Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/zSVzgrM_pUZLQGedB3kwbCWTRKw.roa
File: zSVzgrM_pUZLQGedB3kwbCWTRKw.roa (raw, json)
Hash identifier: bFYYd5bPWHwY/co6jnKhsDt2MMUGG4XyIBdigplbyYU=
Subject key identifier: CD:25:73:82:B3:3F:A5:46:4B:40:67:9D:07:79:30:6C:25:93:44:AC
Certificate issuer: /CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Certificate serial: 01865B97725E6C282569013983BB01164683
Authority key identifier: AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/zSVzgrM_pUZLQGedB3kwbCWTRKw.roa
Signing time: Thu 16 Feb 2023 18:58:17 +0000
ROA not before: Thu 16 Feb 2023 18:58:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209500
IP address blocks: 193.31.7.0/24 maxlen: 24
83.229.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5b:97:72:5e:6c:28:25:69:01:39:83:bb:01:16:46:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Validity
Not Before: Feb 16 18:58:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd257382b33fa5464b40679d0779306c259344ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:17:b7:fe:88:e8:f5:6f:34:fc:6c:fe:e3:07:
c3:e6:88:12:ff:74:08:91:8a:ef:42:5b:0b:62:70:
bb:56:98:84:a0:5f:d8:c5:64:89:23:47:c7:e4:d5:
37:ec:94:f0:57:1e:44:92:8e:db:f4:6c:80:e4:e9:
7f:29:d4:40:a0:5d:eb:61:03:9f:9e:8f:4a:8e:0e:
51:e9:c2:e5:73:47:c5:0d:81:1f:cf:36:b6:9b:57:
9c:c3:69:2d:42:a5:1e:ea:81:ab:73:57:2d:18:aa:
a5:11:8f:d7:16:c8:76:df:81:83:1e:56:eb:eb:f5:
4c:8a:1a:2b:40:84:76:0b:b2:ba:b9:c1:ec:6c:9c:
57:78:1e:ae:0e:bf:46:6f:1b:f8:b5:ce:1b:a9:f1:
ff:50:31:d6:b7:5f:99:24:a9:89:ba:3a:02:28:c2:
03:46:97:17:4d:32:29:e0:fd:6d:44:2b:26:92:59:
41:40:b1:4b:fd:d3:be:72:06:fa:3f:6c:2f:c4:3a:
1b:39:91:e0:a9:2c:bf:96:5a:05:ca:e8:63:23:de:
43:e4:0f:22:96:69:d2:11:6f:2e:96:d2:c4:c6:43:
b0:1d:93:50:f1:27:b6:77:54:ff:39:06:32:9c:16:
07:3b:8b:0a:98:b3:c5:ca:71:9b:f9:c8:57:ee:6b:
2d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:25:73:82:B3:3F:A5:46:4B:40:67:9D:07:79:30:6C:25:93:44:AC
X509v3 Authority Key Identifier:
keyid:AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/zSVzgrM_pUZLQGedB3kwbCWTRKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.62.0/24
193.31.7.0/24
Signature Algorithm: sha256WithRSAEncryption
39:fe:cb:f5:d7:a3:ac:5d:1f:5e:ca:c2:df:23:c7:3a:db:54:
f1:1f:a4:cf:36:eb:85:5a:8a:a3:04:70:d2:50:64:5b:74:f3:
0e:62:fa:f9:1f:64:c0:e5:b1:00:f3:5c:3c:d3:88:78:b2:92:
24:db:7b:61:0a:fb:77:0b:e1:76:b5:1a:a1:67:3e:68:4a:eb:
27:cb:47:74:a0:fc:c0:0e:56:d7:b3:1f:df:f2:df:03:3c:bf:
c7:8c:11:c2:8f:e8:a3:3b:26:85:8f:d1:89:10:54:fb:ea:e6:
e8:98:6f:3d:10:b3:a4:20:3c:2d:5a:3e:f8:13:03:4f:b0:26:
03:bb:9e:73:1d:62:c7:77:72:b7:24:b5:84:be:14:81:15:58:
a3:d1:7b:5d:3b:24:c6:df:d7:58:59:8b:ec:8e:12:fc:c7:7a:
ed:16:de:e1:f2:65:eb:f5:3e:49:87:1d:03:89:db:79:4f:18:
ee:25:47:d8:81:7b:84:05:5b:6d:5a:17:0d:3b:3d:9f:03:16:
c5:00:f4:fe:85:21:a3:cc:a3:e8:81:cc:ce:04:29:92:a6:c6:
ab:9d:85:e5:ae:07:ab:19:c2:09:70:92:9f:4b:11:76:fa:d0:
e4:cf:f1:8a:e3:35:31:79:ab:be:79:92:2b:5d:5a:18:34:fa:
4a:46:d4:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZbl3JebCglaQE5g7sBFkaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjZlYTBmZmIyYWVlNGY3NmVlMWExMDQ4OTY5YjhiNTA2
NWRhNDUwHhcNMjMwMjE2MTg1ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI1NzM4MmIzM2ZhNTQ2NGI0MDY3OWQwNzc5MzA2YzI1OTM0NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6he3/ojo9W80/Gz+4wfD5ogS/3QI
kYrvQlsLYnC7VpiEoF/YxWSJI0fH5NU37JTwVx5Eko7b9GyA5Ol/KdRAoF3rYQOf
no9Kjg5R6cLlc0fFDYEfzza2m1ecw2ktQqUe6oGrc1ctGKqlEY/XFsh234GDHlbr
6/VMihorQIR2C7K6ucHsbJxXeB6uDr9Gbxv4tc4bqfH/UDHWt1+ZJKmJujoCKMID
RpcXTTIp4P1tRCsmkllBQLFL/dO+cgb6P2wvxDobOZHgqSy/lloFyuhjI95D5A8i
lmnSEW8ultLExkOwHZNQ8Se2d1T/OQYynBYHO4sKmLPFynGb+chX7mstEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM0lc4KzP6VGS0BnnQd5MGwlk0SsMB8GA1UdIwQY
MBaAFKz26g/7Ku5Pdu4aEEiWm4tQZdpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQt
NTU1ZjNmMThlNTRmLzEvelNWemdyTV9wVVpMUUdlZEIza3diQ1dUUkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQtNTU1ZjNmMThlNTRm
LzEvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU+U+AwQA
wR8HMA0GCSqGSIb3DQEBCwUAA4IBAQA5/sv116OsXR9eysLfI8c621TxH6TPNuuF
WoqjBHDSUGRbdPMOYvr5H2TA5bEA81w804h4spIk23thCvt3C+F2tRqhZz5oSusn
y0d0oPzADlbXsx/f8t8DPL/HjBHCj+ijOyaFj9GJEFT76ubomG89ELOkIDwtWj74
EwNPsCYDu55zHWLHd3K3JLWEvhSBFVij0XtdOyTG39dYWYvsjhL8x3rtFt7h8mXr
9T5Jhx0Didt5TxjuJUfYgXuEBVttWhcNOz2fAxbFAPT+hSGjzKPogczOBCmSpsar
nYXlrgerGcIJcJKfSxF2+tDkz/GK4zUxeau+eZIrXVoYNPpKRtTl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:30 2025 by rpki-client