Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZBjPM9tjKDkHAiZLi5bwsrzGHSU.roa
File: ZBjPM9tjKDkHAiZLi5bwsrzGHSU.roa (raw, json)
Hash identifier: Ci6BkWMI5+227tGsyz4tvweL0LcKcCecvnU90swNHeM=
Subject key identifier: 64:18:CF:33:DB:63:28:39:07:02:26:4B:8B:96:F0:B2:BC:C6:1D:25
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A10A442
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZBjPM9tjKDkHAiZLi5bwsrzGHSU.roa
Signing time: Sat 01 Jan 2022 14:00:45 +0000
ROA not before: Sat 01 Jan 2022 14:00:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206770
IP address blocks: 157.25.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 974169154 (0x3a10a442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6418cf33db6328390702264b8b96f0b2bcc61d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:59:75:a0:43:68:1d:e5:83:c4:f7:06:d0:
76:58:3a:78:04:d9:3e:59:b6:40:d7:9f:8a:ff:30:
5e:38:49:c2:63:cd:77:3d:2d:7e:04:cd:91:98:0d:
df:7c:46:cd:97:23:27:f2:7b:d5:c4:ad:d1:69:28:
73:96:a4:e3:a5:0a:fe:4a:ea:19:86:bf:4c:d0:1f:
fe:e6:2f:e1:e4:63:2f:06:16:94:3a:2f:e1:ee:ea:
f9:a3:20:e0:c1:bd:3a:58:f3:6b:1c:d4:00:11:0a:
e6:e1:ef:72:02:e1:55:67:d4:b5:bc:b3:ed:e3:53:
54:86:63:a0:24:48:0f:4b:e6:dc:f9:92:23:c4:ea:
8e:02:a1:f6:c9:61:be:56:97:52:87:da:a4:45:44:
f0:1c:04:71:95:69:a2:e9:3e:51:66:32:1e:8d:c6:
1e:a9:23:0f:a8:5c:f9:fc:9d:84:6d:8d:cd:b2:b9:
ae:b4:eb:49:fa:83:38:54:23:17:a3:86:95:9d:19:
16:be:94:db:c3:0d:73:1f:44:de:dd:99:db:03:54:
69:61:95:fa:3d:08:6a:75:b3:96:99:37:65:d0:41:
c2:1e:38:ba:0d:00:94:cb:00:9f:d5:3d:db:44:ee:
9a:a6:c3:3c:3a:93:e9:33:80:4b:eb:2c:ed:85:f7:
6c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:18:CF:33:DB:63:28:39:07:02:26:4B:8B:96:F0:B2:BC:C6:1D:25
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZBjPM9tjKDkHAiZLi5bwsrzGHSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.57.0/24
Signature Algorithm: sha256WithRSAEncryption
33:1d:82:70:24:4b:87:46:40:68:08:6f:5e:93:49:66:94:75:
d9:1a:68:69:56:2f:37:d2:3a:e4:43:4a:8c:65:06:50:56:2b:
a8:55:db:2b:66:d9:14:e7:b6:86:c9:5c:e6:28:61:c5:67:17:
24:70:d9:e0:9a:1e:04:4d:20:72:90:40:aa:32:87:dc:cb:1a:
91:1f:46:ca:91:9d:f8:ea:e6:df:93:9a:5a:d4:e4:03:1f:08:
1b:0f:2e:6a:91:9e:1a:71:20:ed:19:9e:01:be:7c:f0:62:97:
29:07:13:01:69:81:74:69:65:08:0d:41:9b:3f:c3:68:3a:ce:
75:e5:19:60:05:99:0b:6b:30:a6:76:04:92:c1:f2:31:6f:3f:
37:ad:0f:e4:e3:a0:ff:b9:d7:f9:7a:0a:52:ac:df:f7:a2:07:
36:d7:2f:20:a9:6b:74:56:9f:d6:1c:20:02:6f:d7:90:4a:17:
8a:55:cb:e2:ba:ff:c9:1e:a2:0c:a4:14:f9:a8:48:5d:a8:e2:
8a:36:3f:12:a0:2f:cd:e6:f3:eb:c8:b4:77:6d:f6:c0:e4:62:
c5:1b:58:a2:a4:a6:dd:39:3a:0c:e0:48:a7:a9:75:fd:ec:45:
78:13:6d:c6:94:04:59:16:6f:9f:a9:32:8d:f4:f2:9a:68:a5:
ce:d5:21:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOhCkQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQxOGNmMzNkYjYz
MjgzOTA3MDIyNjRiOGI5NmYwYjJiY2M2MWQyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUsWXWgQ2gd5YPE9wbQdlg6eATZPlm2QNefiv8wXjhJwmPN
dz0tfgTNkZgN33xGzZcjJ/J71cSt0Wkoc5ak46UK/krqGYa/TNAf/uYv4eRjLwYW
lDov4e7q+aMg4MG9OljzaxzUABEK5uHvcgLhVWfUtbyz7eNTVIZjoCRID0vm3PmS
I8TqjgKh9slhvlaXUofapEVE8BwEcZVpouk+UWYyHo3GHqkjD6hc+fydhG2NzbK5
rrTrSfqDOFQjF6OGlZ0ZFr6U28MNcx9E3t2Z2wNUaWGV+j0IanWzlpk3ZdBBwh44
ug0AlMsAn9U920TumqbDPDqT6TOAS+ss7YX3bJcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkGM8z22MoOQcCJkuLlvCyvMYdJTAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L1pCalBNOXRqS0RrSEFpWkxpNWJ3c3J6R0hTVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0ZOTANBgkqhkiG9w0BAQsFAAOC
AQEAMx2CcCRLh0ZAaAhvXpNJZpR12RpoaVYvN9I65ENKjGUGUFYrqFXbK2bZFOe2
hslc5ihhxWcXJHDZ4JoeBE0gcpBAqjKH3MsakR9GypGd+Orm35OaWtTkAx8IGw8u
apGeGnEg7RmeAb588GKXKQcTAWmBdGllCA1Bmz/DaDrOdeUZYAWZC2swpnYEksHy
MW8/N60P5OOg/7nX+XoKUqzf96IHNtcvIKlrdFaf1hwgAm/XkEoXilXL4rr/yR6i
DKQU+ahIXajiijY/EqAvzebz68i0d232wORixRtYoqSm3Tk6DOBIp6l1/exFeBNt
xpQEWRZvn6kyjfTymmilztUhJw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:01 2025 by rpki-client