Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/zBjDq1E4sJL0gzqHb2oN38DR5jk.roa
File: zBjDq1E4sJL0gzqHb2oN38DR5jk.roa (raw, json)
Hash identifier: u7MjlexEc+gmhoMKGPVIgs+lyB2CA7VnDih6HwIDBN0=
Subject key identifier: CC:18:C3:AB:51:38:B0:92:F4:83:3A:87:6F:6A:0D:DF:C0:D1:E6:39
Certificate issuer: /CN=e2344ba6340961da5eeb4ae239e9a06267793e2e
Certificate serial: 0183D6C76ABC915E0DD6F54D2B33C3BC7659
Authority key identifier: E2:34:4B:A6:34:09:61:DA:5E:EB:4A:E2:39:E9:A0:62:67:79:3E:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jRLpjQJYdpe60riOemgYmd5Pi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/zBjDq1E4sJL0gzqHb2oN38DR5jk.roa
Signing time: Fri 14 Oct 2022 13:55:36 +0000
ROA not before: Fri 14 Oct 2022 13:55:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204615
IP address blocks: 185.225.113.0/24 maxlen: 24
185.225.114.0/23 maxlen: 23
2a13:2a00:2::/48 maxlen: 48
2a13:2a00::/48 maxlen: 48
2a13:2a00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:c7:6a:bc:91:5e:0d:d6:f5:4d:2b:33:c3:bc:76:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2344ba6340961da5eeb4ae239e9a06267793e2e
Validity
Not Before: Oct 14 13:55:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc18c3ab5138b092f4833a876f6a0ddfc0d1e639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3f:04:ad:90:56:b1:ee:46:1e:59:e0:cd:18:
c3:46:7b:65:f6:6c:bc:00:0c:a4:95:88:ba:b6:ac:
55:27:aa:37:17:4d:7f:ec:4a:8f:5f:b8:b4:9c:32:
e3:95:2f:0a:62:66:d2:0b:1e:ef:2c:6c:1a:80:72:
27:80:74:bf:70:21:58:18:9c:a5:05:17:23:a5:a8:
78:28:85:c0:05:c7:96:48:ff:3d:30:53:f7:7b:6a:
be:8a:20:a8:6f:47:34:34:31:55:b4:c5:81:c5:91:
de:8f:38:4d:8d:36:d9:45:7d:22:dd:9d:47:12:e8:
51:e3:ba:58:a1:2a:c1:9e:66:37:be:49:cc:d9:b0:
1c:c3:75:e3:89:4e:5f:5c:8c:8a:15:d3:e5:16:cd:
b3:59:f3:14:a8:e7:98:29:9d:b6:3d:de:ec:bc:10:
32:a0:76:7a:13:6f:cd:ee:0b:a7:c1:fd:5b:d0:17:
ea:30:53:3b:6a:75:a1:cc:d3:61:b7:90:b9:7a:f5:
6a:be:11:19:94:0d:cb:24:5f:1c:fa:cb:a9:cc:00:
1c:e6:f8:2c:5a:9f:8d:7c:55:a4:a4:48:95:52:5b:
92:41:7a:01:9c:45:d3:35:72:04:a1:d4:4f:10:e0:
10:e6:b3:13:aa:fa:5d:49:d1:a7:b5:6a:a9:ae:b3:
b4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:18:C3:AB:51:38:B0:92:F4:83:3A:87:6F:6A:0D:DF:C0:D1:E6:39
X509v3 Authority Key Identifier:
keyid:E2:34:4B:A6:34:09:61:DA:5E:EB:4A:E2:39:E9:A0:62:67:79:3E:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jRLpjQJYdpe60riOemgYmd5Pi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/zBjDq1E4sJL0gzqHb2oN38DR5jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/4jRLpjQJYdpe60riOemgYmd5Pi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.113.0-185.225.115.255
