Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ZuDmMRJ4ZpcTxPsiAX2pcA6YQs4.roa
File: ZuDmMRJ4ZpcTxPsiAX2pcA6YQs4.roa (raw, json)
Hash identifier: FYbHQtIH9NPvN+miJAdIsW67XnhLQLDLMc4Fct9ihos=
Subject key identifier: 66:E0:E6:31:12:78:66:97:13:C4:FB:22:01:7D:A9:70:0E:98:42:CE
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 018C62F0EF28FE7ADCECBAF423B64A9B6B78
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ZuDmMRJ4ZpcTxPsiAX2pcA6YQs4.roa
Signing time: Wed 13 Dec 2023 11:30:06 +0000
ROA not before: Wed 13 Dec 2023 11:30:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 85.220.0.0/17 maxlen: 17
157.157.0.0/16 maxlen: 16
31.209.192.0/18 maxlen: 18
2001:1a98::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:f0:ef:28:fe:7a:dc:ec:ba:f4:23:b6:4a:9b:6b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: Dec 13 11:30:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66e0e6311278669713c4fb22017da9700e9842ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:f7:18:48:ae:d7:d7:86:d8:65:6e:ac:28:
5e:1c:cc:58:52:55:fd:de:c2:99:d7:f2:62:68:c5:
5e:61:73:08:2d:bd:21:7c:3a:55:e1:77:a1:97:ed:
c1:63:88:2b:91:5b:11:9e:da:21:d8:76:7f:5f:af:
70:d3:22:da:49:ff:16:7e:1a:f5:aa:54:fb:b3:d5:
c1:37:6e:13:ee:d1:36:43:4b:0e:bb:ef:3c:9e:3b:
8c:04:7a:84:3f:80:e8:83:a7:c9:5c:64:7a:79:67:
fd:5e:2f:61:74:80:7e:48:c3:b6:b9:d0:85:10:d0:
9a:9d:7e:27:61:d4:00:56:66:7a:8c:78:29:73:25:
6a:d2:ea:57:bc:71:e9:a8:75:46:8f:83:24:c4:9f:
94:0a:6c:b7:51:6e:94:e8:63:5a:ff:d3:3c:56:d5:
b6:b0:82:11:cc:6c:17:90:dc:23:ce:8e:96:4e:83:
fa:7e:55:c3:ee:db:8a:e8:da:5a:01:c1:58:bb:aa:
66:2e:53:f7:4e:3f:19:25:0e:ef:2f:db:25:5a:cf:
ce:e4:71:b4:19:0d:08:37:e4:b2:7e:6c:7d:fa:c6:
5a:83:9b:0f:fe:74:6e:f0:c0:42:b4:59:88:33:7a:
ea:65:dd:2e:81:cc:34:e1:04:91:5e:4c:47:d0:20:
11:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E0:E6:31:12:78:66:97:13:C4:FB:22:01:7D:A9:70:0E:98:42:CE
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ZuDmMRJ4ZpcTxPsiAX2pcA6YQs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
IPv6:
2001:1a98::/32
Signature Algorithm: sha256WithRSAEncryption
50:f3:34:4a:29:c2:d1:26:7e:41:f3:d3:cd:0b:fd:61:53:21:
00:df:77:ee:7c:1c:ba:d0:fe:16:6f:62:48:bc:cd:99:e0:ef:
36:3a:b2:49:d6:e0:05:79:34:64:d9:a2:11:c5:61:de:c1:aa:
97:5f:1a:9b:01:79:b6:9a:90:1d:23:db:0f:80:98:67:83:58:
fb:d8:83:43:9b:be:85:f2:a9:a7:e1:6d:7a:59:5a:01:ff:a4:
7d:97:79:17:d1:bd:bb:84:ec:df:a2:07:57:a2:da:bb:09:ce:
2e:9a:13:c7:83:c7:43:cb:86:bb:e2:a1:19:2f:1e:d9:9e:ef:
a6:7e:10:aa:30:76:b0:73:45:6f:ee:9f:5a:7a:a9:1f:29:9b:
f1:3a:00:56:ca:08:f9:0e:32:d7:fc:56:eb:60:0a:21:f7:e0:
e9:8c:4f:b3:01:07:6e:68:2e:93:1e:6c:90:4f:10:ff:e0:cf:
d1:a1:36:52:76:31:37:d0:54:82:81:51:14:48:25:98:91:4f:
97:2c:60:2c:b7:8f:2e:02:03:b4:91:eb:2d:fa:55:69:38:57:
d6:c1:9e:71:e9:7d:10:f9:38:ef:c4:35:8f:f8:25:72:35:45:
f0:c5:47:26:78:a4:22:6e:62:08:71:ba:8b:d5:e2:25:87:58:
3a:2c:13:af
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYxi8O8o/nrc7Lr0I7ZKm2t4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjMxMjEzMTEzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmUwZTYzMTEyNzg2Njk3MTNjNGZiMjIwMTdkYTk3MDBlOTg0MmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvD3GEiu19eG2GVurCheHMxYUlX9
3sKZ1/JiaMVeYXMILb0hfDpV4Xehl+3BY4grkVsRntoh2HZ/X69w0yLaSf8Wfhr1
qlT7s9XBN24T7tE2Q0sOu+88njuMBHqEP4Dog6fJXGR6eWf9Xi9hdIB+SMO2udCF
ENCanX4nYdQAVmZ6jHgpcyVq0upXvHHpqHVGj4MkxJ+UCmy3UW6U6GNa/9M8VtW2
sIIRzGwXkNwjzo6WToP6flXD7tuK6NpaAcFYu6pmLlP3Tj8ZJQ7vL9slWs/O5HG0
GQ0IN+Syfmx9+sZag5sP/nRu8MBCtFmIM3rqZd0ugcw04QSRXkxH0CARiQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGbg5jESeGaXE8T7IgF9qXAOmELOMB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEvWnVEbU1SSjRacGNUeFBzaUFYMnBjQTZZUXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQGH9HAAwQH
VdwAAwMAnZ0wDQQCAAIwBwMFACABGpgwDQYJKoZIhvcNAQELBQADggEBAFDzNEop
wtEmfkHz080L/WFTIQDfd+58HLrQ/hZvYki8zZng7zY6sknW4AV5NGTZohHFYd7B
qpdfGpsBebaakB0j2w+AmGeDWPvYg0ObvoXyqafhbXpZWgH/pH2XeRfRvbuE7N+i
B1ei2rsJzi6aE8eDx0PLhrvioRkvHtme76Z+EKowdrBzRW/un1p6qR8pm/E6AFbK
CPkOMtf8VutgCiH34OmMT7MBB25oLpMebJBPEP/gz9GhNlJ2MTfQVIKBURRIJZiR
T5csYCy3jy4CA7SR6y36VWk4V9bBnnHpfRD5OO/ENY/4JXI1RfDFRyZ4pCJuYghx
uovV4iWHWDosE68=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:55 2025 by rpki-client