Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/Zt4n6zK6KGjfkxPMspqH11FR7bI.roa
File: Zt4n6zK6KGjfkxPMspqH11FR7bI.roa (raw, json)
Hash identifier: D8oaq1fXD+UAxAgXhR+ReFzVPh5qB7qjrzhAiC7mq0o=
Subject key identifier: 66:DE:27:EB:32:BA:28:68:DF:93:13:CC:B2:9A:87:D7:51:51:ED:B2
Certificate issuer: /CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Certificate serial: 0186172E34D551E8CCB10D9711102583FB35
Authority key identifier: E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/Zt4n6zK6KGjfkxPMspqH11FR7bI.roa
Signing time: Fri 03 Feb 2023 12:09:09 +0000
ROA not before: Fri 03 Feb 2023 12:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202551
IP address blocks: 185.160.208.0/22 maxlen: 22
2a0e:47c7:1000::/48 maxlen: 48
2a07:c000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:2e:34:d5:51:e8:cc:b1:0d:97:11:10:25:83:fb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Validity
Not Before: Feb 3 12:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66de27eb32ba2868df9313ccb29a87d75151edb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6c:72:4b:df:93:9c:2f:b9:f6:1e:9b:43:4a:
95:91:1e:c6:7d:cb:28:0b:7a:79:69:01:ce:0f:35:
73:13:ae:6b:13:7d:5d:16:69:48:cc:ed:21:dd:0f:
b4:ce:9c:21:7d:3a:63:46:d2:10:e5:56:4a:f5:d0:
e1:c3:c6:fa:51:b5:53:8a:2f:7f:01:ca:d2:37:fb:
77:a8:81:80:25:25:e2:1e:d6:a6:fc:74:d1:1f:43:
96:8a:20:5e:a2:59:49:d9:2f:6c:5d:8d:fe:17:5d:
d8:e8:0f:cd:73:55:f0:fb:6e:7e:00:05:4b:f1:56:
52:ff:a6:b9:57:d6:fe:40:e8:99:60:70:db:14:f9:
2d:6a:74:7a:16:da:29:63:4a:f1:92:fb:72:49:4e:
97:66:4d:2e:2a:0e:a1:80:a6:cf:d1:1a:04:c8:2c:
1e:81:06:aa:f9:8d:07:b9:3e:25:9b:2b:8d:84:1c:
55:90:3d:9e:63:eb:34:b4:0d:ee:5c:53:8d:a8:0c:
be:1a:7e:2b:37:bc:ce:82:e6:14:0e:f7:0c:44:c0:
ae:da:67:0d:2f:73:cf:ef:e3:07:15:ab:ee:91:9b:
ce:6a:45:0a:05:33:02:2a:97:8b:83:ea:21:c3:a4:
de:4d:ef:39:86:67:fa:b1:78:50:3a:4d:df:6b:37:
b5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DE:27:EB:32:BA:28:68:DF:93:13:CC:B2:9A:87:D7:51:51:ED:B2
X509v3 Authority Key Identifier:
keyid:E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/Zt4n6zK6KGjfkxPMspqH11FR7bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.208.0/22
IPv6:
2a07:c000::/29
2a0e:47c7:1000::/48
Signature Algorithm: sha256WithRSAEncryption
1c:a8:4c:f0:ba:5c:46:6f:c2:82:74:8e:b1:6e:b0:11:d7:e9:
1b:e1:32:23:7a:57:88:14:78:5e:e1:22:b8:9f:a5:24:78:2e:
1b:cf:90:3b:72:c4:99:da:2a:18:eb:0e:72:fd:b4:df:21:9a:
45:79:a7:e3:66:6e:80:b2:0a:7e:38:66:51:2b:95:10:19:09:
95:0f:46:84:44:a9:6e:97:0a:42:54:c9:14:c6:47:41:50:55:
f3:94:45:bb:47:41:a7:bd:a5:91:f6:25:73:84:a4:db:95:b0:
a5:64:dd:6c:17:ac:11:04:87:44:ee:08:91:bb:27:44:3d:38:
fe:14:2f:a3:d9:e6:00:e6:ef:ef:cb:ed:11:69:d4:2b:f5:23:
1d:13:c0:2d:cb:3d:f6:c9:38:2e:92:aa:25:bb:88:58:0d:96:
ee:bc:fd:46:16:e2:24:96:d3:ee:4d:53:c5:70:94:b6:1f:48:
89:6c:63:96:02:f7:6d:2d:a2:5d:3f:c9:ca:56:53:68:f0:67:
d5:93:76:aa:ee:8e:7c:c3:0f:05:39:34:6a:82:72:a5:f8:69:
e7:51:8f:ac:4c:77:38:70:d5:62:50:fb:fa:9f:65:ee:89:38:
02:5d:5b:bf:79:79:c5:b3:18:07:00:6f:36:8e:c3:3b:a5:68:
2e:78:d1:3b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYXLjTVUejMsQ2XERAlg/s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4OGMwNDc3MWUyYmZhYzhmNjBmMWI0YzljYmQwOTNhYWZl
YTk3NGUwHhcNMjMwMjAzMTIwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmRlMjdlYjMyYmEyODY4ZGY5MzEzY2NiMjlhODdkNzUxNTFlZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GxyS9+TnC+59h6bQ0qVkR7Gfcso
C3p5aQHODzVzE65rE31dFmlIzO0h3Q+0zpwhfTpjRtIQ5VZK9dDhw8b6UbVTii9/
AcrSN/t3qIGAJSXiHtam/HTRH0OWiiBeollJ2S9sXY3+F13Y6A/Nc1Xw+25+AAVL
8VZS/6a5V9b+QOiZYHDbFPktanR6FtopY0rxkvtySU6XZk0uKg6hgKbP0RoEyCwe
gQaq+Y0HuT4lmyuNhBxVkD2eY+s0tA3uXFONqAy+Gn4rN7zOguYUDvcMRMCu2mcN
L3PP7+MHFavukZvOakUKBTMCKpeLg+ohw6TeTe85hmf6sXhQOk3faze16QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGbeJ+syuiho35MTzLKah9dRUe2yMB8GA1UdIwQY
MBaAFOiMBHceK/rI9g8bTJy9CTqv6pdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUt
YmE2NDVmMTk5MTVhLzEvWnQ0bjZ6SzZLR2pma3hQTXNwcUgxMUZSN2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUtYmE2NDVmMTk5MTVh
LzEvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuaDQMBYE
AgACMBADBQMqB8AAAwcAKg5HxxAAMA0GCSqGSIb3DQEBCwUAA4IBAQAcqEzwulxG
b8KCdI6xbrAR1+kb4TIjeleIFHhe4SK4n6UkeC4bz5A7csSZ2ioY6w5y/bTfIZpF
eafjZm6Asgp+OGZRK5UQGQmVD0aERKlulwpCVMkUxkdBUFXzlEW7R0GnvaWR9iVz
hKTblbClZN1sF6wRBIdE7giRuydEPTj+FC+j2eYA5u/vy+0RadQr9SMdE8Atyz32
yTgukqolu4hYDZbuvP1GFuIkltPuTVPFcJS2H0iJbGOWAvdtLaJdP8nKVlNo8GfV
k3aq7o58ww8FOTRqgnKl+GnnUY+sTHc4cNViUPv6n2XuiTgCXVu/eXnFsxgHAG82
jsM7pWgueNE7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:09 2025 by rpki-client