Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/ZyjbjwCm_OPPRTC2rqeJjCKC1js.roa
File: ZyjbjwCm_OPPRTC2rqeJjCKC1js.roa (raw, json)
Hash identifier: Q3sPz5bBRQuNVHCZMVQ56Bg9faRF/m8bUYhMI7H0iV0=
Subject key identifier: 67:28:DB:8F:00:A6:FC:E3:CF:45:30:B6:AE:A7:89:8C:22:82:D6:3B
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 01856F2FDD7EAEECEA686296EA1E75CA735A
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/ZyjbjwCm_OPPRTC2rqeJjCKC1js.roa
Signing time: Sun 01 Jan 2023 21:14:45 +0000
ROA not before: Sun 01 Jan 2023 21:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43131
IP address blocks: 81.161.226.0/24 maxlen: 24
2a03:e842::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:dd:7e:ae:ec:ea:68:62:96:ea:1e:75:ca:73:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 21:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6728db8f00a6fce3cf4530b6aea7898c2282d63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:68:77:a3:c6:71:6b:c0:d2:af:0b:04:52:95:
f7:a1:76:8d:77:36:71:76:e6:81:bd:5d:05:2d:d1:
0d:4c:cf:2f:72:07:d6:1d:f6:b1:72:bf:a1:0c:5e:
45:cd:29:b8:54:bc:6b:28:a0:08:c4:ed:6d:3d:e0:
ac:8e:df:90:6e:75:cd:78:82:31:8d:56:c7:1a:6d:
61:38:e4:3e:82:d9:fb:d7:33:58:02:da:31:5f:e7:
a9:b2:c7:50:23:e5:e7:b6:e7:1d:2f:c0:8d:91:05:
8a:09:94:02:a6:09:5a:34:12:57:de:58:a7:80:eb:
07:50:0e:ea:67:7d:e2:2d:ed:ad:f1:c6:9f:ce:5c:
59:22:a9:e2:67:8b:d5:db:7f:09:33:40:04:be:29:
65:d7:ab:7e:bb:10:e3:a7:e3:03:d7:f6:76:52:ae:
f9:6e:76:89:75:bc:4b:b5:11:4b:69:cc:af:d2:b1:
bd:01:36:87:04:38:3b:d3:eb:fb:58:0a:b6:6a:a7:
08:17:1b:ee:74:fe:bf:cb:75:7f:d7:82:81:e7:21:
34:87:79:ab:ac:dc:80:dc:9f:9f:bf:14:24:ad:c8:
16:9d:f5:d4:32:7e:e9:35:0f:ff:56:4d:b5:60:ae:
9c:14:10:17:a3:57:b3:1d:12:b5:67:b6:83:51:fe:
ba:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:28:DB:8F:00:A6:FC:E3:CF:45:30:B6:AE:A7:89:8C:22:82:D6:3B
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/ZyjbjwCm_OPPRTC2rqeJjCKC1js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.226.0/24
IPv6:
2a03:e842::/44
Signature Algorithm: sha256WithRSAEncryption
0c:1c:47:c8:bf:0b:ac:40:e5:32:e9:be:5a:45:0a:d9:b7:67:
e2:82:97:10:7b:07:45:f1:5c:26:83:55:58:37:9a:17:94:d8:
06:01:be:f2:a2:8a:8c:00:0a:7b:f2:45:94:da:e6:b7:d5:86:
63:97:de:cf:3c:7d:53:b7:31:84:f4:13:7b:c9:0d:3f:9c:68:
3f:28:56:31:94:6a:a5:03:90:e5:2a:db:b1:20:1a:82:ea:25:
63:89:6b:68:2d:b0:2d:07:43:33:ee:b7:7b:97:cd:96:ed:4d:
ba:39:35:8d:75:39:2d:6b:6a:9d:21:cb:01:7a:44:96:d8:ce:
00:30:30:1f:58:a4:b7:7a:cb:c4:c0:62:08:49:70:09:9d:ce:
9b:5a:65:e1:1d:42:64:83:be:29:5a:6c:7b:da:8c:f4:72:81:
42:4d:18:81:e2:40:4c:0b:b4:84:a3:b2:8b:2f:f7:7b:ba:5e:
38:ad:b3:22:f4:cd:d4:4e:88:01:b9:c7:e0:94:bd:68:e7:af:
dd:53:96:27:fd:2d:c1:e9:3a:70:69:38:de:cc:ec:87:27:75:
5d:21:ed:a9:73:7a:0d:9b:44:6d:39:45:ba:07:b1:3f:11:9d:
79:70:d5:b6:c4:fb:bf:be:81:3a:86:cc:d2:f5:f1:1a:6a:bf:
0c:96:bb:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvL91+ruzqaGKW6h51ynNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMGM3MzUzMGJiNjg0ZmQ1NjlkZmM0MzI3MDQ2NzU3MDQx
ODM0MjkwHhcNMjMwMTAxMjExNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzI4ZGI4ZjAwYTZmY2UzY2Y0NTMwYjZhZWE3ODk4YzIyODJkNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2h3o8Zxa8DSrwsEUpX3oXaNdzZx
duaBvV0FLdENTM8vcgfWHfaxcr+hDF5FzSm4VLxrKKAIxO1tPeCsjt+QbnXNeIIx
jVbHGm1hOOQ+gtn71zNYAtoxX+epssdQI+XntucdL8CNkQWKCZQCpglaNBJX3lin
gOsHUA7qZ33iLe2t8cafzlxZIqniZ4vV238JM0AEvill16t+uxDjp+MD1/Z2Uq75
bnaJdbxLtRFLacyv0rG9ATaHBDg70+v7WAq2aqcIFxvudP6/y3V/14KB5yE0h3mr
rNyA3J+fvxQkrcgWnfXUMn7pNQ//Vk21YK6cFBAXo1ezHRK1Z7aDUf66VQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGco248Apvzjz0Uwtq6niYwigtY7MB8GA1UdIwQY
MBaAFKEMc1MLtoT9Vp38QycEZ1cEGDQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAt
N2QwODI5MWE3NjYyLzEvWnlqYmp3Q21fT1BQUlRDMnJxZUpqQ0tDMWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAtN2QwODI5MWE3NjYy
LzEvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUaHiMA8E
AgACMAkDBwQqA+hCAAAwDQYJKoZIhvcNAQELBQADggEBAAwcR8i/C6xA5TLpvlpF
Ctm3Z+KClxB7B0XxXCaDVVg3mheU2AYBvvKiiowACnvyRZTa5rfVhmOX3s88fVO3
MYT0E3vJDT+caD8oVjGUaqUDkOUq27EgGoLqJWOJa2gtsC0HQzPut3uXzZbtTbo5
NY11OS1rap0hywF6RJbYzgAwMB9YpLd6y8TAYghJcAmdzptaZeEdQmSDvilabHva
jPRygUJNGIHiQEwLtISjsosv93u6XjitsyL0zdROiAG5x+CUvWjnr91Tlif9LcHp
OnBpON7M7IcndV0h7alzeg2bRG05RboHsT8RnXlw1bbE+7++gTqGzNL18RpqvwyW
u78=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:49 2025 by rpki-client