Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/ZxBM2So4uxLfZRifx0A6kuZkUTs.roa
File: ZxBM2So4uxLfZRifx0A6kuZkUTs.roa (raw, json)
Hash identifier: mi8xDD+QGdtc9Naa43lmHkhGmB+wwC6bGhPDl29kZ/A=
Subject key identifier: 67:10:4C:D9:2A:38:BB:12:DF:65:18:9F:C7:40:3A:92:E6:64:51:3B
Certificate issuer: /CN=9280fdc9e7a86430c8e28f5e349e317fbb8a1ca9
Certificate serial: 018571D7AF5547062374765587E99CE40BB9
Authority key identifier: 92:80:FD:C9:E7:A8:64:30:C8:E2:8F:5E:34:9E:31:7F:BB:8A:1C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koD9yeeoZDDI4o9eNJ4xf7uKHKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/ZxBM2So4uxLfZRifx0A6kuZkUTs.roa
Signing time: Mon 02 Jan 2023 09:37:18 +0000
ROA not before: Mon 02 Jan 2023 09:37:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206993
IP address blocks: 185.169.172.0/24 maxlen: 24
185.169.173.0/24 maxlen: 24
193.160.37.0/24 maxlen: 24
193.160.34.0/24 maxlen: 24
193.160.38.0/24 maxlen: 24
193.160.35.0/24 maxlen: 24
193.160.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:af:55:47:06:23:74:76:55:87:e9:9c:e4:0b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9280fdc9e7a86430c8e28f5e349e317fbb8a1ca9
Validity
Not Before: Jan 2 09:37:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67104cd92a38bb12df65189fc7403a92e664513b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:8b:4d:0f:5a:9c:11:da:fc:bf:37:c3:b8:
84:9c:fe:6c:66:10:27:77:11:25:eb:b4:4a:34:f4:
24:79:3a:61:b0:20:97:09:e9:77:a1:d6:7f:5e:70:
b7:52:bd:0a:3b:69:20:08:7d:f1:a7:f7:3e:8a:80:
6a:dc:b9:08:bf:d3:4b:3d:6f:63:e4:79:82:5b:71:
d8:98:c0:49:74:d7:e0:ff:5c:be:26:c5:33:2e:22:
b0:f2:f1:1a:f7:a4:bc:3f:2f:5a:05:93:eb:6c:ff:
a0:ea:ce:af:82:91:41:e8:72:b3:dd:3d:48:d2:6d:
c8:23:17:1a:df:83:37:c4:08:c4:ee:e9:45:83:0a:
82:f1:a6:71:2e:1d:e4:33:7f:6d:a4:e6:9b:2f:a6:
92:a5:6f:27:86:1c:1b:a4:4e:83:3d:a7:3f:7b:1c:
6f:5a:6a:a2:f7:2a:f0:13:84:28:80:9c:07:e8:fd:
66:12:e5:7e:09:60:9f:fa:46:42:a9:28:d4:f6:8e:
f9:ae:af:69:aa:97:4e:99:8e:28:8c:b1:4d:28:f0:
be:af:b8:0c:f4:3e:66:75:43:d6:07:1c:b8:10:3a:
19:f6:9d:23:62:72:2d:e5:7f:b7:19:cf:18:fe:14:
fd:21:be:42:36:39:80:10:ec:4a:da:9e:fa:09:75:
10:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:10:4C:D9:2A:38:BB:12:DF:65:18:9F:C7:40:3A:92:E6:64:51:3B
X509v3 Authority Key Identifier:
keyid:92:80:FD:C9:E7:A8:64:30:C8:E2:8F:5E:34:9E:31:7F:BB:8A:1C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koD9yeeoZDDI4o9eNJ4xf7uKHKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/ZxBM2So4uxLfZRifx0A6kuZkUTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/koD9yeeoZDDI4o9eNJ4xf7uKHKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.172.0/23
