Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/z-WKR8ialkXMFOunDtXYCf7zdqc.roa
File: z-WKR8ialkXMFOunDtXYCf7zdqc.roa (raw, json)
Hash identifier: 87M4ijjO7xN1YHB61CfZkBM9KpDSsuDfVDsjU7n0hEY=
Subject key identifier: CF:E5:8A:47:C8:9A:96:45:CC:14:EB:A7:0E:D5:D8:09:FE:F3:76:A7
Certificate issuer: /CN=741736f657221fc134316323b0740585a9c1b20c
Certificate serial: 0185736856AF3E3B5A9543D19AC2BEFB5395
Authority key identifier: 74:17:36:F6:57:22:1F:C1:34:31:63:23:B0:74:05:85:A9:C1:B2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBc29lciH8E0MWMjsHQFhanBsgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/z-WKR8ialkXMFOunDtXYCf7zdqc.roa
Signing time: Mon 02 Jan 2023 16:54:55 +0000
ROA not before: Mon 02 Jan 2023 16:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61079
IP address blocks: 185.19.164.0/23 maxlen: 24
185.19.166.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:56:af:3e:3b:5a:95:43:d1:9a:c2:be:fb:53:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=741736f657221fc134316323b0740585a9c1b20c
Validity
Not Before: Jan 2 16:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfe58a47c89a9645cc14eba70ed5d809fef376a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:32:10:f4:2a:13:8e:f2:b9:33:f1:97:ef:1f:
e4:bf:b1:d8:f7:45:75:c2:55:33:58:53:a8:d0:02:
47:81:f4:7e:62:9b:97:9e:7e:b0:ad:78:18:89:93:
40:1b:91:ec:ac:fd:f1:33:a9:99:23:73:19:08:08:
b3:53:1b:5a:3c:ee:c0:3f:24:77:68:ee:b7:6c:45:
25:28:be:d0:58:e4:81:2e:33:5c:d9:ec:b4:de:af:
73:59:8f:b9:c5:bf:03:9c:15:7f:59:f6:06:5f:46:
b7:d4:bb:5d:5f:a9:26:ba:4d:d4:97:55:5a:0b:e4:
ba:84:50:92:a4:f2:57:88:69:26:83:da:15:52:f1:
65:b6:a4:8c:ce:50:8e:8b:60:6e:52:53:57:ec:a4:
a7:43:80:64:5a:3a:98:c1:57:80:4c:4a:fd:e9:19:
e0:cb:ed:fd:3d:85:90:e4:3c:1f:7a:dd:fa:29:ba:
f9:c2:41:87:90:18:06:fa:64:32:be:87:0b:c4:b9:
73:bb:23:64:be:ed:db:42:39:e6:50:c2:68:91:8a:
c9:9e:fa:5b:5c:fa:5c:00:2e:fe:02:d9:72:08:02:
bd:18:00:34:28:52:e6:4e:cf:1f:e8:98:ff:d9:db:
b3:28:21:f8:ad:ce:10:b2:00:68:52:92:fb:f7:55:
5f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E5:8A:47:C8:9A:96:45:CC:14:EB:A7:0E:D5:D8:09:FE:F3:76:A7
X509v3 Authority Key Identifier:
keyid:74:17:36:F6:57:22:1F:C1:34:31:63:23:B0:74:05:85:A9:C1:B2:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBc29lciH8E0MWMjsHQFhanBsgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/z-WKR8ialkXMFOunDtXYCf7zdqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/dBc29lciH8E0MWMjsHQFhanBsgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.164.0/22
