Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/24640e-f25c-42e7-b37c-b7312ab20273/1/sBB0ZBsrf3i0R98jkWk47zMU7R4.roa
File: sBB0ZBsrf3i0R98jkWk47zMU7R4.roa (raw, json)
Hash identifier: Pm/w+L47FbLs0Ldy2eMisqAmwOkQzXZ5KwnaQu865A8=
Subject key identifier: B0:10:74:64:1B:2B:7F:78:B4:47:DF:23:91:69:38:EF:33:14:ED:1E
Certificate issuer: /CN=4d92be02509643bc7a2f862871639d08e276c636
Certificate serial: 018571DE8765B4785BC813A17E16121F30B4
Authority key identifier: 4D:92:BE:02:50:96:43:BC:7A:2F:86:28:71:63:9D:08:E2:76:C6:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TZK-AlCWQ7x6L4YocWOdCOJ2xjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/24640e-f25c-42e7-b37c-b7312ab20273/1/sBB0ZBsrf3i0R98jkWk47zMU7R4.roa
Signing time: Mon 02 Jan 2023 09:44:47 +0000
ROA not before: Mon 02 Jan 2023 09:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212506
IP address blocks: 195.16.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:87:65:b4:78:5b:c8:13:a1:7e:16:12:1f:30:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d92be02509643bc7a2f862871639d08e276c636
Validity
Not Before: Jan 2 09:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b01074641b2b7f78b447df23916938ef3314ed1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:65:70:b7:45:ac:48:8d:a4:30:12:0a:20:18:
f0:19:73:e2:c1:f2:01:e1:67:39:35:9a:c4:b0:99:
7d:46:d1:cc:7f:77:d8:e6:67:fd:bc:03:c3:9c:ae:
be:34:aa:6b:c3:a6:d0:35:af:f6:38:d8:d3:78:8c:
40:ed:ab:30:14:76:26:37:67:23:c9:a9:94:2c:fe:
65:b3:00:03:c0:b5:84:30:2e:55:de:23:2d:80:0e:
cd:16:3d:0b:79:74:f1:0a:e5:5a:dd:4a:63:58:d2:
bd:ad:72:ab:cc:df:04:d1:6a:88:b7:16:87:4c:b0:
ca:a0:f1:16:f0:a3:79:d6:95:c7:e8:60:7b:56:db:
97:82:27:a6:98:e5:12:fd:6d:eb:75:c8:52:ea:54:
a9:95:3b:35:0f:ef:6d:30:a9:7e:42:41:40:27:6d:
a9:f5:31:1d:a6:b8:3e:a7:1b:7e:64:31:5f:34:0d:
a2:0f:47:ef:26:5f:4a:7b:fc:c1:c3:ad:f9:f2:00:
89:be:97:09:d1:65:9a:d4:b4:a9:1c:09:26:67:3f:
4e:ff:27:7c:dc:ae:f5:17:69:d1:ad:ce:8d:71:8f:
92:1e:9b:64:24:37:dd:6c:a2:40:bc:5f:6f:0b:a2:
83:1a:b7:e4:d8:b9:7f:7c:87:94:0e:4c:0a:86:89:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:10:74:64:1B:2B:7F:78:B4:47:DF:23:91:69:38:EF:33:14:ED:1E
X509v3 Authority Key Identifier:
keyid:4D:92:BE:02:50:96:43:BC:7A:2F:86:28:71:63:9D:08:E2:76:C6:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TZK-AlCWQ7x6L4YocWOdCOJ2xjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24640e-f25c-42e7-b37c-b7312ab20273/1/sBB0ZBsrf3i0R98jkWk47zMU7R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24640e-f25c-42e7-b37c-b7312ab20273/1/TZK-AlCWQ7x6L4YocWOdCOJ2xjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:76:a6:e8:e1:04:41:f6:80:c5:bf:db:40:f0:0f:76:05:0a:
