Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/ZN_-hfUKr4OdWCzkxecCgPD5x9o.roa
File: ZN_-hfUKr4OdWCzkxecCgPD5x9o.roa (raw, json)
Hash identifier: UNTrp5R2XSoLHHb1cfYJEBhMGDG2IQAg0fyRATdx/vA=
Subject key identifier: 64:DF:FE:85:F5:0A:AF:83:9D:58:2C:E4:C5:E7:02:80:F0:F9:C7:DA
Certificate issuer: /CN=65cd7803f41fe499e800664e0aacadee19b66d9d
Certificate serial: 0834D477
Authority key identifier: 65:CD:78:03:F4:1F:E4:99:E8:00:66:4E:0A:AC:AD:EE:19:B6:6D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/ZN_-hfUKr4OdWCzkxecCgPD5x9o.roa
Signing time: Sat 01 Jan 2022 08:54:08 +0000
ROA not before: Sat 01 Jan 2022 08:54:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34622
IP address blocks: 85.197.128.0/18 maxlen: 18
2a05:e840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137679991 (0x834d477)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65cd7803f41fe499e800664e0aacadee19b66d9d
Validity
Not Before: Jan 1 08:54:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64dffe85f50aaf839d582ce4c5e70280f0f9c7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:90:0e:d3:9c:98:26:59:e2:89:55:15:a4:af:
4a:4e:2e:e3:c9:42:83:c2:2b:09:d4:78:fc:2a:cc:
60:d3:e1:04:7a:6d:67:14:6f:8c:7d:6b:b9:9f:9d:
e3:d4:6c:09:95:73:b6:d2:d7:ec:8b:c0:08:69:58:
f8:e3:4f:9a:85:a7:23:5c:de:0c:8c:61:e1:82:b9:
13:a2:81:9d:49:eb:50:d5:c5:54:1f:1b:3b:8f:c1:
07:4d:62:47:3c:e0:24:19:f8:29:b1:98:7d:17:be:
f2:7b:47:01:ea:8e:92:97:44:93:63:f0:ef:08:2e:
2e:0a:06:c8:5e:26:55:a4:b2:a8:ea:d1:21:d2:64:
88:27:be:38:cb:1f:05:5d:96:21:9b:3f:75:9e:4c:
27:28:f9:dc:ef:59:57:43:c0:f9:b5:45:93:04:cf:
5a:b8:64:84:ff:eb:4d:a9:bf:23:44:51:3b:89:36:
59:c5:42:e5:50:d4:13:dd:b8:21:1b:92:48:c1:e3:
32:c5:b3:3a:e2:8e:e6:1b:24:19:36:4a:e0:3a:38:
05:a4:b4:e9:55:2a:31:87:1b:41:c4:69:01:77:8a:
9b:53:85:3d:19:3f:6d:e9:7f:f1:ed:31:fa:90:64:
88:33:09:ce:ab:bf:cb:34:7e:fb:a1:5a:c3:08:d3:
f3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DF:FE:85:F5:0A:AF:83:9D:58:2C:E4:C5:E7:02:80:F0:F9:C7:DA
X509v3 Authority Key Identifier:
keyid:65:CD:78:03:F4:1F:E4:99:E8:00:66:4E:0A:AC:AD:EE:19:B6:6D:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/ZN_-hfUKr4OdWCzkxecCgPD5x9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.197.128.0/18
IPv6:
2a05:e840::/29
Signature Algorithm: sha256WithRSAEncryption
6d:cf:24:bd:3e:f7:00:e8:91:6d:d0:93:8e:4f:38:8e:1c:52:
19:8c:73:0a:2a:25:1b:8b:9f:4f:64:1e:0a:3f:bc:1d:d0:21:
