Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/zq47BFIJjrrFyK1oUUZsek0O3Ik.roa
File: zq47BFIJjrrFyK1oUUZsek0O3Ik.roa (raw, json)
Hash identifier: vTDUK4rcxWreK5rn1wkZCXjvQuBezqzBlU0uz6U/QK0=
Subject key identifier: CE:AE:3B:04:52:09:8E:BA:C5:C8:AD:68:51:46:6C:7A:4D:0E:DC:89
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 018570F08E1759999B9DC1842C6216F9C486
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/zq47BFIJjrrFyK1oUUZsek0O3Ik.roa
Signing time: Mon 02 Jan 2023 05:24:51 +0000
ROA not before: Mon 02 Jan 2023 05:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203802
IP address blocks: 185.123.80.0/22 maxlen: 22
185.123.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:8e:17:59:99:9b:9d:c1:84:2c:62:16:f9:c4:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 2 05:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceae3b0452098ebac5c8ad6851466c7a4d0edc89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d0:8b:d4:e1:8c:f4:dc:c2:54:62:2c:da:83:
63:18:54:49:ff:70:2a:09:cf:dc:20:5a:f6:ac:b6:
96:97:2c:a3:c5:62:fb:fa:46:20:b9:df:8c:3b:8a:
20:d9:3e:46:3e:e8:08:33:2d:b5:11:24:7b:e3:b4:
5f:4f:86:38:f4:b2:0e:79:03:cb:f4:5e:28:31:46:
ca:76:a7:7d:f0:3b:28:3d:8c:94:c8:b6:75:6d:51:
62:75:e1:9e:2c:6b:26:d7:26:ad:c8:dc:14:98:c6:
d5:f3:54:0b:fd:1e:5e:e8:ba:82:a1:d2:7a:6b:ad:
b3:b1:90:42:47:9d:12:9b:a0:33:ee:aa:b8:44:6e:
22:1a:69:8d:8d:f4:89:b6:30:5d:55:ad:5d:a0:0e:
0c:f6:6e:d1:83:ad:64:1e:99:ae:fa:0a:9b:f5:db:
63:dc:1a:10:ad:aa:3b:9d:8d:75:0f:5c:3b:76:63:
40:e5:24:e6:f6:ac:8e:23:34:33:9a:ba:77:52:0e:
fa:fa:46:40:80:67:f4:83:cf:dc:7d:f3:16:fa:aa:
c1:ea:7e:16:0c:d0:bf:66:2c:81:16:14:80:ae:4c:
f9:58:e1:be:19:f5:24:68:04:ac:39:14:c0:20:6e:
42:16:35:66:b2:28:9a:ff:36:e1:2e:82:15:e2:4b:
a5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AE:3B:04:52:09:8E:BA:C5:C8:AD:68:51:46:6C:7A:4D:0E:DC:89
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/zq47BFIJjrrFyK1oUUZsek0O3Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.80.0/22
Signature Algorithm: sha256WithRSAEncryption
26:ec:8f:33:c7:99:82:f6:c1:6e:1b:07:4e:32:53:22:a1:6d:
5b:1a:a7:38:c7:db:c8:36:d2:c2:b3:94:f5:1b:65:30:dd:55:
c2:95:af:88:d6:b4:b1:6a:1b:51:60:f9:49:74:50:9d:c7:88:
f8:51:05:bb:c3:30:5b:54:fc:d2:c2:04:aa:45:da:56:55:4e:
04:fb:81:6f:c2:0e:d2:b7:2c:fc:be:a9:53:28:47:67:29:58:
88:12:f0:b9:c4:f3:95:15:a3:b3:ce:40:d5:68:b7:8a:f4:cc:
7a:09:e1:de:ea:e5:b0:33:45:82:56:ec:bb:60:f2:71:d7:30:
92:f8:00:a7:a9:c4:97:9f:53:a7:04:42:5b:aa:8e:c3:62:2d:
1c:f1:25:99:48:03:96:c8:d9:69:e3:da:ad:c7:38:d9:4f:b7:
18:16:48:bd:54:00:b4:8e:65:27:44:19:44:eb:0c:f4:ff:37:
30:0c:eb:69:ed:a5:7d:d1:81:34:bd:ce:9f:70:76:e9:02:9e:
15:00:a5:fc:56:79:02:82:e2:7a:68:71:52:40:0b:f6:ad:d6:
64:60:12:32:3d:8d:f3:a4:c9:54:ae:40:3a:2d:bb:a6:66:8d:
4a:bf:57:5c:5f:0d:0b:a3:10:cf:6e:aa:37:eb:24:6b:f4:68:
37:79:b1:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8I4XWZmbncGELGIW+cSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjMwMTAyMDUyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFlM2IwNDUyMDk4ZWJhYzVjOGFkNjg1MTQ2NmM3YTRkMGVkYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtCL1OGM9NzCVGIs2oNjGFRJ/3Aq
Cc/cIFr2rLaWlyyjxWL7+kYgud+MO4og2T5GPugIMy21ESR747RfT4Y49LIOeQPL
9F4oMUbKdqd98DsoPYyUyLZ1bVFideGeLGsm1yatyNwUmMbV81QL/R5e6LqCodJ6
a62zsZBCR50Sm6Az7qq4RG4iGmmNjfSJtjBdVa1doA4M9m7Rg61kHpmu+gqb9dtj
3BoQrao7nY11D1w7dmNA5STm9qyOIzQzmrp3Ug76+kZAgGf0g8/cffMW+qrB6n4W
DNC/ZiyBFhSArkz5WOG+GfUkaASsORTAIG5CFjVmsiia/zbhLoIV4kulnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6uOwRSCY66xcitaFFGbHpNDtyJMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvenE0N0JGSUpqcnJGeUsxb1VVWnNlazBPM0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXtQMA0G
CSqGSIb3DQEBCwUAA4IBAQAm7I8zx5mC9sFuGwdOMlMioW1bGqc4x9vINtLCs5T1
G2Uw3VXCla+I1rSxahtRYPlJdFCdx4j4UQW7wzBbVPzSwgSqRdpWVU4E+4Fvwg7S
tyz8vqlTKEdnKViIEvC5xPOVFaOzzkDVaLeK9Mx6CeHe6uWwM0WCVuy7YPJx1zCS
+ACnqcSXn1OnBEJbqo7DYi0c8SWZSAOWyNlp49qtxzjZT7cYFki9VAC0jmUnRBlE
6wz0/zcwDOtp7aV90YE0vc6fcHbpAp4VAKX8VnkCguJ6aHFSQAv2rdZkYBIyPY3z
pMlUrkA6LbumZo1Kv1dcXw0LoxDPbqo36yRr9Gg3ebH4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:53 2025 by rpki-client