30:14:e0:3c:34:00:96:da:91:44:a7:8c:08:39:48:4f:97:f6:
a2:d8:d9:7d:70:10:6b:2c:57:d7:3c:a1:67:b0:17:b1:ea:01:
26:42:a7:b0:13:16:26:cc:b4:75:e8:c2:b5:d9:50:9b:29:5b:
da:7f:3f:81:0c:86:18:5f:94:e5:5a:e0:2e:ec:e2:c3:4a:bb:
a4:a3:e6:91:6c:cb:b2:f5:67:f7:7f:52:9e:75:6a:fe:73:5f:
e5:a6:13:65:0e:d7:03:fb:14:f2:a7:30:79:32:c9:4c:a3:a3:
82:6d:e2:2d:6b:e3:e3:ef:c6:12:09:a3:c8:a0:da:ef:c5:31:
3a:6d:26:c8:97:37:e0:2f:e0:ca:5f:06:79:5e:88:e4:26:14:
3a:41:8e:e7:d1:df:70:2c:52:ef:23:04:32:a3:86:11:2d:a0:
27:a4:1c:52:89:f6:7a:48:ef:57:d2:75:0f:b0:79:50:55:8c:
4d:6a:57:94:cd:84:d6:b7:de:5e:30:74:7c:7e:b4:1e:80:8c:
c6:87:4b:92:a5:61:3c:18:7f:b0:87:b0:8c:a7:43:69:1e:26:
20:11:b3:4e:cb:7e:81:a1:3e:39:4a:af:14:cb:5d:72:d3:a0:
28:9d:b3:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3odltHhbyBOhfhYSHzC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkOTJiZTAyNTA5NjQzYmM3YTJmODYyODcxNjM5ZDA4ZTI3
NmM2MzYwHhcNMjMwMTAyMDk0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDEwNzQ2NDFiMmI3Zjc4YjQ0N2RmMjM5MTY5MzhlZjMzMTRlZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmVwt0WsSI2kMBIKIBjwGXPiwfIB
4Wc5NZrEsJl9RtHMf3fY5mf9vAPDnK6+NKprw6bQNa/2ONjTeIxA7aswFHYmN2cj
yamULP5lswADwLWEMC5V3iMtgA7NFj0LeXTxCuVa3UpjWNK9rXKrzN8E0WqItxaH
TLDKoPEW8KN51pXH6GB7VtuXgiemmOUS/W3rdchS6lSplTs1D+9tMKl+QkFAJ22p
9TEdprg+pxt+ZDFfNA2iD0fvJl9Ke/zBw6358gCJvpcJ0WWa1LSpHAkmZz9O/yd8
3K71F2nRrc6NcY+SHptkJDfdbKJAvF9vC6KDGrfk2Ll/fIeUDkwKhomDwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAQdGQbK394tEffI5FpOO8zFO0eMB8GA1UdIwQY
MBaAFE2SvgJQlkO8ei+GKHFjnQjidsY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFpLLUFsQ1dRN3g2TDRZb2NXT2RDT0oyeGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNDY0MGUtZjI1Yy00MmU3LWIzN2Mt
YjczMTJhYjIwMjczLzEvc0JCMFpCc3JmM2kwUjk4amtXazQ3ek1VN1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNDY0MGUtZjI1Yy00MmU3LWIzN2MtYjczMTJhYjIwMjcz
LzEvVFpLLUFsQ1dRN3g2TDRZb2NXT2RDT0oyeGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxBIMA0G
CSqGSIb3DQEBCwUAA4IBAQCmdqbo4QRB9oDFv9tA8A92BQowFOA8NACW2pFEp4wI
OUhPl/ai2Nl9cBBrLFfXPKFnsBex6gEmQqewExYmzLR16MK12VCbKVvafz+BDIYY
X5TlWuAu7OLDSruko+aRbMuy9Wf3f1KedWr+c1/lphNlDtcD+xTypzB5MslMo6OC
beIta+Pj78YSCaPIoNrvxTE6bSbIlzfgL+DKXwZ5XojkJhQ6QY7n0d9wLFLvIwQy
o4YRLaAnpBxSifZ6SO9X0nUPsHlQVYxNaleUzYTWt95eMHR8frQegIzGh0uSpWE8
GH+wh7CMp0NpHiYgEbNOy36BoT45Sq8Uy11y06AonbPC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:43 2025 by rpki-client