ba:cd:b8:86:47:6a:b9:79:42:2c:13:fe:6e:f1:a3:2f:43:74:
7c:ba:c2:80:26:5d:b9:96:3a:80:d5:69:96:c7:3a:52:de:20:
42:8a:2c:c2:a5:f3:3b:37:ac:76:a9:a2:4f:45:5a:30:a3:7a:
c5:45:ab:82:28:68:10:ba:27:5b:0b:12:f2:91:08:67:b9:3f:
c4:f3:48:de:93:15:77:6c:de:67:c7:34:85:8b:8f:51:e9:2d:
d6:28:5a:68:fe:d9:58:67:f1:fe:89:45:a4:c1:e9:3f:ae:21:
19:6f:40:ce:30:a3:97:a9:ce:c4:fe:7d:b5:e7:28:0c:96:9f:
75:6d:9e:77:b8:82:b0:f9:10:66:43:7c:3b:59:ad:30:f7:d7:
13:05:d8:e5:e2:da:6e:43:6a:de:0e:8f:9d:42:c7:2a:6a:57:
34:67:82:a2:1a:46:b0:f1:95:73:7e:52:6f:fd:74:51:7a:a1:
f8:d0:d8:b4:91:73:21:06:4c:84:ec:41:9c:c2:6a:d9:c6:78:
0c:a4:64:8f:65:0a:e7:ad:67:46:6b:91:7b:b0:53:49:df:3b:
00:4f:11:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECDTUdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWNkNzgwM2Y0MWZlNDk5ZTgwMDY2NGUwYWFjYWRlZTE5YjY2ZDlkMB4XDTIyMDEw
MTA4NTQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjRkZmZlODVmNTBh
YWY4MzlkNTgyY2U0YzVlNzAyODBmMGY5YzdkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiQDtOcmCZZ4olVFaSvSk4u48lCg8IrCdR4/CrMYNPhBHpt
ZxRvjH1ruZ+d49RsCZVzttLX7IvACGlY+ONPmoWnI1zeDIxh4YK5E6KBnUnrUNXF
VB8bO4/BB01iRzzgJBn4KbGYfRe+8ntHAeqOkpdEk2Pw7wguLgoGyF4mVaSyqOrR
IdJkiCe+OMsfBV2WIZs/dZ5MJyj53O9ZV0PA+bVFkwTPWrhkhP/rTam/I0RRO4k2
WcVC5VDUE924IRuSSMHjMsWzOuKO5hskGTZK4Do4BaS06VUqMYcbQcRpAXeKm1OF
PRk/bel/8e0x+pBkiDMJzqu/yzR++6FawwjT8xkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRk3/6F9Qqvg51YLOTF5wKA8PnH2jAfBgNVHSMEGDAWgBRlzXgD9B/kmegA
Zk4KrK3uGbZtnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pjMTRBX1FmNUpub0FHWk9DcXl0N2htMmJaMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZTY2ZjAxLTFkOWQtNDUxMy05NTZhLWY5NmJmYjA0ZTY0NS8x
L1pOXy1oZlVLcjRPZFdDemt4ZWNDZ1BENXg5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZTY2ZjAxLTFkOWQtNDUxMy05NTZhLWY5NmJmYjA0ZTY0NS8xL1pjMTRBX1FmNUpu
b0FHWk9DcXl0N2htMmJaMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBlXFgDANBAIAAjAHAwUDKgXoQDAN
BgkqhkiG9w0BAQsFAAOCAQEAbc8kvT73AOiRbdCTjk84jhxSGYxzCiolG4ufT2Qe
Cj+8HdAhus24hkdquXlCLBP+bvGjL0N0fLrCgCZduZY6gNVplsc6Ut4gQooswqXz
OzesdqmiT0VaMKN6xUWrgihoELonWwsS8pEIZ7k/xPNI3pMVd2zeZ8c0hYuPUekt
1ihaaP7ZWGfx/olFpMHpP64hGW9AzjCjl6nOxP59tecoDJafdW2ed7iCsPkQZkN8
O1mtMPfXEwXY5eLabkNq3g6PnULHKmpXNGeCohpGsPGVc35Sb/10UXqh+NDYtJFz
IQZMhOxBnMJq2cZ4DKRkj2UK561nRmuRe7BTSd87AE8R3Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:19 2025 by rpki-client