Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/zaJmoQ_v5YL7xsY4Q0z8oDltC28.roa
File: zaJmoQ_v5YL7xsY4Q0z8oDltC28.roa (raw, json)
Hash identifier: wLgUWK83JNOwCDqA8/PHB8Wml0649IimepKThThwlck=
Subject key identifier: CD:A2:66:A1:0F:EF:E5:82:FB:C6:C6:38:43:4C:FC:A0:39:6D:0B:6F
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 01856D0AA2D77046B9E0CA9CA48A192BF205
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/zaJmoQ_v5YL7xsY4Q0z8oDltC28.roa
Signing time: Sun 01 Jan 2023 11:14:51 +0000
ROA not before: Sun 01 Jan 2023 11:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31689
IP address blocks: 194.27.77.0/24 maxlen: 24
194.27.76.0/22 maxlen: 22
194.27.76.0/24 maxlen: 24
194.27.73.0/24 maxlen: 24
194.27.78.0/24 maxlen: 24
194.27.79.0/24 maxlen: 24
193.140.43.0/24 maxlen: 24
193.140.44.0/24 maxlen: 24
193.140.41.0/24 maxlen: 24
193.140.42.0/24 maxlen: 24
193.140.40.0/24 maxlen: 24
193.140.40.0/21 maxlen: 21
193.140.47.0/24 maxlen: 24
193.140.45.0/24 maxlen: 24
193.140.46.0/24 maxlen: 24
193.140.172.0/24 maxlen: 24
193.140.172.0/22 maxlen: 22
193.140.175.0/24 maxlen: 24
193.140.173.0/24 maxlen: 24
193.140.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:a2:d7:70:46:b9:e0:ca:9c:a4:8a:19:2b:f2:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 11:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cda266a10fefe582fbc6c638434cfca0396d0b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:f5:e2:25:92:75:58:bd:30:1d:fe:55:0d:
cb:2a:5e:b9:42:d3:f1:5d:72:e2:91:d3:72:d2:a4:
8b:65:38:aa:94:55:09:f0:82:85:4b:f2:20:f3:31:
6f:72:54:4a:8e:8b:77:49:e7:f9:7d:21:60:e5:66:
da:db:99:59:b2:ff:c0:89:6c:68:a7:c9:41:14:f5:
ef:78:20:5b:ca:61:b1:00:8f:d3:31:e6:48:7b:63:
74:09:40:43:2c:e0:32:36:46:68:22:f1:38:e8:c5:
45:da:ba:af:16:a3:e6:bb:bf:90:01:c5:e8:a4:8d:
16:71:34:84:f1:a8:d3:e5:dc:b4:69:13:5a:b3:b6:
bb:f3:65:41:4d:1a:9d:25:9f:6b:9b:90:a9:b4:c9:
02:b7:4c:45:c7:ec:ed:73:1b:99:0d:ac:1c:12:29:
e4:c1:7f:1e:80:43:de:2e:33:51:80:41:0d:2d:e8:
bd:be:61:e4:81:ef:3b:77:b7:71:96:da:9b:80:81:
18:89:f6:7c:85:95:90:87:4c:af:3c:ea:07:5e:17:
5e:d4:3f:8b:bb:e8:cd:6d:68:12:d1:26:03:d4:c3:
5b:50:46:bc:07:e0:70:53:cd:83:c0:d0:d5:53:7b:
de:1c:59:33:01:aa:1f:e9:29:11:87:5f:5f:ec:34:
fe:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A2:66:A1:0F:EF:E5:82:FB:C6:C6:38:43:4C:FC:A0:39:6D:0B:6F
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/zaJmoQ_v5YL7xsY4Q0z8oDltC28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.40.0/21
193.140.172.0/22
194.27.73.0/24
194.27.76.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:fa:9c:6c:de:89:c0:9a:56:7a:8a:c5:5d:bc:b8:a8:c0:66:
bf:09:7a:f2:70:ea:bb:75:99:b2:3c:85:42:8e:00:29:f5:ee:
68:b7:d9:c2:42:cb:58:d7:cc:1d:49:44:69:43:21:b2:03:54:
59:5c:d0:d6:22:56:be:d3:b2:0f:e5:df:5e:08:e9:f5:84:c1:
93:b4:48:95:ca:a4:6f:3a:0b:a2:24:42:b0:fd:b5:1e:78:85:
f5:77:80:cd:0f:23:9a:d7:04:36:24:f4:bf:a1:f4:b0:37:3d:
a1:6f:0c:7b:16:77:2d:25:31:b6:80:d7:ae:34:d8:e5:48:5e:
3b:e8:97:e7:44:60:40:fd:5c:2e:09:58:cf:89:c8:b8:6f:ae:
1a:21:a3:2d:c0:9b:21:9c:a8:89:d4:24:b1:ba:e2:a9:65:4f:
d7:35:77:36:06:0c:ff:50:45:56:f9:02:45:6c:98:cb:f0:3e:
90:e6:e8:06:44:0b:8a:19:cd:7a:22:2c:cf:29:86:bf:38:2b:
cf:50:ed:f3:fd:5f:f8:94:f2:62:a9:fa:e1:e5:16:7c:68:24:
58:b9:33:23:93:dd:73:3c:a9:98:27:70:41:bd:14:35:41:1f:
a3:5b:2b:db:9f:2f:49:49:ab:1b:e0:8a:fd:5d:fd:02:11:2d:
2a:78:21:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtCqLXcEa54MqcpIoZK/IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjMwMTAxMTExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEyNjZhMTBmZWZlNTgyZmJjNmM2Mzg0MzRjZmNhMDM5NmQwYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4f14iWSdVi9MB3+VQ3LKl65QtPx
XXLikdNy0qSLZTiqlFUJ8IKFS/Ig8zFvclRKjot3Sef5fSFg5Wba25lZsv/AiWxo
p8lBFPXveCBbymGxAI/TMeZIe2N0CUBDLOAyNkZoIvE46MVF2rqvFqPmu7+QAcXo
pI0WcTSE8ajT5dy0aRNas7a782VBTRqdJZ9rm5CptMkCt0xFx+ztcxuZDawcEink
wX8egEPeLjNRgEENLei9vmHkge87d7dxltqbgIEYifZ8hZWQh0yvPOoHXhde1D+L
u+jNbWgS0SYD1MNbUEa8B+BwU82DwNDVU3veHFkzAaof6SkRh19f7DT+nwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM2iZqEP7+WC+8bGOENM/KA5bQtvMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvemFKbW9RX3Y1WUw3eHNZNFEwejhvRGx0QzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDwYwoAwQC
wYysAwQAwhtJAwQCwhtMMA0GCSqGSIb3DQEBCwUAA4IBAQCx+pxs3onAmlZ6isVd
vLiowGa/CXrycOq7dZmyPIVCjgAp9e5ot9nCQstY18wdSURpQyGyA1RZXNDWIla+
07IP5d9eCOn1hMGTtEiVyqRvOguiJEKw/bUeeIX1d4DNDyOa1wQ2JPS/ofSwNz2h
bwx7FnctJTG2gNeuNNjlSF476JfnRGBA/VwuCVjPici4b64aIaMtwJshnKiJ1CSx
uuKpZU/XNXc2Bgz/UEVW+QJFbJjL8D6Q5ugGRAuKGc16IizPKYa/OCvPUO3z/V/4
lPJiqfrh5RZ8aCRYuTMjk91zPKmYJ3BBvRQ1QR+jWyvbny9JSasb4Ir9Xf0CES0q
eCHB
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:01 2025 by rpki-client