Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/244901-ae2d-4418-9d93-e1544c57e38b/1/Zn-w0AegnuUcRstj1cX8JX5TQ40.roa
File: Zn-w0AegnuUcRstj1cX8JX5TQ40.roa (raw, json)
Hash identifier: 9EKslEbzwGSyq4i09u8Akyy03FxhTUZ2njtac3bYrCY=
Subject key identifier: 66:7F:B0:D0:07:A0:9E:E5:1C:46:CB:63:D5:C5:FC:25:7E:53:43:8D
Certificate issuer: /CN=33320e2f3c5adadf153a0758bc600b6ea14f4eed
Certificate serial: 01856FF9481F4282FBAE98ABC3AD7FF9383F
Authority key identifier: 33:32:0E:2F:3C:5A:DA:DF:15:3A:07:58:BC:60:0B:6E:A1:4F:4E:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzIOLzxa2t8VOgdYvGALbqFPTu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/244901-ae2d-4418-9d93-e1544c57e38b/1/Zn-w0AegnuUcRstj1cX8JX5TQ40.roa
Signing time: Mon 02 Jan 2023 00:54:45 +0000
ROA not before: Mon 02 Jan 2023 00:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 94.136.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:48:1f:42:82:fb:ae:98:ab:c3:ad:7f:f9:38:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33320e2f3c5adadf153a0758bc600b6ea14f4eed
Validity
Not Before: Jan 2 00:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=667fb0d007a09ee51c46cb63d5c5fc257e53438d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:44:c4:4e:a4:58:5b:7e:09:2c:87:fe:f8:06:
69:35:da:5a:d1:24:2a:11:6c:7c:61:d7:42:52:5e:
5f:1e:07:ce:21:c7:38:56:df:f8:c6:51:db:47:17:
44:a9:cb:67:cd:79:94:51:15:3e:4a:57:bf:59:5e:
cf:72:cc:96:01:8e:82:23:8f:d2:23:34:90:86:8d:
cc:8c:41:b6:e2:32:b9:50:96:4b:31:e0:51:4c:f8:
ac:ae:ec:91:d1:34:88:68:bc:d3:3a:d1:38:5c:8a:
fa:7c:ff:da:f9:63:ef:62:2b:1a:62:0b:4b:17:2a:
45:c2:3a:cd:a0:e5:e9:d7:76:a7:c7:7b:a1:f7:15:
ce:26:fd:9e:01:8e:45:7d:3d:a6:10:7c:da:7d:39:
37:9e:5b:cf:e6:89:fb:73:a3:c8:40:e9:bd:3c:dc:
4c:05:a5:88:d9:ee:95:a3:1c:ba:52:63:61:cf:ec:
88:45:57:a5:50:40:42:fc:67:f2:0e:0d:e0:06:66:
cd:f0:7a:df:ee:34:b4:96:f2:b7:cd:c3:b1:5a:b5:
8c:92:d7:44:c2:11:03:63:95:7e:43:66:b0:45:db:
2d:86:a7:dc:d3:2d:e7:d9:55:9b:aa:6a:86:d3:c1:
ec:15:f8:05:5c:6a:a2:3a:1c:41:63:42:94:0b:1b:
52:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7F:B0:D0:07:A0:9E:E5:1C:46:CB:63:D5:C5:FC:25:7E:53:43:8D
X509v3 Authority Key Identifier:
keyid:33:32:0E:2F:3C:5A:DA:DF:15:3A:07:58:BC:60:0B:6E:A1:4F:4E:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzIOLzxa2t8VOgdYvGALbqFPTu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/244901-ae2d-4418-9d93-e1544c57e38b/1/Zn-w0AegnuUcRstj1cX8JX5TQ40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/244901-ae2d-4418-9d93-e1544c57e38b/1/MzIOLzxa2t8VOgdYvGALbqFPTu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.136.116.0/24
