Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/683ffb-65eb-4972-997a-5f29c9f549e8/1/ZKED2JsVGpMjDeO7wsjG1znr36U.roa
File: ZKED2JsVGpMjDeO7wsjG1znr36U.roa (raw, json)
Hash identifier: cwWmQcgl3kIwB/PWRU/+cYDag2VBwMzdi6pnIKguZoc=
Subject key identifier: 64:A1:03:D8:9B:15:1A:93:23:0D:E3:BB:C2:C8:C6:D7:39:EB:DF:A5
Certificate issuer: /CN=e2c3fc198c772f59b8ede529856b52ea179a4e38
Certificate serial: 186367E9
Authority key identifier: E2:C3:FC:19:8C:77:2F:59:B8:ED:E5:29:85:6B:52:EA:17:9A:4E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sP8GYx3L1m47eUphWtS6heaTjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/683ffb-65eb-4972-997a-5f29c9f549e8/1/ZKED2JsVGpMjDeO7wsjG1znr36U.roa
Signing time: Sat 01 Jan 2022 09:57:26 +0000
ROA not before: Sat 01 Jan 2022 09:57:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39628
IP address blocks: 194.50.97.0/24 maxlen: 24
2001:67c:314::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409167849 (0x186367e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c3fc198c772f59b8ede529856b52ea179a4e38
Validity
Not Before: Jan 1 09:57:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64a103d89b151a93230de3bbc2c8c6d739ebdfa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7f:a3:44:46:4a:46:f8:be:ca:8d:d1:22:76:
67:38:51:2f:23:e5:c4:e5:cf:ff:72:7d:f1:b7:05:
e5:b6:a4:66:09:83:55:6b:1c:c8:c3:15:b9:d1:d1:
2b:99:dd:70:ac:13:30:9a:b5:a5:af:ab:43:15:0e:
d2:55:d8:9d:0e:f8:37:a0:51:13:0e:43:4b:52:67:
bc:87:f9:0d:b0:b0:54:a4:c2:e6:7f:f3:a7:37:c6:
d0:fd:84:2f:fb:4e:39:d5:3b:c7:e1:58:f2:e9:86:
7b:59:92:20:ba:fc:58:df:3b:40:e9:eb:af:aa:97:
ad:1d:fb:59:61:d0:23:d0:18:d2:aa:ca:97:11:27:
82:36:0b:dd:ce:99:05:16:c0:4c:4b:19:73:19:34:
58:53:62:cf:4c:b5:66:66:85:29:21:54:a4:1f:3b:
a4:8f:da:f2:c4:33:a5:ad:46:31:f0:16:9d:d4:a7:
94:f7:55:87:27:f1:4c:a8:68:aa:db:d8:88:13:6a:
48:a4:e1:67:d1:db:ba:43:fc:76:4a:d7:f9:31:e5:
d7:62:bf:7b:73:63:13:58:ce:5d:9c:7f:25:ee:cb:
15:ec:56:75:6f:28:8e:57:7b:02:2a:19:cf:b0:a5:
2f:6e:6a:c5:17:24:ae:cd:8f:2c:b8:71:c5:c0:c1:
8b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A1:03:D8:9B:15:1A:93:23:0D:E3:BB:C2:C8:C6:D7:39:EB:DF:A5
X509v3 Authority Key Identifier:
keyid:E2:C3:FC:19:8C:77:2F:59:B8:ED:E5:29:85:6B:52:EA:17:9A:4E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sP8GYx3L1m47eUphWtS6heaTjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/683ffb-65eb-4972-997a-5f29c9f549e8/1/ZKED2JsVGpMjDeO7wsjG1znr36U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/683ffb-65eb-4972-997a-5f29c9f549e8/1/4sP8GYx3L1m47eUphWtS6heaTjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.97.0/24