Signature Algorithm: sha256WithRSAEncryption
72:92:8d:86:20:d9:e6:b5:ac:b5:7c:cf:cb:86:dd:45:d9:49:
f4:56:5a:e2:50:2b:e0:3c:1d:91:81:ed:70:0f:0f:24:a3:54:
b8:4f:fc:41:fc:db:39:1f:0f:6b:7b:c1:44:24:3f:04:ab:97:
d0:53:35:9e:75:8f:f1:94:92:50:38:04:30:84:bc:f9:cd:c5:
03:99:30:46:53:b7:d0:9f:d1:94:a3:3d:1c:f7:e9:a7:e8:7a:
3c:05:84:b9:3a:de:d3:6d:0a:9c:c3:02:d8:c0:08:00:c5:08:
92:0a:75:45:6d:9c:4d:ff:53:e8:f1:78:4d:79:05:e6:99:e3:
1a:0a:c5:e4:de:de:dc:46:f4:d6:11:b3:47:5e:60:dd:58:53:
6b:1f:dc:f0:89:07:a3:ad:f0:a6:cf:d4:e1:3b:f7:02:50:bb:
fa:a0:ac:31:8c:8c:d6:e1:93:ed:3a:b4:89:88:3f:38:73:9c:
4a:69:34:62:1d:91:c1:78:e9:4a:43:3f:57:95:b0:4e:ac:54:
6a:99:a8:a7:bc:ae:74:f5:1f:c1:59:1f:b5:2a:12:0d:fc:50:
52:dc:bf:22:6d:a6:07:9d:c9:b7:95:e1:95:83:00:e3:fe:3d:
15:2c:9b:f7:8e:0d:a6:52:43:15:5a:82:72:fe:60:f3:77:68:
fc:80:f1:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzaFavPjtalUPRmsK++1OVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTczNmY2NTcyMjFmYzEzNDMxNjMyM2IwNzQwNTg1YTlj
MWIyMGMwHhcNMjMwMTAyMTY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmU1OGE0N2M4OWE5NjQ1Y2MxNGViYTcwZWQ1ZDgwOWZlZjM3NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzIQ9CoTjvK5M/GX7x/kv7HY90V1
wlUzWFOo0AJHgfR+YpuXnn6wrXgYiZNAG5HsrP3xM6mZI3MZCAizUxtaPO7APyR3
aO63bEUlKL7QWOSBLjNc2ey03q9zWY+5xb8DnBV/WfYGX0a31LtdX6kmuk3Ul1Va
C+S6hFCSpPJXiGkmg9oVUvFltqSMzlCOi2BuUlNX7KSnQ4BkWjqYwVeATEr96Rng
y+39PYWQ5Dwfet36Kbr5wkGHkBgG+mQyvocLxLlzuyNkvu3bQjnmUMJokYrJnvpb
XPpcAC7+AtlyCAK9GAA0KFLmTs8f6Jj/2duzKCH4rc4QsgBoUpL791VfcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/likfImpZFzBTrpw7V2An+83anMB8GA1UdIwQY
MBaAFHQXNvZXIh/BNDFjI7B0BYWpwbIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJjMjlsY2lIOEUwTVdNanNIUUZoYW5Cc2d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzE0Y2ItNjJiNS00ZmE2LWI0NDUt
Y2JmYmE0NTlkOGY3LzEvei1XS1I4aWFsa1hNRk91bkR0WFlDZjd6ZHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzE0Y2ItNjJiNS00ZmE2LWI0NDUtY2JmYmE0NTlkOGY3
LzEvZEJjMjlsY2lIOEUwTVdNanNIUUZoYW5Cc2d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuROkMA0G
CSqGSIb3DQEBCwUAA4IBAQByko2GINnmtay1fM/Lht1F2Un0VlriUCvgPB2Rge1w
Dw8ko1S4T/xB/Ns5Hw9re8FEJD8Eq5fQUzWedY/xlJJQOAQwhLz5zcUDmTBGU7fQ
n9GUoz0c9+mn6Ho8BYS5Ot7TbQqcwwLYwAgAxQiSCnVFbZxN/1Po8XhNeQXmmeMa
CsXk3t7cRvTWEbNHXmDdWFNrH9zwiQejrfCmz9ThO/cCULv6oKwxjIzW4ZPtOrSJ
iD84c5xKaTRiHZHBeOlKQz9XlbBOrFRqmainvK509R/BWR+1KhIN/FBS3L8ibaYH
ncm3leGVgwDj/j0VLJv3jg2mUkMVWoJy/mDzd2j8gPHk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:54 2025 by rpki-client