80b72/1/ZpPQji5GEMDzcQacyJ0M6hfFDF0.roa
File: ZpPQji5GEMDzcQacyJ0M6hfFDF0.roa (raw, json)
Hash identifier: kcU/bYN6bT7xcBIyfDvU+aYvz9wqhoZxWjuh6y6G3OU=
Subject key identifier: 66:93:D0:8E:2E:46:10:C0:F3:71:06:9C:C8:9D:0C:EA:17:C5:0C:5D
Certificate issuer: /CN=e22a93ceb82b675a84b0d78e79ae4a797ca98231
Certificate serial: 01856D93D510D84397403B33DDA2AD8CDE87
Authority key identifier: E2:2A:93:CE:B8:2B:67:5A:84:B0:D7:8E:79:AE:4A:79:7C:A9:82:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4iqTzrgrZ1qEsNeOea5KeXypgjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2e82cb-4a6e-408f-af20-843154a80b72/1/ZpPQji5GEMDzcQacyJ0M6hfFDF0.roa
Signing time: Sun 01 Jan 2023 13:44:42 +0000
ROA not before: Sun 01 Jan 2023 13:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47176
IP address blocks: 185.159.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:d5:10:d8:43:97:40:3b:33:dd:a2:ad:8c:de:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e22a93ceb82b675a84b0d78e79ae4a797ca98231
Validity
Not Before: Jan 1 13:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6693d08e2e4610c0f371069cc89d0cea17c50c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0d:cb:bf:04:61:0b:31:9a:56:bd:09:1a:16:
96:70:39:15:96:5d:7b:51:ac:22:09:ee:cd:e0:6b:
8e:58:fb:b4:ee:e1:f6:41:a9:39:c0:35:da:c2:ab:
5c:26:00:83:e1:c0:08:e3:91:f3:14:38:a9:29:8f:
1d:5e:80:2e:d9:c4:da:96:5a:42:de:a2:75:d3:ec:
d7:0b:f7:dc:31:ed:b1:d4:ca:d8:8d:21:82:ef:96:
44:89:f6:0e:c5:75:be:f9:d4:fe:f8:d8:ea:5a:6e:
26:7e:e2:ff:da:d3:02:97:c7:2c:fe:14:86:cf:63:
1a:58:39:df:e3:a2:5f:a3:1a:be:e7:69:b4:fc:99:
54:25:d0:d8:9d:2b:80:26:ff:36:c2:8a:31:4a:b8:
49:95:bd:0c:dc:fc:ed:99:e2:63:6c:3c:a7:9d:02:
ab:c5:11:9a:89:39:16:f3:2f:33:0d:28:d2:ea:96:
fc:2e:21:96:4b:7c:d8:be:42:79:d6:61:24:a1:74:
f0:43:eb:90:70:bb:5d:27:5d:1b:0a:52:aa:1f:99:
4d:38:eb:45:03:1f:7d:f0:35:55:ee:b6:ac:e4:13:
2c:a3:60:f4:ff:7b:50:d3:e5:1b:fd:9e:5e:ec:fe:
d3:fb:f0:0d:c8:89:83:ee:22:60:5e:a3:f4:ed:46:
3b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:93:D0:8E:2E:46:10:C0:F3:71:06:9C:C8:9D:0C:EA:17:C5:0C:5D
X509v3 Authority Key Identifier:
keyid:E2:2A:93:CE:B8:2B:67:5A:84:B0:D7:8E:79:AE:4A:79:7C:A9:82:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iqTzrgrZ1qEsNeOea5KeXypgjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2e82cb-4a6e-408f-af20-843154a80b72/1/ZpPQji5GEMDzcQacyJ0M6hfFDF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2e82cb-4a6e-408f-af20-843154a80b72/1/4iqTzrgrZ1qEsNeOea5KeXypgjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.204.0/22
