Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/zVuAVzMzeqsFs8LMiLjvq4CvhEU.roa
File: zVuAVzMzeqsFs8LMiLjvq4CvhEU.roa (raw, json)
Hash identifier: ZCRMXDfYZPCJyOBavMlGM6RhON0omMT6P/tCYpqHGgw=
Subject key identifier: CD:5B:80:57:33:33:7A:AB:05:B3:C2:CC:88:B8:EF:AB:80:AF:84:45
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 01856FE6EACDD25620912CCADC20F0BB7B67
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/zVuAVzMzeqsFs8LMiLjvq4CvhEU.roa
Signing time: Mon 02 Jan 2023 00:34:42 +0000
ROA not before: Mon 02 Jan 2023 00:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20679
IP address blocks: 185.75.31.0/24 maxlen: 24
2001:678:418::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:ea:cd:d2:56:20:91:2c:ca:dc:20:f0:bb:7b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 2 00:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd5b805733337aab05b3c2cc88b8efab80af8445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0e:39:cd:94:97:45:53:f6:63:59:76:fe:e0:
f4:0d:d1:95:59:01:7f:cd:d1:cb:c9:10:86:0f:36:
40:39:70:b1:be:0b:36:a4:9d:eb:e7:33:7a:07:c8:
de:d7:cd:fc:e1:f3:46:ca:64:33:f6:c7:e8:d7:25:
a4:69:b3:08:67:4e:f1:9e:e3:15:af:8a:5d:f1:17:
f5:54:5c:f2:34:4d:2e:71:5b:7a:85:36:74:60:9f:
09:6d:17:37:c5:c4:e8:79:3f:ef:08:a5:e3:8f:4d:
41:32:c1:c1:61:e6:c9:a5:8f:cc:36:fa:74:26:f5:
4c:ed:33:4d:97:7b:37:f3:d9:b3:a9:33:fd:de:f0:
93:a4:53:f6:78:fc:b3:66:4f:b6:28:ca:82:ea:1a:
b7:e5:74:ec:1d:cd:95:b8:61:bc:2f:1a:53:dd:d0:
89:0b:c7:4c:59:88:b0:26:3e:59:da:b6:ce:36:f1:
d7:4c:3c:f2:8c:c6:00:94:26:7a:9a:3f:66:bc:1d:
2c:2d:2e:20:18:fc:52:ac:9a:25:04:45:f9:7f:df:
ed:b4:5d:27:a8:d1:e2:11:b7:5c:8f:f2:a0:b1:e3:
99:c2:cd:e3:c9:f7:9e:61:88:f8:37:19:2d:93:e3:
81:6d:5f:83:66:50:5a:a6:9e:23:0b:56:cd:3e:83:
33:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5B:80:57:33:33:7A:AB:05:B3:C2:CC:88:B8:EF:AB:80:AF:84:45
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/zVuAVzMzeqsFs8LMiLjvq4CvhEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.31.0/24
IPv6:
2001:678:418::/48
Signature Algorithm: sha256WithRSAEncryption
23:f4:a1:5b:f2:b8:a3:95:d3:b5:75:cd:cb:66:e1:52:d1:6e:
dc:36:5e:c2:5b:95:cd:cf:d2:79:2f:db:68:44:b3:17:fc:bc:
42:d0:10:51:df:53:4c:6f:ed:4e:d9:0b:89:c4:fb:82:f3:49:
cb:3c:53:94:1a:55:da:46:29:e9:b7:93:44:98:37:0b:ca:ed:
43:c3:53:95:6d:62:65:27:e9:f9:40:1f:f1:f1:55:ae:9a:48:
63:be:70:bc:3a:2d:57:ef:2a:42:dd:10:5b:16:a1:b4:e9:4b:
99:37:0b:80:f4:bf:6b:76:c5:52:16:79:90:f1:08:17:f4:54:
9d:99:30:54:d2:f3:50:6a:af:50:74:9b:3e:b1:ca:19:f7:7f:
21:35:a6:82:29:c9:17:af:2c:28:d3:dc:5b:e2:7d:ae:21:70:
e2:69:15:b5:95:24:fa:3b:8a:60:e9:60:f7:56:25:f3:85:9d:
3d:27:72:c1:4d:f2:3d:ac:ab:69:e3:2b:dc:61:8b:51:90:29:
25:22:3b:e6:da:39:d0:01:22:60:aa:50:27:f2:da:33:49:c0:
84:3c:94:c1:1d:45:2a:ed:3f:69:50:ff:58:61:f9:d7:1f:e2:
dc:02:09:3a:63:73:91:6f:72:5e:34:7e:9b:68:8e:c3:a5:74:
a3:f1:df:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv5urN0lYgkSzK3CDwu3tnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODU2NTU3YzQxNDZhOGI1MGRjNGQ5NDQyNGIwNjY4MGNl
Zjc1NWIwHhcNMjMwMTAyMDAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDViODA1NzMzMzM3YWFiMDViM2MyY2M4OGI4ZWZhYjgwYWY4NDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw45zZSXRVP2Y1l2/uD0DdGVWQF/
zdHLyRCGDzZAOXCxvgs2pJ3r5zN6B8je18384fNGymQz9sfo1yWkabMIZ07xnuMV
r4pd8Rf1VFzyNE0ucVt6hTZ0YJ8JbRc3xcToeT/vCKXjj01BMsHBYebJpY/MNvp0
JvVM7TNNl3s389mzqTP93vCTpFP2ePyzZk+2KMqC6hq35XTsHc2VuGG8LxpT3dCJ
C8dMWYiwJj5Z2rbONvHXTDzyjMYAlCZ6mj9mvB0sLS4gGPxSrJolBEX5f9/ttF0n
qNHiEbdcj/KgseOZws3jyfeeYYj4Nxktk+OBbV+DZlBapp4jC1bNPoMz0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM1bgFczM3qrBbPCzIi476uAr4RFMB8GA1UdIwQY
MBaAFIyFZVfEFGqLUNxNlEJLBmgM73VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEt
MmE2YjlhMGNjYWJkLzEvelZ1QVZ6TXplcXNGczhMTWlManZxNEN2aEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEtMmE2YjlhMGNjYWJk
LzEvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUsfMA8E
AgACMAkDBwAgAQZ4BBgwDQYJKoZIhvcNAQELBQADggEBACP0oVvyuKOV07V1zctm
4VLRbtw2XsJblc3P0nkv22hEsxf8vELQEFHfU0xv7U7ZC4nE+4LzScs8U5QaVdpG
Kem3k0SYNwvK7UPDU5VtYmUn6flAH/HxVa6aSGO+cLw6LVfvKkLdEFsWobTpS5k3
C4D0v2t2xVIWeZDxCBf0VJ2ZMFTS81Bqr1B0mz6xyhn3fyE1poIpyRevLCjT3Fvi
fa4hcOJpFbWVJPo7imDpYPdWJfOFnT0ncsFN8j2sq2njK9xhi1GQKSUiO+baOdAB
ImCqUCfy2jNJwIQ8lMEdRSrtP2lQ/1hh+dcf4twCCTpjc5Fvcl40fptojsOldKPx
36k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:35 2025 by rpki-client