Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZCzrO3trcUehqSiLSi7yKuLgAcA.roa
File: ZCzrO3trcUehqSiLSi7yKuLgAcA.roa (raw, json)
Hash identifier: kP9IYlk/HRxPxW7HpgjwjiENt4NXkzgi9UfkOabpFZg=
Subject key identifier: 64:2C:EB:3B:7B:6B:71:47:A1:A9:28:8B:4A:2E:F2:2A:E2:E0:01:C0
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 39F4D937
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZCzrO3trcUehqSiLSi7yKuLgAcA.roa
Signing time: Sat 01 Jan 2022 14:00:32 +0000
ROA not before: Sat 01 Jan 2022 14:00:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41464
IP address blocks: 78.133.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 972347703 (0x39f4d937)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=642ceb3b7b6b7147a1a9288b4a2ef22ae2e001c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ea:d9:f4:40:fe:5d:0d:fc:19:a4:5a:af:b4:
94:47:1c:0c:5b:52:3b:23:e2:3c:bb:1d:7b:87:bd:
48:84:68:ca:e0:00:c1:2f:74:c9:1a:2b:f9:ef:b2:
a2:bf:a9:3e:b6:09:df:d2:e0:53:a5:9c:a1:09:70:
a1:aa:0b:54:ac:af:14:11:0b:1a:87:01:fd:d3:e8:
d3:82:ee:a6:f3:32:81:c1:d3:93:11:25:40:00:b5:
55:59:47:af:bc:25:3c:9b:ee:24:58:37:c3:9f:69:
6c:77:12:d5:1c:4d:5b:cf:25:50:95:2a:12:12:2c:
91:34:12:89:74:dd:58:f0:7c:0c:54:77:9d:42:44:
64:47:af:50:d8:70:ee:93:86:5f:83:83:a3:75:41:
62:15:1b:dd:8a:02:fa:c3:d7:0d:ae:a0:f8:58:23:
23:1e:f0:e9:bc:8e:04:8b:64:fe:ab:d7:03:ba:66:
48:21:92:b1:d0:a1:98:81:c7:ba:c4:7a:27:d9:c1:
fa:f5:a7:42:a4:6b:2f:f9:ca:02:31:b3:4c:04:a3:
a4:6d:c5:51:fc:4d:85:9d:11:14:0c:d7:2d:1d:af:
a4:c8:d4:f4:79:71:29:fe:87:93:80:ff:dd:68:e0:
e2:e8:2a:d0:08:55:f6:83:4a:fe:73:48:5c:8b:95:
e5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2C:EB:3B:7B:6B:71:47:A1:A9:28:8B:4A:2E:F2:2A:E2:E0:01:C0
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZCzrO3trcUehqSiLSi7yKuLgAcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.168.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ff:34:5f:64:17:38:de:90:23:95:97:ca:fe:e1:33:4f:4d:
35:55:6f:82:a3:d5:7f:85:89:39:96:db:2f:ec:63:c0:aa:05:
ca:aa:6d:32:4e:b8:19:2e:cf:2c:01:d3:b2:51:35:bc:fe:0e:
67:2e:dd:84:7c:e7:e5:b4:04:a4:62:75:0b:70:1f:9b:df:5a:
90:58:06:11:a5:5e:fd:a8:0f:3a:5a:8c:a0:d4:7b:ad:b5:06:
96:09:3a:43:2e:3e:5c:61:33:49:1a:61:c2:3e:f1:5b:15:3a:
4c:5a:dc:b9:5a:98:fb:13:8a:d4:b5:6d:ef:17:64:c3:d1:4b:
c9:f4:ba:d0:67:9f:66:2e:d8:57:66:68:bd:8d:28:dd:85:20:
8a:3c:12:2d:a1:46:e7:5e:76:28:9f:83:3f:7c:f4:93:62:75:
7c:eb:62:52:6d:c3:ad:dc:a7:69:96:02:a8:9f:68:ef:62:b4:
fc:0b:7f:c6:cc:40:31:81:b9:d6:2d:37:7a:0d:a5:67:0b:16:
c4:d5:16:e6:ce:35:4b:78:fc:ec:ba:86:83:b4:d7:e0:3d:02:
77:74:93:62:78:41:93:ff:ec:ec:1f:2c:5d:f9:b7:42:09:ea:
64:b3:c9:c1:55:59:1f:5c:a3:47:73:49:e5:fe:f5:b7:f0:b5:
82:ac:5a:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOfTZNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQyY2ViM2I3YjZi
NzE0N2ExYTkyODhiNGEyZWYyMmFlMmUwMDFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/q2fRA/l0N/BmkWq+0lEccDFtSOyPiPLsde4e9SIRoyuAA
wS90yRor+e+yor+pPrYJ39LgU6WcoQlwoaoLVKyvFBELGocB/dPo04LupvMygcHT
kxElQAC1VVlHr7wlPJvuJFg3w59pbHcS1RxNW88lUJUqEhIskTQSiXTdWPB8DFR3
nUJEZEevUNhw7pOGX4ODo3VBYhUb3YoC+sPXDa6g+FgjIx7w6byOBItk/qvXA7pm
SCGSsdChmIHHusR6J9nB+vWnQqRrL/nKAjGzTASjpG3FUfxNhZ0RFAzXLR2vpMjU
9HlxKf6Hk4D/3Wjg4ugq0AhV9oNK/nNIXIuV5csCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkLOs7e2txR6GpKItKLvIq4uABwDAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L1pDenJPM3RyY1VlaHFTaUxTaTd5S3VMZ0FjQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE6FqDANBgkqhkiG9w0BAQsFAAOC
AQEAVf80X2QXON6QI5WXyv7hM09NNVVvgqPVf4WJOZbbL+xjwKoFyqptMk64GS7P
LAHTslE1vP4OZy7dhHzn5bQEpGJ1C3Afm99akFgGEaVe/agPOlqMoNR7rbUGlgk6
Qy4+XGEzSRphwj7xWxU6TFrcuVqY+xOK1LVt7xdkw9FLyfS60GefZi7YV2ZovY0o
3YUgijwSLaFG5152KJ+DP3z0k2J1fOtiUm3DrdynaZYCqJ9o72K0/At/xsxAMYG5
1i03eg2lZwsWxNUW5s41S3j87LqGg7TX4D0Cd3STYnhBk//s7B8sXfm3QgnqZLPJ
wVVZH1yjR3NJ5f71t/C1gqxa6A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:42 2025 by rpki-client