Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zAh-Ui0n1iiWx6aAEn3R17auPNo.roa
File: zAh-Ui0n1iiWx6aAEn3R17auPNo.roa (raw, json)
Hash identifier: NZrfJKV/l4gugGyn2wYcynoXjtMMSM9bQddGcEPequ4=
Subject key identifier: CC:08:7E:52:2D:27:D6:28:96:C7:A6:80:12:7D:D1:D7:B6:AE:3C:DA
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB13D796B0436AB065AAAD3F661226
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zAh-Ui0n1iiWx6aAEn3R17auPNo.roa
Signing time: Sun 01 Jan 2023 10:05:26 +0000
ROA not before: Sun 01 Jan 2023 10:05:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211434
IP address blocks: 192.71.206.0/24 maxlen: 24
194.71.106.0/24 maxlen: 24
194.68.22.0/23 maxlen: 23
194.132.172.0/23 maxlen: 24
192.36.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:13:d7:96:b0:43:6a:b0:65:aa:ad:3f:66:12:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc087e522d27d62896c7a680127dd1d7b6ae3cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3c:b9:2d:e5:9f:4f:df:db:f9:b8:e3:82:77:
2e:ef:38:a0:d0:1b:02:45:5e:0b:59:7f:bd:24:16:
87:99:32:a3:d6:25:ea:55:cd:23:61:73:cd:e0:6f:
67:fd:40:3f:79:9b:16:e7:7f:00:72:a1:1c:0c:07:
ca:d2:35:d7:70:e5:e4:72:7b:57:d0:13:4e:44:51:
7f:ee:90:ca:99:5b:ef:3f:6d:d5:5c:91:ea:60:1a:
dd:15:3a:e3:96:7b:05:2d:ef:07:72:be:2e:14:7e:
95:81:66:81:1b:ee:fe:4c:fa:60:e9:94:60:68:09:
57:1c:9d:b8:c8:f3:e4:28:8a:9d:01:12:49:2a:71:
03:70:4f:0c:f7:e5:8d:cf:10:4e:87:95:66:0b:27:
c9:05:9f:a4:19:8a:07:a7:7d:ce:8a:5e:50:ed:02:
2c:26:46:ba:76:8a:2d:b7:07:06:c4:8f:78:2d:f8:
07:7f:36:fa:f9:4d:2b:a5:8f:6e:54:a4:70:10:c4:
5b:3b:a6:50:9e:a5:12:03:f5:84:d5:9b:46:9a:07:
ff:3d:b8:e0:b4:1a:fd:10:5e:da:73:76:1f:f7:0f:
5f:32:cf:d9:b7:3e:2d:45:63:c1:c0:99:5d:cd:a0:
04:3a:51:df:fc:94:8a:86:f9:d3:d5:fb:ba:7e:80:
98:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:08:7E:52:2D:27:D6:28:96:C7:A6:80:12:7D:D1:D7:B6:AE:3C:DA
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zAh-Ui0n1iiWx6aAEn3R17auPNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.200.0/24
192.71.206.0/24
194.68.22.0/23
194.71.106.0/24
194.132.172.0/23
Signature Algorithm: sha256WithRSAEncryption
29:6e:ba:1d:19:be:c3:16:b4:a5:65:54:73:6c:30:b7:23:02:
71:d5:97:5a:34:9d:25:ad:99:59:09:3f:67:11:da:80:24:20:
96:a4:13:24:dd:b1:ae:3e:e4:fc:10:36:f7:08:eb:fc:ed:74:
3a:36:f4:fc:62:39:ac:a1:27:e9:18:19:b8:60:cf:a5:c9:92:
2d:e9:f9:8a:e6:64:cd:42:d9:c5:0a:6e:71:0c:02:10:81:66:
35:23:46:17:49:76:fe:6b:2e:86:07:bf:90:e6:35:ab:17:6f:
44:fd:39:1f:15:ab:3f:03:6c:4c:f1:ee:83:05:d7:31:86:2c:
08:29:29:65:fc:92:88:bc:82:ff:75:20:86:c1:26:51:64:1c:
64:a6:d5:3e:f0:d5:fb:45:0a:fd:f2:cf:8e:23:3f:8b:a4:52:
e0:96:19:30:2a:74:c0:c6:a6:b9:14:f6:e0:c5:b6:6f:93:0a:
39:4b:bc:c5:0d:4f:2c:a6:f1:58:a9:8c:b0:2b:47:da:e2:3f:
b8:46:1b:ee:28:61:92:f4:4e:e1:1a:4e:69:c4:63:32:50:bb:
bb:a4:9a:94:3a:f6:f4:75:61:d5:4b:8d:fd:a8:fd:f2:40:14:
37:29:f5:94:64:77:57:e8:48:13:2d:86:4b:53:79:e8:ae:a7:
34:1a:1a:9b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsyxPXlrBDarBlqq0/ZhImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzA4N2U1MjJkMjdkNjI4OTZjN2E2ODAxMjdkZDFkN2I2YWUzY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDy5LeWfT9/b+bjjgncu7zig0BsC
RV4LWX+9JBaHmTKj1iXqVc0jYXPN4G9n/UA/eZsW538AcqEcDAfK0jXXcOXkcntX
0BNORFF/7pDKmVvvP23VXJHqYBrdFTrjlnsFLe8Hcr4uFH6VgWaBG+7+TPpg6ZRg
aAlXHJ24yPPkKIqdARJJKnEDcE8M9+WNzxBOh5VmCyfJBZ+kGYoHp33Oil5Q7QIs
Jka6doottwcGxI94LfgHfzb6+U0rpY9uVKRwEMRbO6ZQnqUSA/WE1ZtGmgf/Pbjg
tBr9EF7ac3Yf9w9fMs/Ztz4tRWPBwJldzaAEOlHf/JSKhvnT1fu6foCYUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMwIflItJ9YolsemgBJ90de2rjzaMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvekFoLVVpMG4xaWlXeDZhQUVuM1IxN2F1UE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwCTIAwQA
wEfOAwQBwkQWAwQAwkdqAwQBwoSsMA0GCSqGSIb3DQEBCwUAA4IBAQApbrodGb7D
FrSlZVRzbDC3IwJx1ZdaNJ0lrZlZCT9nEdqAJCCWpBMk3bGuPuT8EDb3COv87XQ6
NvT8YjmsoSfpGBm4YM+lyZIt6fmK5mTNQtnFCm5xDAIQgWY1I0YXSXb+ay6GB7+Q
5jWrF29E/TkfFas/A2xM8e6DBdcxhiwIKSll/JKIvIL/dSCGwSZRZBxkptU+8NX7
RQr98s+OIz+LpFLglhkwKnTAxqa5FPbgxbZvkwo5S7zFDU8spvFYqYywK0fa4j+4
RhvuKGGS9E7hGk5pxGMyULu7pJqUOvb0dWHVS439qP3yQBQ3KfWUZHdX6EgTLYZL
U3norqc0Ghqb
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:42 2025 by rpki-client