Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/ZpHXZW0cMush-9jFvIPY3HWeklY.roa
File: ZpHXZW0cMush-9jFvIPY3HWeklY.roa (raw, json)
Hash identifier: 9/OyelHb4eLk+qDYbXBXq0JMBtiXohQtVh29mGCdvTE=
Subject key identifier: 66:91:D7:65:6D:1C:32:EB:21:FB:D8:C5:BC:83:D8:DC:75:9E:92:56
Certificate issuer: /CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Certificate serial: 01856D6F6C45B2B4117CF96D5BEC0801A25A
Authority key identifier: 56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/ZpHXZW0cMush-9jFvIPY3HWeklY.roa
Signing time: Sun 01 Jan 2023 13:04:56 +0000
ROA not before: Sun 01 Jan 2023 13:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 194.176.117.0/24 maxlen: 24
2a13:14c0::/32 maxlen: 48
2a13:14c1::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:6c:45:b2:b4:11:7c:f9:6d:5b:ec:08:01:a2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Validity
Not Before: Jan 1 13:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6691d7656d1c32eb21fbd8c5bc83d8dc759e9256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:69:a7:23:c8:4d:dc:7a:63:b8:b9:8d:5d:
61:d6:0b:22:42:a1:d7:11:62:07:e2:2f:2e:5d:1c:
fb:87:c3:a6:2c:74:6c:e3:08:a6:6d:14:6b:d4:74:
7b:c4:8b:31:69:d6:24:cf:bd:91:ed:39:a4:43:e5:
c7:34:5d:4c:4c:c9:bf:83:c8:70:37:59:5d:8d:4d:
9c:93:b1:de:54:cb:bc:7d:21:77:fc:48:92:9d:7a:
ef:b4:ec:2d:e4:30:68:f4:f1:d5:8f:85:a9:8e:ab:
b0:90:75:ee:b0:ce:b4:ef:73:71:57:0a:f7:2b:01:
4a:7c:be:84:0e:97:f7:61:35:ba:59:81:c9:de:1e:
da:e7:e6:8f:54:ee:c1:cc:89:a1:d0:62:cc:d1:49:
e7:57:c9:e9:f7:c7:3e:15:6e:17:b7:2a:21:ce:e2:
48:26:a2:c9:84:ef:c1:fb:9a:b8:37:8b:08:2a:56:
0b:fe:d8:3d:fc:98:7e:52:cd:b7:16:b7:97:4d:05:
a4:dc:c9:81:52:1d:07:1e:86:9e:73:3e:0d:6d:56:
72:61:bc:83:07:09:05:0d:45:b6:65:2b:c7:2c:15:
9a:6f:06:c0:7d:a5:1a:60:8d:38:4d:c8:96:12:01:
bd:b0:cc:55:7b:79:2a:6a:5b:58:cf:da:35:0f:0b:
a9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:91:D7:65:6D:1C:32:EB:21:FB:D8:C5:BC:83:D8:DC:75:9E:92:56
X509v3 Authority Key Identifier:
keyid:56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/ZpHXZW0cMush-9jFvIPY3HWeklY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.117.0/24
IPv6:
2a13:14c0::/31
Signature Algorithm: sha256WithRSAEncryption
6a:d1:cc:3d:d5:d5:78:02:19:06:47:aa:90:be:b3:1e:5f:9f:
fd:29:36:db:2c:11:d5:a5:12:1e:77:a9:7c:39:0c:78:57:29:
2c:3d:e8:4d:4f:4a:c1:f9:b9:e2:dd:3d:f7:73:ee:31:56:a2:
00:31:08:22:7b:63:0d:31:8f:25:20:d3:2f:1c:11:ce:04:8e:
58:82:43:1f:34:41:e8:d0:21:24:51:99:05:c1:f5:5d:08:5f:
3f:61:5b:49:44:ca:28:ab:1c:73:59:a4:da:2d:c8:9a:67:36:
54:d7:0b:b6:f1:4f:2e:fd:1e:46:60:e4:38:98:87:cf:0d:67:
aa:29:54:09:f8:f7:f2:9e:40:e9:1f:44:ee:44:56:c3:01:40:
c5:fa:0b:f6:84:f2:aa:20:2b:8d:2d:e5:db:1c:e4:fe:4a:ff:
6a:d7:1f:3a:13:f1:75:8c:65:f2:01:10:d3:73:4e:9b:32:16:
6a:b2:47:4d:95:f1:c9:bc:1e:df:e3:2e:19:95:db:fc:79:ba:
53:7e:50:17:4a:68:ce:6c:fe:0c:6d:f7:91:00:b3:56:3c:2d:
88:7a:03:57:c1:c1:21:c7:58:c6:fe:0f:b6:78:1d:49:68:54:
b7:75:1b:0f:d6:6a:e0:f7:23:e8:4e:53:6a:58:3f:2e:c0:80:
85:0b:40:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtb2xFsrQRfPltW+wIAaJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWQ5YjJjMjI3YjQxM2M1MDU4MTMyOTRmYWFkYjZkYmJj
MmRkNjYwHhcNMjMwMTAxMTMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjkxZDc2NTZkMWMzMmViMjFmYmQ4YzViYzgzZDhkYzc1OWU5MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfVppyPITdx6Y7i5jV1h1gsiQqHX
EWIH4i8uXRz7h8OmLHRs4wimbRRr1HR7xIsxadYkz72R7TmkQ+XHNF1MTMm/g8hw
N1ldjU2ck7HeVMu8fSF3/EiSnXrvtOwt5DBo9PHVj4WpjquwkHXusM6073NxVwr3
KwFKfL6EDpf3YTW6WYHJ3h7a5+aPVO7BzImh0GLM0UnnV8np98c+FW4XtyohzuJI
JqLJhO/B+5q4N4sIKlYL/tg9/Jh+Us23FreXTQWk3MmBUh0HHoaecz4NbVZyYbyD
BwkFDUW2ZSvHLBWabwbAfaUaYI04TciWEgG9sMxVe3kqaltYz9o1DwupxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGaR12VtHDLrIfvYxbyD2Nx1npJWMB8GA1UdIwQY
MBaAFFatmywie0E8UFgTKU+q2227wt1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYt
NzE4YjhjN2M5MzM1LzEvWnBIWFpXMGNNdXNoLTlqRnZJUFkzSFdla2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYtNzE4YjhjN2M5MzM1
LzEvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwrB1MA0E
AgACMAcDBQEqExTAMA0GCSqGSIb3DQEBCwUAA4IBAQBq0cw91dV4AhkGR6qQvrMe
X5/9KTbbLBHVpRIed6l8OQx4VyksPehNT0rB+bni3T33c+4xVqIAMQgie2MNMY8l
INMvHBHOBI5YgkMfNEHo0CEkUZkFwfVdCF8/YVtJRMooqxxzWaTaLciaZzZU1wu2
8U8u/R5GYOQ4mIfPDWeqKVQJ+PfynkDpH0TuRFbDAUDF+gv2hPKqICuNLeXbHOT+
Sv9q1x86E/F1jGXyARDTc06bMhZqskdNlfHJvB7f4y4Zldv8ebpTflAXSmjObP4M
bfeRALNWPC2IegNXwcEhx1jG/g+2eB1JaFS3dRsP1mrg9yPoTlNqWD8uwICFC0Cg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:24 2025 by rpki-client