Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/ZTOVd0metHm2zToDZPh7QuKAJTE.roa
File: ZTOVd0metHm2zToDZPh7QuKAJTE.roa (raw, json)
Hash identifier: dxE2KQNyV2IRRCpLsXvndl/hkahZKoNWSxi/48nsHcM=
Subject key identifier: 65:33:95:77:49:9E:B4:79:B6:CD:3A:03:64:F8:7B:42:E2:80:25:31
Certificate issuer: /CN=a35c5443ae203f647ee306b9ef72dac50b5df514
Certificate serial: 03F18955
Authority key identifier: A3:5C:54:43:AE:20:3F:64:7E:E3:06:B9:EF:72:DA:C5:0B:5D:F5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o1xUQ64gP2R-4wa573LaxQtd9RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/ZTOVd0metHm2zToDZPh7QuKAJTE.roa
Signing time: Sat 01 Jan 2022 07:58:19 +0000
ROA not before: Sat 01 Jan 2022 07:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203461
IP address blocks: 185.2.4.0/22 maxlen: 24
2a01:8100:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66160981 (0x3f18955)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a35c5443ae203f647ee306b9ef72dac50b5df514
Validity
Not Before: Jan 1 07:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65339577499eb479b6cd3a0364f87b42e2802531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7d:ee:75:f0:c9:31:1e:8a:a8:2e:82:6d:74:
5b:cb:60:29:53:86:93:c1:9e:ed:1e:12:ef:2f:9c:
c6:5c:f0:4d:8e:3c:92:90:fc:14:4d:eb:a3:f6:61:
f4:f4:3c:0f:63:79:8c:8b:bd:34:fe:0a:b9:e0:d7:
e7:61:d2:13:f0:54:7b:b1:ec:86:29:42:f5:49:cd:
a2:dc:e2:02:37:7f:58:04:a8:4f:a1:9b:b0:a6:30:
09:1f:19:a4:bd:a4:f7:fa:87:f7:ae:5e:3d:d5:a3:
c6:d5:5a:92:db:36:9d:41:53:57:ce:e3:23:bf:7c:
8b:54:48:6a:1b:65:55:e9:75:f8:ae:c9:91:38:b3:
84:bd:dd:61:17:8a:fe:91:de:5f:22:a2:b4:84:38:
c3:e8:9d:d8:2c:7e:8d:47:00:2f:90:1b:61:8d:be:
27:76:c8:b2:9f:fa:f9:e6:c9:36:93:58:27:17:64:
2e:db:26:cc:fb:e8:6d:29:e8:5a:42:6e:46:80:d6:
56:09:a3:9c:19:f5:50:6b:94:b3:ac:3a:19:10:16:
0b:9a:ab:2a:61:91:76:3f:9b:ba:01:d8:2a:aa:59:
a0:92:6d:02:88:08:3a:00:24:31:82:62:eb:1b:dd:
4b:91:f3:47:bd:57:18:52:44:28:d3:a2:ef:59:1d:
cd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:33:95:77:49:9E:B4:79:B6:CD:3A:03:64:F8:7B:42:E2:80:25:31
X509v3 Authority Key Identifier:
keyid:A3:5C:54:43:AE:20:3F:64:7E:E3:06:B9:EF:72:DA:C5:0B:5D:F5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o1xUQ64gP2R-4wa573LaxQtd9RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/ZTOVd0metHm2zToDZPh7QuKAJTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/o1xUQ64gP2R-4wa573LaxQtd9RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.4.0/22
IPv6:
2a01:8100:1::/48
Signature Algorithm: sha256WithRSAEncryption
