Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Z_1LDw-KevwLI1OkDf8s0r0fxLE.roa
File: Z_1LDw-KevwLI1OkDf8s0r0fxLE.roa (raw, json)
Hash identifier: +CEjBM56raxlqnD5WUs0i0ZMDNe4uxBGsH15xJYXYIY=
Subject key identifier: 67:FD:4B:0F:0F:8A:7A:FC:0B:23:53:A4:0D:FF:2C:D2:BD:1F:C4:B1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB121A9EF6900E2EE081F66134DA1A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Z_1LDw-KevwLI1OkDf8s0r0fxLE.roa
Signing time: Sun 01 Jan 2023 10:05:25 +0000
ROA not before: Sun 01 Jan 2023 10:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210409
IP address blocks: 193.182.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:12:1a:9e:f6:90:0e:2e:e0:81:f6:61:34:da:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67fd4b0f0f8a7afc0b2353a40dff2cd2bd1fc4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:96:8c:96:b6:1d:2a:0e:0d:01:e4:28:e4:08:
0e:38:8d:c2:b1:83:b7:45:30:4c:cf:f6:5e:97:c2:
fe:8f:d2:8e:f1:b8:b4:5a:1f:3d:30:c4:dd:c1:6f:
a2:3e:8f:01:30:ef:54:61:09:62:86:a7:6d:b5:62:
c4:8d:10:47:8d:87:96:c8:25:29:84:6f:86:39:cd:
96:5c:3e:78:e6:07:94:38:af:b9:0b:76:79:29:58:
cd:db:9b:19:db:a4:bb:7f:1d:2e:84:00:97:bd:6a:
d0:38:27:6e:6b:9d:4d:45:46:be:da:dd:fb:ee:27:
44:aa:9d:dd:dd:2a:57:06:9c:10:a3:0f:26:bc:c0:
1f:e1:36:68:e3:76:42:86:88:49:53:98:fc:db:c1:
01:d7:2b:2c:1a:69:f2:28:ea:e8:45:81:25:6e:56:
97:5f:08:b7:f3:d6:78:f8:68:67:61:c5:6b:0c:4a:
b2:f3:a5:a4:87:d1:ec:ed:14:e2:8f:73:c4:f2:bb:
8c:35:ac:aa:92:27:ff:23:18:f1:43:6c:83:fe:f8:
e4:3b:a9:0a:18:db:28:ce:da:16:b7:3c:20:46:0a:
13:ae:30:04:1f:ad:ae:c6:3f:bd:06:1c:2f:09:ef:
63:dd:38:44:3f:79:9d:d2:da:98:97:19:c2:b5:22:
f0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FD:4B:0F:0F:8A:7A:FC:0B:23:53:A4:0D:FF:2C:D2:BD:1F:C4:B1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Z_1LDw-KevwLI1OkDf8s0r0fxLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.182.7.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:eb:44:05:ec:16:25:5d:4a:93:1e:29:04:e4:c8:fe:57:a1:
89:cc:9a:d7:dc:e7:c1:4a:e7:f6:3f:c6:75:28:10:03:23:68:
3a:c8:b2:67:0f:b6:03:a7:fb:c4:05:01:08:16:d1:73:2a:df:
83:af:6f:3f:1c:f3:65:b6:82:a7:c3:8e:4f:3f:bc:4f:fe:9f:
7d:11:00:c4:b6:fa:92:d2:44:0e:f5:38:f5:37:ae:90:65:29:
a5:a3:d1:80:ce:84:09:af:db:04:df:46:c4:6c:32:97:37:53:
69:50:98:28:bc:09:0c:8e:11:fe:47:b5:5d:a2:e2:66:27:37:
42:77:c6:6e:2a:3b:aa:54:19:58:2b:af:b7:61:35:40:e7:e5:
8e:94:d6:07:92:74:62:95:d0:91:dc:6f:e7:78:d0:9b:10:ed:
5a:1f:99:dd:d1:d6:d0:d7:98:7b:95:8d:fd:92:dc:8e:e4:a6:
fa:1d:33:39:e6:01:92:91:19:1f:9a:43:a2:49:9b:95:cf:f3:
c9:c8:c8:0a:9d:37:f6:11:63:c3:09:3b:8d:47:73:13:f6:ec:
7a:50:da:24:92:69:98:58:4f:6f:2c:fc:e0:a9:67:d6:5c:54:
0d:5d:af:90:2f:f8:2f:a5:71:0c:3d:20:a0:bd:ae:10:d4:6d:
a3:7c:b2:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyxIanvaQDi7ggfZhNNoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZkNGIwZjBmOGE3YWZjMGIyMzUzYTQwZGZmMmNkMmJkMWZjNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZaMlrYdKg4NAeQo5AgOOI3CsYO3
RTBMz/Zel8L+j9KO8bi0Wh89MMTdwW+iPo8BMO9UYQlihqdttWLEjRBHjYeWyCUp
hG+GOc2WXD545geUOK+5C3Z5KVjN25sZ26S7fx0uhACXvWrQOCdua51NRUa+2t37
7idEqp3d3SpXBpwQow8mvMAf4TZo43ZChohJU5j828EB1yssGmnyKOroRYElblaX
Xwi389Z4+GhnYcVrDEqy86Wkh9Hs7RTij3PE8ruMNayqkif/IxjxQ2yD/vjkO6kK
GNsoztoWtzwgRgoTrjAEH62uxj+9BhwvCe9j3ThEP3md0tqYlxnCtSLwmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGf9Sw8Pinr8CyNTpA3/LNK9H8SxMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWl8xTER3LUtldndMSTFPa0RmOHMwcjBmeExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbYHMA0G
CSqGSIb3DQEBCwUAA4IBAQB+60QF7BYlXUqTHikE5Mj+V6GJzJrX3OfBSuf2P8Z1
KBADI2g6yLJnD7YDp/vEBQEIFtFzKt+Dr28/HPNltoKnw45PP7xP/p99EQDEtvqS
0kQO9Tj1N66QZSmlo9GAzoQJr9sE30bEbDKXN1NpUJgovAkMjhH+R7VdouJmJzdC
d8ZuKjuqVBlYK6+3YTVA5+WOlNYHknRildCR3G/neNCbEO1aH5nd0dbQ15h7lY39
ktyO5Kb6HTM55gGSkRkfmkOiSZuVz/PJyMgKnTf2EWPDCTuNR3MT9ux6UNokkmmY
WE9vLPzgqWfWXFQNXa+QL/gvpXEMPSCgva4Q1G2jfLKL
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:27 2025 by rpki-client