IPv6:
2a13:2a00::-2a13:2a00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:82:6a:2e:3c:c1:56:e3:f4:4a:97:76:81:1a:41:57:cb:74:
7c:1a:56:85:27:f4:05:1b:97:6f:22:d1:d2:11:f7:10:2b:92:
2c:71:13:f7:79:3b:bf:84:dd:5e:8c:5c:9a:dd:38:07:e3:86:
1b:d7:f4:4e:ca:db:fb:37:d4:15:ca:ef:86:af:21:26:a1:9c:
02:4f:8a:ef:27:5a:1c:22:17:6b:57:f8:5f:92:c4:b9:82:5e:
86:52:b7:00:50:e8:16:d4:13:e9:b1:6d:7d:d5:59:c0:74:60:
d7:59:c0:77:0d:18:59:2a:2b:fc:20:f2:c1:d2:7e:51:f9:9c:
96:02:20:8a:ec:87:3c:92:fb:00:c8:c6:1e:c7:6c:98:69:6d:
bc:45:61:62:63:93:d4:91:83:99:c9:67:5e:6e:4a:08:e1:ec:
f4:7f:93:f5:8e:04:81:44:4b:06:36:86:51:4a:e9:e1:70:20:
d1:dd:b8:66:c8:8a:a0:9b:c2:90:cb:14:6b:4d:bc:34:d6:0c:
5b:0b:4b:e6:f2:bd:0a:40:ca:33:73:fb:83:40:cc:a0:58:04:
f5:fe:cc:a3:77:ae:a3:64:94:44:f8:b7:3f:85:40:e5:11:37:
d8:63:9d:58:c4:cf:17:31:21:8f:26:9a:30:23:3a:06:2e:8c:
17:94:32:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYPWx2q8kV4N1vVNKzPDvHZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMzQ0YmE2MzQwOTYxZGE1ZWViNGFlMjM5ZTlhMDYyNjc3
OTNlMmUwHhcNMjIxMDE0MTM1NTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzE4YzNhYjUxMzhiMDkyZjQ4MzNhODc2ZjZhMGRkZmMwZDFlNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj8ErZBWse5GHlngzRjDRntl9my8
AAyklYi6tqxVJ6o3F01/7EqPX7i0nDLjlS8KYmbSCx7vLGwagHIngHS/cCFYGJyl
BRcjpah4KIXABceWSP89MFP3e2q+iiCob0c0NDFVtMWBxZHejzhNjTbZRX0i3Z1H
EuhR47pYoSrBnmY3vknM2bAcw3XjiU5fXIyKFdPlFs2zWfMUqOeYKZ22Pd7svBAy
oHZ6E2/N7gunwf1b0BfqMFM7anWhzNNht5C5evVqvhEZlA3LJF8c+supzAAc5vgs
Wp+NfFWkpEiVUluSQXoBnEXTNXIEodRPEOAQ5rMTqvpdSdGntWqprrO0bwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMwYw6tROLCS9IM6h29qDd/A0eY5MB8GA1UdIwQY
MBaAFOI0S6Y0CWHaXutK4jnpoGJneT4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpSTHBqUUpZZHBlNjByaU9lbWdZbWQ1UGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NGVjNDMtNTkzNS00YWIyLWIxM2Qt
MDJlYjlhNDEyNjM3LzEvekJqRHExRTRzSkwwZ3pxSGIyb04zOERSNWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NGVjNDMtNTkzNS00YWIyLWIxM2QtMDJlYjlhNDEyNjM3
LzEvNGpSTHBqUUpZZHBlNjByaU9lbWdZbWQ1UGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAC54XED
BAK54XAwFwQCAAIwETAPAwQBKhMqAwcAKhMqAAACMA0GCSqGSIb3DQEBCwUAA4IB
AQALgmouPMFW4/RKl3aBGkFXy3R8GlaFJ/QFG5dvItHSEfcQK5IscRP3eTu/hN1e
jFya3TgH44Yb1/ROytv7N9QVyu+GryEmoZwCT4rvJ1ocIhdrV/hfksS5gl6GUrcA
UOgW1BPpsW191VnAdGDXWcB3DRhZKiv8IPLB0n5R+ZyWAiCK7Ic8kvsAyMYex2yY
aW28RWFiY5PUkYOZyWdebkoI4ez0f5P1jgSBREsGNoZRSunhcCDR3bhmyIqgm8KQ
yxRrTbw01gxbC0vm8r0KQMozc/uDQMygWAT1/syjd66jZJRE+Lc/hUDlETfYY51Y
xM8XMSGPJpowIzoGLowXlDKd
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:45 2025 by rpki-client