Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CZiPCcc-93auxe-02TDfEurxZAo.roa
File: CZiPCcc-93auxe-02TDfEurxZAo.roa (raw, json)
Hash identifier: IqkxHPVvbpH+0XnPhkkq8+hLTz/3ho0c8JEqdZ1uoJM=
Subject key identifier: 09:98:8F:09:C7:3E:F7:76:AE:C5:EF:B4:D9:30:DF:12:EA:F1:64:0A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01842D620F396B9220D8AEADA6A4394D52D6
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CZiPCcc-93auxe-02TDfEurxZAo.roa
Signing time: Mon 31 Oct 2022 09:31:51 +0000
ROA not before: Mon 31 Oct 2022 09:31:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59722
IP address blocks: 217.195.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:62:0f:39:6b:92:20:d8:ae:ad:a6:a4:39:4d:52:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 31 09:31:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09988f09c73ef776aec5efb4d930df12eaf1640a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2f:09:b7:40:41:f6:70:64:a6:9d:ad:a4:27:
2a:56:dc:f0:56:d1:05:bb:ff:8a:30:ec:ab:37:ed:
2f:ec:14:b8:44:9a:65:1b:ad:8c:f9:3b:14:23:71:
21:f2:c2:5e:47:a8:03:2b:62:b6:d0:bc:74:4d:ea:
17:35:89:dd:35:35:53:f6:b9:4c:dd:88:c4:53:b4:
a6:fc:59:fa:a0:92:e5:56:55:fd:0c:75:ae:1d:f6:
4f:4b:39:1e:8e:2b:46:b7:f2:8a:a7:d2:ef:c1:fb:
0d:23:1d:36:12:5c:73:b0:e6:96:a2:81:03:8b:bf:
3f:c8:2e:d9:e4:a9:3c:18:c5:1a:ed:0a:76:eb:92:
ea:31:29:b7:5a:a6:f7:e8:2c:f9:e1:28:41:50:07:
e2:aa:31:87:0f:60:1d:eb:6e:0d:4c:48:92:46:a0:
c8:94:9b:4c:15:c7:0c:8c:59:0a:38:e6:b7:43:cf:
5a:03:b2:61:29:8c:27:41:a3:85:53:f1:12:8e:ec:
65:22:15:3b:e1:fb:0e:0b:e8:56:50:59:03:15:18:
53:30:d4:26:f9:cd:b0:a3:da:19:40:9c:cb:a1:a1:
5f:55:dd:12:0a:59:76:70:ff:7f:c5:0b:ec:94:28:
1c:da:86:d3:f0:c9:42:cc:4e:32:62:fb:c7:8c:cc:
50:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:98:8F:09:C7:3E:F7:76:AE:C5:EF:B4:D9:30:DF:12:EA:F1:64:0A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CZiPCcc-93auxe-02TDfEurxZAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.195.76.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:c1:f4:3e:dc:ce:2c:74:b7:9d:88:c3:42:39:13:91:e6:d0:
60:00:ce:1a:7f:f7:45:2e:7b:e1:dd:e3:66:f9:82:81:6c:1d:
f5:ea:ab:9e:5a:65:bf:cb:f7:11:91:e6:e5:e2:f6:8c:d1:a2:
99:47:c1:08:da:3b:19:dc:33:db:ae:dc:ab:24:71:6d:58:29:
63:a5:7c:22:4e:53:56:17:0c:d9:ae:25:94:1c:a8:59:37:6c:
e8:e8:60:a4:4c:c4:43:71:06:7c:22:4e:12:bd:d1:a2:83:45:
fb:33:3e:51:d3:f5:01:b2:19:15:24:55:8a:32:98:1c:d0:0a:
9c:5f:55:1c:45:f0:77:29:66:a9:d8:bc:9e:2d:f2:90:cc:a6:
9f:0b:c6:17:ca:7c:dc:43:bf:98:97:93:0b:8e:14:8c:a7:18:
47:ec:83:77:74:39:3d:88:13:4d:34:56:8c:da:3b:7f:86:10:
43:aa:b0:99:5d:7c:86:13:ff:8a:13:54:b2:e1:04:f4:b5:9f:
22:44:f1:ed:18:70:f7:2d:54:70:19:52:0c:44:ba:f2:0c:94:
67:4b:e8:d5:56:24:23:34:9f:4b:18:e3:d6:50:43:72:96:ba:
6c:b6:a3:8e:4b:d5:28:1c:ac:72:95:5e:54:f0:f3:a7:45:6e:
45:b1:71:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQtYg85a5Ig2K6tpqQ5TVLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDMxMDkzMTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk4OGYwOWM3M2VmNzc2YWVjNWVmYjRkOTMwZGYxMmVhZjE2NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS8Jt0BB9nBkpp2tpCcqVtzwVtEF
u/+KMOyrN+0v7BS4RJplG62M+TsUI3Eh8sJeR6gDK2K20Lx0TeoXNYndNTVT9rlM
3YjEU7Sm/Fn6oJLlVlX9DHWuHfZPSzkejitGt/KKp9LvwfsNIx02ElxzsOaWooED
i78/yC7Z5Kk8GMUa7Qp265LqMSm3Wqb36Cz54ShBUAfiqjGHD2Ad624NTEiSRqDI
lJtMFccMjFkKOOa3Q89aA7JhKYwnQaOFU/ESjuxlIhU74fsOC+hWUFkDFRhTMNQm
+c2wo9oZQJzLoaFfVd0SCll2cP9/xQvslCgc2obT8MlCzE4yYvvHjMxQcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmYjwnHPvd2rsXvtNkw3xLq8WQKMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQ1ppUENjYy05M2F1eGUtMDJURGZFdXJ4WkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cNMMA0G
CSqGSIb3DQEBCwUAA4IBAQCcwfQ+3M4sdLediMNCOROR5tBgAM4af/dFLnvh3eNm
+YKBbB316queWmW/y/cRkebl4vaM0aKZR8EI2jsZ3DPbrtyrJHFtWCljpXwiTlNW
FwzZriWUHKhZN2zo6GCkTMRDcQZ8Ik4SvdGig0X7Mz5R0/UBshkVJFWKMpgc0Aqc
X1UcRfB3KWap2LyeLfKQzKafC8YXynzcQ7+Yl5MLjhSMpxhH7IN3dDk9iBNNNFaM
2jt/hhBDqrCZXXyGE/+KE1Sy4QT0tZ8iRPHtGHD3LVRwGVIMRLryDJRnS+jVViQj
NJ9LGOPWUENylrpstqOOS9UoHKxylV5U8POnRW5FsXEz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:03 2025 by rpki-client