Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/zNpXYAHalsMCuv-oZ5vXOO3HNdY.roa
File: zNpXYAHalsMCuv-oZ5vXOO3HNdY.roa (raw, json)
Hash identifier: ABsLBKKErnItm2fGY2BmRBzmiKXYttp6XZHnLr02Xqg=
Subject key identifier: CC:DA:57:60:01:DA:96:C3:02:BA:FF:A8:67:9B:D7:38:ED:C7:35:D6
Certificate issuer: /CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Certificate serial: 0189511A67626A4CF10C691394C8AC0C8D6B
Authority key identifier: D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/zNpXYAHalsMCuv-oZ5vXOO3HNdY.roa
Signing time: Thu 13 Jul 2023 21:13:52 +0000
ROA not before: Thu 13 Jul 2023 21:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 89.252.182.0/24 maxlen: 24
89.252.185.0/24 maxlen: 24
89.252.184.0/24 maxlen: 24
89.252.183.0/24 maxlen: 24
45.84.189.0/24 maxlen: 24
2a0f:e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:51:1a:67:62:6a:4c:f1:0c:69:13:94:c8:ac:0c:8d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Validity
Not Before: Jul 13 21:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccda576001da96c302baffa8679bd738edc735d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a8:3e:d5:db:66:39:19:37:be:eb:b3:b0:cc:
76:31:42:3b:ea:c0:dc:05:ee:61:23:c6:ae:bb:cf:
e3:af:46:aa:f8:97:1e:34:15:21:bf:ac:b2:a3:a9:
85:84:b9:11:36:ee:ad:87:43:ad:09:2b:b1:3b:6a:
eb:db:bc:44:4d:2d:04:78:c8:90:20:c4:c5:70:7a:
a2:8e:8d:2c:b0:f8:27:33:54:6f:f7:a2:9c:94:f2:
69:27:b3:37:33:52:4d:39:27:cd:42:1b:94:0b:af:
f7:5f:0d:20:65:31:ef:21:4f:71:8c:20:5d:1f:49:
41:fb:d2:80:8b:43:c0:10:23:02:18:48:71:7d:47:
20:bb:47:35:60:b5:5c:a4:5a:4d:93:f9:04:fd:7f:
0c:cc:74:0a:42:c5:15:03:be:c4:88:17:be:f0:41:
d3:58:ce:7d:cd:91:68:3e:3e:3d:4f:d0:18:01:88:
62:0b:09:02:01:23:43:5c:63:97:39:8e:df:3b:34:
94:46:c5:26:31:8a:63:a7:b6:7a:37:64:52:8d:6e:
ad:b8:0d:bd:0e:91:cc:ec:f4:17:f5:20:8a:df:3c:
f2:ad:2a:f5:ad:4e:fe:5e:2e:1f:5c:43:83:91:87:
b4:31:90:a3:ea:4d:63:27:c2:e2:6b:65:16:43:3b:
09:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DA:57:60:01:DA:96:C3:02:BA:FF:A8:67:9B:D7:38:ED:C7:35:D6
X509v3 Authority Key Identifier:
keyid:D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/zNpXYAHalsMCuv-oZ5vXOO3HNdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.189.0/24
89.252.182.0-89.252.185.255
IPv6:
2a0f:e80::/29
Signature Algorithm: sha256WithRSAEncryption
85:69:c7:08:12:d3:87:bd:df:e8:a4:ff:be:8a:5a:55:16:4b:
3a:7a:e5:3b:66:3a:64:8f:a7:7d:19:f0:cd:91:f4:ec:2d:c3:
1d:d7:0f:5c:dd:ef:e3:bb:d8:e0:d7:95:6a:b2:28:a8:cd:2d:
69:78:be:07:72:2b:5e:21:53:58:91:b8:0a:93:a3:e5:db:46:
cb:d1:06:ee:fe:20:8c:da:13:59:2d:18:e4:85:e1:97:c2:86:
a0:51:62:d5:cd:d9:12:7e:50:65:33:d0:bf:ca:2a:fd:09:4e:
65:83:0e:9e:16:5f:98:73:80:57:07:91:0d:76:f9:df:b7:61:
01:af:48:87:0d:32:44:2b:22:bf:e4:0e:31:a1:b0:66:88:24:
bb:0a:29:e5:39:07:90:20:10:ad:65:3a:aa:28:24:80:94:57:
a4:88:b2:9d:d7:b0:78:5c:89:1b:14:1d:f9:21:4f:92:16:f6:
30:c7:fd:f7:b7:7d:4b:1a:97:5f:06:0d:52:8d:38:a1:b5:93:
ce:aa:2d:19:e1:b2:6d:6f:d2:95:48:28:d7:3f:28:67:9b:fe:
36:03:e0:76:62:88:fa:3e:82:3c:5c:3a:87:86:76:42:3f:e0:
32:0f:f5:48:17:05:54:3f:f8:26:b7:31:3b:16:f8:b2:c8:5b:
3b:f9:94:6f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYlRGmdiakzxDGkTlMisDI1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2ExYTcwNmFiY2ZiZTFiODU4NjUyMzhkODQzNWVlMzNl
NzU4MjAwHhcNMjMwNzEzMjExMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2RhNTc2MDAxZGE5NmMzMDJiYWZmYTg2NzliZDczOGVkYzczNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6g+1dtmORk3vuuzsMx2MUI76sDc
Be5hI8auu8/jr0aq+JceNBUhv6yyo6mFhLkRNu6th0OtCSuxO2rr27xETS0EeMiQ
IMTFcHqijo0ssPgnM1Rv96KclPJpJ7M3M1JNOSfNQhuUC6/3Xw0gZTHvIU9xjCBd
H0lB+9KAi0PAECMCGEhxfUcgu0c1YLVcpFpNk/kE/X8MzHQKQsUVA77EiBe+8EHT
WM59zZFoPj49T9AYAYhiCwkCASNDXGOXOY7fOzSURsUmMYpjp7Z6N2RSjW6tuA29
DpHM7PQX9SCK3zzyrSr1rU7+Xi4fXEODkYe0MZCj6k1jJ8Lia2UWQzsJ7QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMzaV2AB2pbDArr/qGeb1zjtxzXWMB8GA1UdIwQY
MBaAFNHKGnBqvPvhuFhlI42ENe4z51ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzIt
ZThmN2ZkM2E0MDc4LzEvek5wWFlBSGFsc01DdXYtb1o1dlhPTzNITmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzItZThmN2ZkM2E0MDc4
LzEvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQALVS9MAwD
BAFZ/LYDBAFZ/LgwDQQCAAIwBwMFAyoPDoAwDQYJKoZIhvcNAQELBQADggEBAIVp
xwgS04e93+ik/76KWlUWSzp65TtmOmSPp30Z8M2R9Owtwx3XD1zd7+O72ODXlWqy
KKjNLWl4vgdyK14hU1iRuAqTo+XbRsvRBu7+IIzaE1ktGOSF4ZfChqBRYtXN2RJ+
UGUz0L/KKv0JTmWDDp4WX5hzgFcHkQ12+d+3YQGvSIcNMkQrIr/kDjGhsGaIJLsK
KeU5B5AgEK1lOqooJICUV6SIsp3XsHhciRsUHfkhT5IW9jDH/fe3fUsal18GDVKN
OKG1k86qLRnhsm1v0pVIKNc/KGeb/jYD4HZiiPo+gjxcOoeGdkI/4DIP9UgXBVQ/
+Ca3MTsW+LLIWzv5lG8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:49 2025 by rpki-client