Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-Z7wQMG4mm2TpwXEJWU5eCEGEJM.roa
File: 1-Z7wQMG4mm2TpwXEJWU5eCEGEJM.roa (raw, json)
Hash identifier: K+uZXmZq7POFE0O3/fU1rXtekv6yb/ccNSMQKuMKWas=
Subject key identifier: F9:9E:F0:40:C1:B8:9A:6D:93:A7:05:C4:25:65:39:78:21:06:10:93
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01842D620F7E55F06F73B4781DEE0665BDC6
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-Z7wQMG4mm2TpwXEJWU5eCEGEJM.roa
Signing time: Mon 31 Oct 2022 09:31:52 +0000
ROA not before: Mon 31 Oct 2022 09:31:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60623
IP address blocks: 213.182.168.0/24 maxlen: 24
213.182.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:62:0f:7e:55:f0:6f:73:b4:78:1d:ee:06:65:bd:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 31 09:31:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f99ef040c1b89a6d93a705c42565397821061093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:50:4e:5b:5a:14:92:ce:6c:58:1b:64:90:25:
9a:18:44:a9:d7:45:25:4e:a4:1f:ef:7d:a1:59:ca:
df:d2:24:2a:09:8f:62:82:a9:18:ca:97:04:3c:0d:
8c:86:8f:d2:c4:fd:ac:52:d6:fd:32:91:bb:8e:ac:
b9:ed:79:dd:4f:f4:bc:90:62:04:b4:2d:a8:66:e7:
01:4f:76:0e:6a:85:5d:dd:1e:71:38:bf:77:eb:a5:
1a:23:a0:d3:90:e2:d5:c0:2a:ba:30:f9:3d:91:30:
68:87:98:27:d4:10:13:d1:c0:3e:4e:89:a0:41:7c:
2d:f8:9b:1f:a3:3a:60:7b:07:87:a4:34:92:6c:50:
63:2c:72:86:cb:e4:bd:10:33:a3:9d:12:e6:73:c7:
23:9f:d6:b0:3f:53:59:78:53:e1:2c:2f:c0:04:f0:
9b:a5:96:9d:a3:71:a5:be:4c:62:f4:4f:13:0a:af:
c1:cb:bb:58:9f:a2:7b:6f:d2:61:f2:72:85:62:5c:
45:69:94:cf:26:8f:5f:a5:71:4e:ce:da:0b:a8:20:
bf:90:b8:1a:ab:46:da:10:62:1d:8d:20:86:29:5d:
bc:e5:a6:b6:80:dd:82:e8:64:96:a9:db:db:ef:ed:
aa:07:ff:d6:a4:05:78:d1:51:36:5b:7b:89:44:c2:
a9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9E:F0:40:C1:B8:9A:6D:93:A7:05:C4:25:65:39:78:21:06:10:93
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-Z7wQMG4mm2TpwXEJWU5eCEGEJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.168.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:60:b5:cb:8a:44:08:53:4a:74:db:bd:6b:88:23:5d:40:9b:
5f:07:87:02:a9:b1:7b:e0:57:09:dd:7c:01:1d:a4:d6:3a:1b:
66:c7:18:d9:37:cf:dc:e8:75:8a:b8:31:90:22:5b:1c:a2:9b:
b4:df:d1:30:a7:df:3f:6e:17:79:ea:30:09:69:1b:15:c4:73:
d4:f5:3c:03:59:f4:c0:c6:f8:d5:ff:6b:a5:19:8f:8d:ba:77:
8e:d2:d2:94:e4:9a:19:1f:b0:a4:99:0c:2f:4b:2b:19:b0:e7:
cf:5f:a2:a7:c9:90:33:eb:3b:4a:27:6f:bb:77:db:0e:09:b4:
90:e9:57:ff:25:82:c0:00:81:ff:09:92:eb:b4:d3:9b:03:27:
9f:38:8a:33:50:f4:39:07:2f:05:4b:3a:78:fe:e2:f2:80:12:
58:4f:87:52:5f:09:7a:94:83:fa:a4:1e:81:fb:d3:30:4f:92:
78:5d:1d:8e:cd:c6:0b:53:77:2a:62:4a:7d:24:c8:11:d6:f8:
bd:d5:3c:89:4d:a0:c8:34:66:46:81:1b:79:87:58:f8:8a:0d:
fe:73:f0:18:a9:7c:c8:49:52:9d:d4:93:60:28:f3:91:06:bd:
cf:28:62:16:5c:43:65:c2:d5:29:d6:3f:a7:88:ea:7f:41:54:
34:b5:04:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQtYg9+VfBvc7R4He4GZb3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDMxMDkzMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTllZjA0MGMxYjg5YTZkOTNhNzA1YzQyNTY1Mzk3ODIxMDYxMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFBOW1oUks5sWBtkkCWaGESp10Ul
TqQf732hWcrf0iQqCY9igqkYypcEPA2Mho/SxP2sUtb9MpG7jqy57XndT/S8kGIE
tC2oZucBT3YOaoVd3R5xOL9366UaI6DTkOLVwCq6MPk9kTBoh5gn1BAT0cA+Tomg
QXwt+JsfozpgeweHpDSSbFBjLHKGy+S9EDOjnRLmc8cjn9awP1NZeFPhLC/ABPCb
pZado3Glvkxi9E8TCq/By7tYn6J7b9Jh8nKFYlxFaZTPJo9fpXFOztoLqCC/kLga
q0baEGIdjSCGKV285aa2gN2C6GSWqdvb7+2qB//WpAV40VE2W3uJRMKpmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPme8EDBuJptk6cFxCVlOXghBhCTMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMS1aN3dRTUc0bW0yVHB3WEVKV1U1ZUNFR0VKTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFk
MC8xL2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdW2qDAN
BgkqhkiG9w0BAQsFAAOCAQEAbmC1y4pECFNKdNu9a4gjXUCbXweHAqmxe+BXCd18
AR2k1jobZscY2TfP3Oh1irgxkCJbHKKbtN/RMKffP24XeeowCWkbFcRz1PU8A1n0
wMb41f9rpRmPjbp3jtLSlOSaGR+wpJkML0srGbDnz1+ip8mQM+s7Sidvu3fbDgm0
kOlX/yWCwACB/wmS67TTmwMnnziKM1D0OQcvBUs6eP7i8oASWE+HUl8JepSD+qQe
gfvTME+SeF0djs3GC1N3KmJKfSTIEdb4vdU8iU2gyDRmRoEbeYdY+IoN/nPwGKl8
yElSndSTYCjzkQa9zyhiFlxDZcLVKdY/p4jqf0FUNLUEXg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:27 2025 by rpki-client