Signature Algorithm: sha256WithRSAEncryption
70:6d:1f:57:2d:da:c4:6c:52:2d:fe:3c:c0:5a:38:9b:97:ea:
64:c3:22:b9:d8:0b:a4:a0:c3:ed:da:d7:9a:b2:1b:93:ea:99:
5b:4a:dc:7b:5d:ab:b9:42:17:2d:ee:1d:40:66:61:55:d8:78:
c6:a7:60:50:09:41:f1:cb:48:37:08:c9:b9:da:64:fb:e9:3e:
4e:10:36:fc:31:e0:64:70:02:5f:90:f6:ce:1c:cf:60:28:eb:
fb:7a:24:96:37:4e:f7:77:2f:26:6d:29:30:34:05:7e:f5:ab:
e1:48:74:f2:86:39:65:3a:3c:f8:80:0b:8a:ec:bd:88:da:75:
29:2d:77:a6:ff:87:86:bd:6d:a4:f8:ff:39:b0:d8:03:4e:eb:
d5:8a:a2:2b:f9:51:55:dc:7d:77:70:d0:8b:bd:0c:37:e6:12:
d9:82:54:cc:e1:72:68:ea:57:a4:16:aa:51:00:dc:42:c7:32:
74:bc:c8:56:0b:ae:dd:c9:fb:08:36:26:4b:8c:08:b5:99:d6:
2e:da:0d:d7:43:6e:15:82:92:18:3a:3c:25:53:43:14:62:a5:
d1:6b:e9:8f:d1:54:02:90:7f:32:bb:51:e8:78:59:a6:4f:36:
2f:17:b6:0e:13:39:99:ef:60:99:da:99:7d:11:1b:6e:4e:db:
87:ba:b1:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtk9UQ2EOXQDsz3aKtjN6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMmE5M2NlYjgyYjY3NWE4NGIwZDc4ZTc5YWU0YTc5N2Nh
OTgyMzEwHhcNMjMwMTAxMTM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjkzZDA4ZTJlNDYxMGMwZjM3MTA2OWNjODlkMGNlYTE3YzUwYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ3LvwRhCzGaVr0JGhaWcDkVll17
UawiCe7N4GuOWPu07uH2Qak5wDXawqtcJgCD4cAI45HzFDipKY8dXoAu2cTallpC
3qJ10+zXC/fcMe2x1MrYjSGC75ZEifYOxXW++dT++NjqWm4mfuL/2tMCl8cs/hSG
z2MaWDnf46Jfoxq+52m0/JlUJdDYnSuAJv82wooxSrhJlb0M3PztmeJjbDynnQKr
xRGaiTkW8y8zDSjS6pb8LiGWS3zYvkJ51mEkoXTwQ+uQcLtdJ10bClKqH5lNOOtF
Ax998DVV7ras5BMso2D0/3tQ0+Ub/Z5e7P7T+/ANyImD7iJgXqP07UY7MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGaT0I4uRhDA83EGnMidDOoXxQxdMB8GA1UdIwQY
MBaAFOIqk864K2dahLDXjnmuSnl8qYIxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlxVHpyZ3JaMXFFc05lT2VhNUtlWHlwZ2pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yZTgyY2ItNGE2ZS00MDhmLWFmMjAt
ODQzMTU0YTgwYjcyLzEvWnBQUWppNUdFTUR6Y1FhY3lKME02aGZGREYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yZTgyY2ItNGE2ZS00MDhmLWFmMjAtODQzMTU0YTgwYjcy
LzEvNGlxVHpyZ3JaMXFFc05lT2VhNUtlWHlwZ2pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/MMA0G
CSqGSIb3DQEBCwUAA4IBAQBwbR9XLdrEbFIt/jzAWjibl+pkwyK52AukoMPt2tea
shuT6plbStx7Xau5Qhct7h1AZmFV2HjGp2BQCUHxy0g3CMm52mT76T5OEDb8MeBk
cAJfkPbOHM9gKOv7eiSWN073dy8mbSkwNAV+9avhSHTyhjllOjz4gAuK7L2I2nUp
LXem/4eGvW2k+P85sNgDTuvViqIr+VFV3H13cNCLvQw35hLZglTM4XJo6lekFqpR
ANxCxzJ0vMhWC67dyfsINiZLjAi1mdYu2g3XQ24VgpIYOjwlU0MUYqXRa+mP0VQC
kH8yu1HoeFmmTzYvF7YOEzmZ72CZ2pl9ERtuTtuHurHX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:01 2025 by rpki-client