Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/z7hlBq4I1ODAWzlMzcvrDB95hq4.roa
File: z7hlBq4I1ODAWzlMzcvrDB95hq4.roa (raw, json)
Hash identifier: zE5TJfQzsxQJ+B0EhgcktLrRhVCRIM0OYJ97Ti9/Czo=
Subject key identifier: CF:B8:65:06:AE:08:D4:E0:C0:5B:39:4C:CD:CB:EB:0C:1F:79:86:AE
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01841DB28FE08112EE50D486F83AF774B8CB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/z7hlBq4I1ODAWzlMzcvrDB95hq4.roa
Signing time: Fri 28 Oct 2022 08:25:52 +0000
ROA not before: Fri 28 Oct 2022 08:25:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44915
IP address blocks: 188.164.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:b2:8f:e0:81:12:ee:50:d4:86:f8:3a:f7:74:b8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 28 08:25:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfb86506ae08d4e0c05b394ccdcbeb0c1f7986ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0e:6f:8b:c1:77:3d:58:87:e6:40:8d:99:12:
fe:79:95:eb:33:a9:dd:bc:38:63:66:87:65:de:c1:
ab:4e:a1:3e:90:fb:74:56:7b:84:bc:98:2b:a9:a6:
76:50:d5:6c:d4:ee:5f:11:e7:d3:29:d4:4f:0f:00:
a4:36:71:6e:48:fd:03:7d:32:d2:90:df:76:78:e9:
05:dc:70:b4:7b:8f:7f:f2:75:53:fb:1e:66:ef:a0:
f5:69:af:b8:bd:51:99:d9:5d:03:12:4d:67:e5:98:
02:6a:bc:1b:e1:f0:2c:7a:87:ff:cf:0b:f5:3e:43:
81:d2:65:69:a2:db:4f:50:17:65:ab:05:68:47:ba:
ff:c9:bf:01:e1:18:95:59:ef:20:91:45:a0:ad:07:
80:3a:77:fe:0f:f3:3f:d8:fd:61:41:b8:26:5b:f5:
f5:1e:21:cd:67:7c:1c:5b:85:38:37:1e:b8:a3:7c:
fb:05:2b:69:79:c5:a2:5a:9a:67:7c:79:9f:b8:27:
27:a2:68:d3:f6:4f:83:cf:4d:e0:9b:f6:4b:fd:95:
42:1e:73:b7:4f:fb:ea:4a:ba:06:ba:d3:98:91:80:
a4:21:3c:85:7b:c5:eb:33:13:b2:3b:ae:13:17:9f:
27:2b:24:84:8f:ac:63:bf:3f:34:c1:58:23:4b:ab:
07:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B8:65:06:AE:08:D4:E0:C0:5B:39:4C:CD:CB:EB:0C:1F:79:86:AE
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/z7hlBq4I1ODAWzlMzcvrDB95hq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.164.213.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c5:0f:d8:e7:c8:b0:f7:54:10:79:01:11:7c:fd:9f:0f:8e:
ec:54:f4:a1:be:90:43:c8:f9:b4:7f:06:11:4b:73:06:e0:72:
e1:92:81:09:68:74:c3:6b:f0:16:88:50:3b:97:e7:b5:e5:7e:
2a:94:5b:ea:3c:c9:67:d1:0b:d4:60:8f:76:71:88:b9:a0:0f:
3f:17:43:ee:91:74:be:39:f2:61:43:16:a1:dc:af:e2:07:2b:
d1:7c:ce:db:86:e7:48:9d:fb:f0:0e:cb:73:ee:3f:eb:fa:98:
c3:ea:43:02:a2:6c:74:9c:20:1b:c3:62:74:0a:01:09:d4:5c:
7b:6f:01:49:05:fc:55:31:b2:e1:53:63:c3:fb:94:9a:07:65:
ee:35:82:fe:e8:0c:63:25:1e:59:9a:00:0a:e8:f4:da:fb:23:
be:5a:47:bf:e9:8e:e4:c4:86:70:f1:39:dc:ac:3f:7a:34:2d:
bd:73:bd:75:53:f5:bf:be:23:84:45:5a:9a:10:58:cc:ee:c3:
7d:0a:50:a9:26:f0:c2:4f:56:71:0c:10:fd:42:3d:e6:f1:a1:
c9:03:99:3c:75:76:c5:14:93:fb:bb:05:0a:29:1a:1f:5c:80:
16:d9:3e:fb:5f:8f:bb:42:b4:86:d9:be:65:cc:9e:ba:3a:fb:
15:e9:ea:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQdso/ggRLuUNSG+Dr3dLjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI4MDgyNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI4NjUwNmFlMDhkNGUwYzA1YjM5NGNjZGNiZWIwYzFmNzk4NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow5vi8F3PViH5kCNmRL+eZXrM6nd
vDhjZodl3sGrTqE+kPt0VnuEvJgrqaZ2UNVs1O5fEefTKdRPDwCkNnFuSP0DfTLS
kN92eOkF3HC0e49/8nVT+x5m76D1aa+4vVGZ2V0DEk1n5ZgCarwb4fAseof/zwv1
PkOB0mVpottPUBdlqwVoR7r/yb8B4RiVWe8gkUWgrQeAOnf+D/M/2P1hQbgmW/X1
HiHNZ3wcW4U4Nx64o3z7BStpecWiWppnfHmfuCcnomjT9k+Dz03gm/ZL/ZVCHnO3
T/vqSroGutOYkYCkITyFe8XrMxOyO64TF58nKySEj6xjvz80wVgjS6sHOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+4ZQauCNTgwFs5TM3L6wwfeYauMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvejdobEJxNEkxT0RBV3psTXpjdnJEQjk1aHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvKTVMA0G
CSqGSIb3DQEBCwUAA4IBAQAoxQ/Y58iw91QQeQERfP2fD47sVPShvpBDyPm0fwYR
S3MG4HLhkoEJaHTDa/AWiFA7l+e15X4qlFvqPMln0QvUYI92cYi5oA8/F0PukXS+
OfJhQxah3K/iByvRfM7bhudInfvwDstz7j/r+pjD6kMComx0nCAbw2J0CgEJ1Fx7
bwFJBfxVMbLhU2PD+5SaB2XuNYL+6AxjJR5ZmgAK6PTa+yO+Wke/6Y7kxIZw8Tnc
rD96NC29c711U/W/viOERVqaEFjM7sN9ClCpJvDCT1ZxDBD9Qj3m8aHJA5k8dXbF
FJP7uwUKKRofXIAW2T77X4+7QrSG2b5lzJ66OvsV6epG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:05 2025 by rpki-client