IPv6:
2001:67c:314::/48
Signature Algorithm: sha256WithRSAEncryption
6f:cb:aa:79:c4:ef:0f:52:1a:97:cd:c1:8f:7a:fa:ca:41:f9:
6c:c6:4b:e1:e7:90:04:ff:0a:c2:5c:c6:4d:dd:94:f5:72:13:
aa:96:34:e9:fb:60:2f:89:dc:75:34:94:cd:9a:78:f0:7e:01:
45:d1:23:ab:7b:24:bf:aa:03:94:77:ef:b6:bd:84:f9:30:6e:
49:34:a7:ea:9f:ae:c1:76:53:87:df:0a:c0:b1:62:6b:d3:fd:
5e:cc:1a:56:be:ce:5c:2e:7b:91:14:70:c1:78:e4:3d:e5:e0:
bd:79:52:5f:22:2b:9e:99:ba:6d:59:52:bb:4f:fa:40:1f:51:
8c:2e:91:72:3e:64:27:62:a6:27:02:79:b6:80:09:26:95:50:
74:39:1b:58:27:64:62:ae:64:c1:db:79:4c:14:86:37:40:72:
d5:11:70:7c:61:d0:dc:9c:d0:a0:81:bf:e1:90:0f:e1:bc:04:
d2:08:6a:e7:a9:13:2a:3e:53:56:75:38:1a:c5:53:b4:52:88:
a6:23:97:b3:36:1c:be:0f:eb:4f:0c:27:42:cb:23:8f:2d:15:
2e:ba:e7:50:ec:7f:b1:6e:0b:c9:56:e1:0f:e2:36:24:3c:a3:
49:62:74:5a:14:f2:e4:9f:b9:99:69:4c:b1:29:0c:09:ad:85:
c6:81:9a:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGGNn6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmMzZmMxOThjNzcyZjU5YjhlZGU1Mjk4NTZiNTJlYTE3OWE0ZTM4MB4XDTIyMDEw
MTA5NTcyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjRhMTAzZDg5YjE1
MWE5MzIzMGRlM2JiYzJjOGM2ZDczOWViZGZhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKp/o0RGSkb4vsqN0SJ2ZzhRLyPlxOXP/3J98bcF5bakZgmD
VWscyMMVudHRK5ndcKwTMJq1pa+rQxUO0lXYnQ74N6BREw5DS1JnvIf5DbCwVKTC
5n/zpzfG0P2EL/tOOdU7x+FY8umGe1mSILr8WN87QOnrr6qXrR37WWHQI9AY0qrK
lxEngjYL3c6ZBRbATEsZcxk0WFNiz0y1ZmaFKSFUpB87pI/a8sQzpa1GMfAWndSn
lPdVhyfxTKhoqtvYiBNqSKThZ9HbukP8dkrX+THl12K/e3NjE1jOXZx/Je7LFexW
dW8ojld7AioZz7ClL25qxRckrs2PLLhxxcDBi48CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRkoQPYmxUakyMN47vCyMbXOevfpTAfBgNVHSMEGDAWgBTiw/wZjHcvWbjt
5SmFa1LqF5pOODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRzUDhHWXgzTDFtNDdlVXBoV3RTNmhlYVRqZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvNjgzZmZiLTY1ZWItNDk3Mi05OTdhLTVmMjljOWY1NDllOC8x
L1pLRUQySnNWR3BNakRlTzd3c2pHMXpucjM2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
NjgzZmZiLTY1ZWItNDk3Mi05OTdhLTVmMjljOWY1NDllOC8xLzRzUDhHWXgzTDFt
NDdlVXBoV3RTNmhlYVRqZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMIyYTAPBAIAAjAJAwcAIAEGfAMU
MA0GCSqGSIb3DQEBCwUAA4IBAQBvy6p5xO8PUhqXzcGPevrKQflsxkvh55AE/wrC
XMZN3ZT1chOqljTp+2Avidx1NJTNmnjwfgFF0SOreyS/qgOUd++2vYT5MG5JNKfq
n67BdlOH3wrAsWJr0/1ezBpWvs5cLnuRFHDBeOQ95eC9eVJfIiuembptWVK7T/pA
H1GMLpFyPmQnYqYnAnm2gAkmlVB0ORtYJ2RirmTB23lMFIY3QHLVEXB8YdDcnNCg
gb/hkA/hvATSCGrnqRMqPlNWdTgaxVO0UoimI5ezNhy+D+tPDCdCyyOPLRUuuudQ
7H+xbgvJVuEP4jYkPKNJYnRaFPLkn7mZaUyxKQwJrYXGgZqa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:15 2025 by rpki-client