193.160.34.0-193.160.38.255
Signature Algorithm: sha256WithRSAEncryption
69:6a:40:3a:16:f5:68:59:4e:ce:95:4e:14:f2:b4:be:28:2c:
f5:55:40:0a:bf:4c:13:43:33:b0:30:cc:ae:c3:db:fd:39:95:
8d:0c:24:34:fa:0a:d4:5b:3f:10:9a:75:3b:11:00:80:5d:a3:
75:53:04:b0:c4:15:e6:78:1d:55:83:d1:e5:fe:b0:31:9f:4c:
af:82:d1:70:a4:bc:fb:f0:d5:f7:33:28:c8:3d:7c:d5:b0:ed:
8c:ce:39:d8:16:47:0d:69:b4:7f:31:8c:74:df:6d:11:c5:0f:
d5:90:5e:c4:c9:3f:12:57:43:34:f0:9d:f9:96:04:ec:7f:a0:
75:2f:09:2e:17:93:4f:67:41:a7:11:a0:88:fd:d7:65:68:e1:
d4:b9:75:79:f3:75:9f:c9:ef:de:ca:3d:22:19:ea:b9:9d:79:
0b:5a:f1:87:f1:92:ce:b1:e6:c3:bb:bd:41:9d:29:96:0f:6a:
aa:48:3f:59:74:e1:5b:9f:90:bc:fd:cb:ba:6c:11:75:be:73:
84:fd:42:af:cb:27:64:d6:b0:d6:e9:70:bf:9f:17:05:45:2e:
d1:f4:29:d4:ef:c5:42:9a:4c:32:22:29:9c:c7:e3:95:fc:6d:
bf:c1:81:2c:1b:1e:97:f8:b6:5b:aa:9f:77:ae:e4:aa:85:5e:
3c:d5:c5:da
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVx169VRwYjdHZVh+mc5Au5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyODBmZGM5ZTdhODY0MzBjOGUyOGY1ZTM0OWUzMTdmYmI4
YTFjYTkwHhcNMjMwMTAyMDkzNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzEwNGNkOTJhMzhiYjEyZGY2NTE4OWZjNzQwM2E5MmU2NjQ1MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGqLTQ9anBHa/L83w7iEnP5sZhAn
dxEl67RKNPQkeTphsCCXCel3odZ/XnC3Ur0KO2kgCH3xp/c+ioBq3LkIv9NLPW9j
5HmCW3HYmMBJdNfg/1y+JsUzLiKw8vEa96S8Py9aBZPrbP+g6s6vgpFB6HKz3T1I
0m3IIxca34M3xAjE7ulFgwqC8aZxLh3kM39tpOabL6aSpW8nhhwbpE6DPac/exxv
Wmqi9yrwE4QogJwH6P1mEuV+CWCf+kZCqSjU9o75rq9pqpdOmY4ojLFNKPC+r7gM
9D5mdUPWBxy4EDoZ9p0jYnIt5X+3Gc8Y/hT9Ib5CNjmAEOxK2p76CXUQpwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGcQTNkqOLsS32UYn8dAOpLmZFE7MB8GA1UdIwQY
MBaAFJKA/cnnqGQwyOKPXjSeMX+7ihypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29EOXllZW9aRERJNG85ZU5KNHhmN3VLSEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jZjQ5NDYtZjVjMi00NWFhLTlhNDEt
ZjQ0Mjk5ODY1YTI4LzEvWnhCTTJTbzR1eExmWlJpZngwQTZrdVprVVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jZjQ5NDYtZjVjMi00NWFhLTlhNDEtZjQ0Mjk5ODY1YTI4
LzEva29EOXllZW9aRERJNG85ZU5KNHhmN3VLSEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBuamsMAwD
BAHBoCIDBADBoCYwDQYJKoZIhvcNAQELBQADggEBAGlqQDoW9WhZTs6VThTytL4o
LPVVQAq/TBNDM7AwzK7D2/05lY0MJDT6CtRbPxCadTsRAIBdo3VTBLDEFeZ4HVWD
0eX+sDGfTK+C0XCkvPvw1fczKMg9fNWw7YzOOdgWRw1ptH8xjHTfbRHFD9WQXsTJ
PxJXQzTwnfmWBOx/oHUvCS4Xk09nQacRoIj912Vo4dS5dXnzdZ/J797KPSIZ6rmd
eQta8Yfxks6x5sO7vUGdKZYPaqpIP1l04VufkLz9y7psEXW+c4T9Qq/LJ2TWsNbp
cL+fFwVFLtH0KdTvxUKaTDIiKZzH45X8bb/BgSwbHpf4tluqn3eu5KqFXjzVxdo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:39 2025 by rpki-client