ca:eb:94:18:66:6e:7b:ab:db:b7:ab:e2:a2:91:74:59:18:04:
77:96:19:15:92:ef:2e:f7:50:8a:3c:ca:07:34:cd:66:5b:c9:
41:79:70:89:f2:b8:6e:26:cc:6c:93:3d:1a:23:22:0d:31:0d:
2c:41:29:9a:05:92:c8:9c:ca:5b:b6:84:6c:b5:da:78:ae:2c:
a8:a0:69:ad:13:ca:e2:40:7c:8f:b6:2c:88:62:2c:1a:51:4a:
eb:6f:01:3d:ce:78:a0:24:c3:d3:65:df:c3:2f:e8:2e:14:50:
c7:29:df:a9:07:cd:09:07:90:08:0d:07:d3:aa:db:3c:f6:24:
77:17:11:2b:c6:f1:2d:a1:1e:ec:40:d9:27:ea:57:3b:70:42:
dc:d8:e0:41:f7:5a:6b:4b:cd:a2:bc:69:22:c4:12:ba:48:26:
55:3d:8e:dc:e1:aa:6b:ac:07:c0:fc:44:d3:8a:10:fa:79:ae:
92:54:ed:32:47:5b:69:a2:09:14:a8:85:3d:44:15:c7:c8:54:
be:2d:0d:a4:de:e7:26:34:05:cb:97:c2:13:ac:74:0d:da:dd:
e5:88:61:4f:0b:93:33:f8:96:2b:54:10:9e:29:51:e7:84:bc:
8c:e1:45:7b:39:d4:5a:13:4c:66:26:ae:5d:3d:31:1b:32:26:
6d:2e:96:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEA/GJVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzVjNTQ0M2FlMjAzZjY0N2VlMzA2YjllZjcyZGFjNTBiNWRmNTE0MB4XDTIyMDEw
MTA3NTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjUzMzk1Nzc0OTll
YjQ3OWI2Y2QzYTAzNjRmODdiNDJlMjgwMjUzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZ97nXwyTEeiqgugm10W8tgKVOGk8Ge7R4S7y+cxlzwTY48
kpD8FE3ro/Zh9PQ8D2N5jIu9NP4KueDX52HSE/BUe7HshilC9UnNotziAjd/WASo
T6GbsKYwCR8ZpL2k9/qH965ePdWjxtVakts2nUFTV87jI798i1RIahtlVel1+K7J
kTizhL3dYReK/pHeXyKitIQ4w+id2Cx+jUcAL5AbYY2+J3bIsp/6+ebJNpNYJxdk
LtsmzPvobSnoWkJuRoDWVgmjnBn1UGuUs6w6GRAWC5qrKmGRdj+bugHYKqpZoJJt
AogIOgAkMYJi6xvdS5HzR71XGFJEKNOi71kdzcECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRlM5V3SZ60ebbNOgNk+HtC4oAlMTAfBgNVHSMEGDAWgBSjXFRDriA/ZH7j
BrnvctrFC131FDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28xeFVRNjRnUDJSLTR3YTU3M0xheFF0ZDlSUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvZjY1MWMxLTAyZDYtNDQ4YS1hY2FkLTE0YzU5MGZlYzdlMy8x
L1pUT1ZkMG1ldEhtMnpUb0RaUGg3UXVLQUpURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
ZjY1MWMxLTAyZDYtNDQ4YS1hY2FkLTE0YzU5MGZlYzdlMy8xL28xeFVRNjRnUDJS
LTR3YTU3M0xheFF0ZDlSUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArkCBDAPBAIAAjAJAwcAKgGBAAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQDK65QYZm57q9u3q+KikXRZGAR3lhkVku8u91CK
PMoHNM1mW8lBeXCJ8rhuJsxskz0aIyINMQ0sQSmaBZLInMpbtoRstdp4riyooGmt
E8riQHyPtiyIYiwaUUrrbwE9znigJMPTZd/DL+guFFDHKd+pB80JB5AIDQfTqts8
9iR3FxErxvEtoR7sQNkn6lc7cELc2OBB91prS82ivGkixBK6SCZVPY7c4aprrAfA
/ETTihD6ea6SVO0yR1tpogkUqIU9RBXHyFS+LQ2k3ucmNAXLl8ITrHQN2t3liGFP
C5Mz+JYrVBCeKVHnhLyM4UV7OdRaE0xmJq5dPTEbMiZtLpYX
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:30 2025 by rpki-client