Signature Algorithm: sha256WithRSAEncryption
43:fb:51:01:ff:8b:26:48:8b:73:a5:86:58:1b:de:15:5a:58:
c3:3c:fa:f5:da:9e:22:b6:85:86:fd:34:c5:0c:f4:a5:e7:ac:
2b:67:3e:cf:b2:89:17:59:cb:e2:a4:4d:39:d0:ec:a0:cc:13:
95:bb:2a:56:03:8a:e6:55:04:75:0a:88:de:58:cd:9f:e9:64:
a6:b4:f6:2f:e1:91:bf:1a:2c:6f:ab:06:58:6a:44:92:f6:1e:
39:e5:15:1a:fc:6a:48:66:8f:38:28:84:54:fa:91:92:ae:5c:
8f:55:3b:da:6d:67:cf:58:8a:b3:f9:65:8a:08:ec:39:ce:9f:
a7:9a:ba:4a:14:45:4b:ea:ca:d4:e2:67:c0:8b:f0:48:59:75:
b2:ea:d4:5d:59:49:c8:bd:0c:60:5a:b3:c0:d6:ab:cc:48:72:
b3:55:f8:f5:d7:a9:e3:e3:ea:45:05:ef:92:a2:38:d9:26:28:
f1:b8:03:62:a0:f5:0c:98:8d:3a:13:70:50:9f:db:02:cc:f4:
02:79:38:97:40:30:ce:0a:f6:a0:d4:24:0f:cd:15:4b:83:87:
11:e7:f2:1d:5f:1c:1e:50:f0:da:78:05:f8:e3:d5:73:c6:e6:
c4:cd:55:e3:2b:22:f0:c1:63:bb:76:ad:ac:88:df:f4:4e:31:
66:50:c2:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+UgfQoL7rpirw61/+Tg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzIwZTJmM2M1YWRhZGYxNTNhMDc1OGJjNjAwYjZlYTE0
ZjRlZWQwHhcNMjMwMTAyMDA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjdmYjBkMDA3YTA5ZWU1MWM0NmNiNjNkNWM1ZmMyNTdlNTM0MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ETETqRYW34JLIf++AZpNdpa0SQq
EWx8YddCUl5fHgfOIcc4Vt/4xlHbRxdEqctnzXmUURU+Sle/WV7PcsyWAY6CI4/S
IzSQho3MjEG24jK5UJZLMeBRTPisruyR0TSIaLzTOtE4XIr6fP/a+WPvYisaYgtL
FypFwjrNoOXp13anx3uh9xXOJv2eAY5FfT2mEHzafTk3nlvP5on7c6PIQOm9PNxM
BaWI2e6Voxy6UmNhz+yIRVelUEBC/GfyDg3gBmbN8Hrf7jS0lvK3zcOxWrWMktdE
whEDY5V+Q2awRdsthqfc0y3n2VWbqmqG08HsFfgFXGqiOhxBY0KUCxtSXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZ/sNAHoJ7lHEbLY9XF/CV+U0ONMB8GA1UdIwQY
MBaAFDMyDi88WtrfFToHWLxgC26hT07tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpJT0x6eGEydDhWT2dkWXZHQUxicUZQVHUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yNDQ5MDEtYWUyZC00NDE4LTlkOTMt
ZTE1NDRjNTdlMzhiLzEvWm4tdzBBZWdudVVjUnN0ajFjWDhKWDVUUTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yNDQ5MDEtYWUyZC00NDE4LTlkOTMtZTE1NDRjNTdlMzhi
LzEvTXpJT0x6eGEydDhWT2dkWXZHQUxicUZQVHUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXoh0MA0G
CSqGSIb3DQEBCwUAA4IBAQBD+1EB/4smSItzpYZYG94VWljDPPr12p4itoWG/TTF
DPSl56wrZz7PsokXWcvipE050OygzBOVuypWA4rmVQR1CojeWM2f6WSmtPYv4ZG/
GixvqwZYakSS9h455RUa/GpIZo84KIRU+pGSrlyPVTvabWfPWIqz+WWKCOw5zp+n
mrpKFEVL6srU4mfAi/BIWXWy6tRdWUnIvQxgWrPA1qvMSHKzVfj116nj4+pFBe+S
ojjZJijxuANioPUMmI06E3BQn9sCzPQCeTiXQDDOCvag1CQPzRVLg4cR5/IdXxwe
UPDaeAX449VzxubEzVXjKyLwwWO7dq2siN/0TjFmUMIu
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:46:21 2025 by rpki-client