Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zm2PxDgKgMbX-iyEsEvUTNo-GQ4.roa
File: zm2PxDgKgMbX-iyEsEvUTNo-GQ4.roa (raw, json)
Hash identifier: R7HaAalBwMzqyUftwzEDymaFTSgLn/ijjUAlo0VkbVE=
Subject key identifier: CE:6D:8F:C4:38:0A:80:C6:D7:FA:2C:84:B0:4B:D4:4C:DA:3E:19:0E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42621E63
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zm2PxDgKgMbX-iyEsEvUTNo-GQ4.roa
Signing time: Sat 01 Jan 2022 14:03:05 +0000
ROA not before: Sat 01 Jan 2022 14:03:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31800
IP address blocks: 194.68.45.0/24 maxlen: 24
194.14.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1113726563 (0x42621e63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce6d8fc4380a80c6d7fa2c84b04bd44cda3e190e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:36:d1:bf:a1:68:a8:14:65:76:c9:f4:98:0f:
ca:cb:a5:f4:55:e6:da:43:fa:28:a0:a7:f0:e5:b9:
0e:31:af:b6:04:e7:b7:dd:0c:5c:fb:59:f4:fc:1a:
a6:13:47:40:36:61:22:c8:05:10:4a:8a:6f:96:1c:
26:f7:5e:9a:9c:c4:3d:ad:dc:bf:0b:1a:90:c1:5f:
b9:18:36:30:e1:bc:77:4e:c3:80:3f:a6:06:d4:55:
10:4d:c2:6e:a4:63:98:77:5e:fd:a8:b7:f9:ee:da:
cb:e7:cd:e7:9a:6f:50:97:a4:79:3b:b7:4a:c9:a7:
17:11:1c:06:e7:a1:7d:5b:f1:35:d5:f8:af:9f:c6:
7d:7a:a3:45:10:da:98:5b:bf:91:c1:e1:75:7b:5b:
6b:93:6c:c6:c3:27:52:8b:59:80:ce:69:b6:60:e0:
1a:e1:b9:41:0e:1a:82:6f:b2:ad:0b:71:96:77:69:
e3:98:cd:4b:1f:a3:82:36:15:90:e0:d1:a1:cf:9d:
19:2b:31:03:d6:b0:a3:78:45:9d:77:67:c2:0c:83:
78:de:6c:4b:63:36:3a:45:c3:af:32:67:a1:df:fa:
c8:a4:06:91:df:d5:d0:7e:c8:e7:48:5f:6d:27:d0:
36:ba:79:10:d8:3b:bb:9b:97:6d:9e:2a:22:54:e8:
c2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6D:8F:C4:38:0A:80:C6:D7:FA:2C:84:B0:4B:D4:4C:DA:3E:19:0E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zm2PxDgKgMbX-iyEsEvUTNo-GQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.236.0/24
194.68.45.0/24
Signature Algorithm: sha256WithRSAEncryption
22:fc:5a:fe:8e:d1:7d:1a:6a:ac:7c:b2:9f:c1:d1:37:f6:c3:
6f:7e:37:73:a8:cd:11:2c:cb:8c:94:0a:02:42:16:b1:69:f8:
d3:65:0b:32:d6:17:86:4c:48:0e:8c:51:09:a5:8e:a4:ed:16:
ef:03:09:a7:7a:91:78:e4:4b:bb:37:ee:e9:da:01:cc:34:15:
dc:50:5d:e5:b9:6f:1d:16:b8:e3:0f:9d:38:5e:a8:57:d5:a4:
a9:4d:ed:55:07:37:b7:86:43:51:4e:a9:c9:40:bb:10:3c:ec:
83:2c:82:15:59:0e:8b:fe:1b:1e:fc:5b:c5:65:ca:fb:91:42:
bb:bf:cd:f4:01:04:4c:95:75:69:df:ff:6e:5a:0d:e8:2a:c6:
ca:dd:0f:df:3a:4a:b8:8c:92:ad:e6:10:86:d6:5e:8d:20:2e:
7e:79:93:58:c7:d1:ad:7c:13:0f:1a:8e:11:9c:5c:da:84:ed:
2f:41:81:60:04:d1:e5:3c:a6:27:b2:97:dc:3e:d1:f3:a9:b0:
eb:bd:f9:18:de:ff:f8:41:d1:47:fc:91:36:ea:26:66:8b:9e:
59:dc:2b:6f:d7:88:1b:c7:65:f7:c3:cd:20:40:17:b5:0d:55:
4f:3b:1c:6e:d3:66:c5:46:57:92:83:5d:5f:e2:e0:8d:5d:5e:
9f:c7:7b:f6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEQmIeYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U2ZDhmYzQzODBh
ODBjNmQ3ZmEyYzg0YjA0YmQ0NGNkYTNlMTkwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN820b+haKgUZXbJ9JgPysul9FXm2kP6KKCn8OW5DjGvtgTn
t90MXPtZ9PwaphNHQDZhIsgFEEqKb5YcJvdempzEPa3cvwsakMFfuRg2MOG8d07D
gD+mBtRVEE3CbqRjmHde/ai3+e7ay+fN55pvUJekeTu3SsmnFxEcBuehfVvxNdX4
r5/GfXqjRRDamFu/kcHhdXtba5NsxsMnUotZgM5ptmDgGuG5QQ4agm+yrQtxlndp
45jNSx+jgjYVkODRoc+dGSsxA9awo3hFnXdnwgyDeN5sS2M2OkXDrzJnod/6yKQG
kd/V0H7I50hfbSfQNrp5ENg7u5uXbZ4qIlTowhsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTObY/EOAqAxtf6LISwS9RM2j4ZDjAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3ptMlB4RGdLZ01iWC1peUVzRXZVVE5vLUdRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMIO7AMEAMJELTANBgkqhkiG9w0B
AQsFAAOCAQEAIvxa/o7RfRpqrHyyn8HRN/bDb343c6jNESzLjJQKAkIWsWn402UL
MtYXhkxIDoxRCaWOpO0W7wMJp3qReORLuzfu6doBzDQV3FBd5blvHRa44w+dOF6o
V9WkqU3tVQc3t4ZDUU6pyUC7EDzsgyyCFVkOi/4bHvxbxWXK+5FCu7/N9AEETJV1
ad//bloN6CrGyt0P3zpKuIySreYQhtZejSAufnmTWMfRrXwTDxqOEZxc2oTtL0GB
YATR5TymJ7KX3D7R86mw6735GN7/+EHRR/yRNuomZoueWdwrb9eIG8dl98PNIEAX
tQ1VTzscbtNmxUZXkoNdX+LgjV1en8d79g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:46 2025 by rpki-client