Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/027aae-4922-42a9-a4c9-38f80d6961ec/1/8ZGzP83XQspFCoIeh9bpRpHoYl0.roa
File: 8ZGzP83XQspFCoIeh9bpRpHoYl0.roa (raw, json)
Hash identifier: oSf/19L2YFZeuu5dbkWR4DnK064KKk1Q+VAf19ObHwc=
Subject key identifier: F1:91:B3:3F:CD:D7:42:CA:45:0A:82:1E:87:D6:E9:46:91:E8:62:5D
Certificate issuer: /CN=ce704858b643266f7c7107721c98f2ba93dd5265
Certificate serial: 018570D54604D214BCDABECB2CEBC1EE3C46
Authority key identifier: CE:70:48:58:B6:43:26:6F:7C:71:07:72:1C:98:F2:BA:93:DD:52:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znBIWLZDJm98cQdyHJjyupPdUmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/027aae-4922-42a9-a4c9-38f80d6961ec/1/8ZGzP83XQspFCoIeh9bpRpHoYl0.roa
Signing time: Mon 02 Jan 2023 04:55:02 +0000
ROA not before: Mon 02 Jan 2023 04:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.200.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:46:04:d2:14:bc:da:be:cb:2c:eb:c1:ee:3c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce704858b643266f7c7107721c98f2ba93dd5265
Validity
Not Before: Jan 2 04:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f191b33fcdd742ca450a821e87d6e94691e8625d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8f:b3:08:74:28:bf:12:c1:93:f6:91:71:39:
d4:77:ba:60:f5:c4:b4:b7:28:1e:07:3c:6a:30:e2:
fe:d4:af:69:74:80:b4:c5:c9:ca:3c:22:97:0d:e3:
06:85:26:22:2d:8a:69:e0:c2:d1:92:6f:4b:bd:16:
2e:eb:39:d2:8f:73:eb:92:56:5d:6a:14:61:e9:f9:
6b:85:75:58:47:e9:f8:d1:8c:e5:1c:81:c3:5f:a1:
6b:fc:28:fe:41:0e:2d:66:1e:40:2a:34:24:4f:08:
b9:15:c4:ac:1f:c6:ee:84:e7:9c:2d:72:23:f8:d1:
44:9a:d1:f2:c0:34:25:6b:af:64:2b:2e:87:a5:37:
9a:a0:83:3a:71:d8:9f:48:55:56:78:2f:d1:95:f3:
b2:14:6c:d8:29:e0:e5:13:12:58:e5:54:1e:57:1e:
a0:17:32:b8:01:e9:04:70:69:cc:af:10:f7:ec:81:
43:b1:77:9c:50:8b:fe:1f:bc:d2:a9:f8:19:41:64:
3e:62:26:7c:cc:0b:c9:d4:55:27:98:f7:c9:aa:a2:
37:3c:d3:67:e6:25:87:f1:f8:b3:4f:37:0e:e0:40:
c4:09:70:f7:14:7a:ad:7a:36:92:18:00:8f:49:ba:
1b:54:c9:a6:ae:f8:6e:b5:49:90:64:53:f1:7b:82:
36:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:91:B3:3F:CD:D7:42:CA:45:0A:82:1E:87:D6:E9:46:91:E8:62:5D
X509v3 Authority Key Identifier:
keyid:CE:70:48:58:B6:43:26:6F:7C:71:07:72:1C:98:F2:BA:93:DD:52:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znBIWLZDJm98cQdyHJjyupPdUmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/027aae-4922-42a9-a4c9-38f80d6961ec/1/8ZGzP83XQspFCoIeh9bpRpHoYl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/027aae-4922-42a9-a4c9-38f80d6961ec/1/znBIWLZDJm98cQdyHJjyupPdUmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.12.0/22
Signature Algorithm: sha256WithRSAEncryption
99:2e:e8:11:76:22:7d:9f:fa:7d:f7:47:74:33:22:fd:f2:ad:
51:10:cf:d4:27:20:34:0f:6d:47:9f:19:7d:59:52:83:7f:70:
72:14:f1:83:f5:99:f7:72:63:b7:a6:1c:04:e3:8e:09:2a:49:
7c:02:82:44:bd:a6:0e:41:ac:f4:71:9f:87:fb:7b:a9:06:d9:
24:bc:89:d0:6b:2e:7b:b9:91:8b:44:6d:06:87:5b:24:77:77:
3f:c7:63:bb:2b:c6:64:6f:8f:62:95:51:cc:21:f9:d3:b1:92:
a6:65:76:b8:ac:6c:b4:52:8e:18:77:38:45:90:f4:9d:0f:22:
f5:ce:10:f0:8d:77:11:78:b8:9e:c2:9d:44:88:f7:0f:12:88:
37:24:b9:b0:6d:50:1b:25:fa:e2:1e:9a:81:31:89:6d:a5:a0:
67:e7:70:27:a0:7a:89:d0:40:04:02:fb:74:82:f1:72:6d:8a:
ac:c6:95:5a:97:7e:35:ca:c0:a4:65:18:b3:5b:b9:5b:4f:69:
8d:1b:3e:bc:40:3c:08:2b:b0:2d:38:ca:4d:0f:52:b9:62:d4:
a0:ac:91:f0:f2:cd:62:bb:6f:e4:dc:fe:4c:01:3f:0e:7a:b6:
13:6e:78:40:54:1c:14:7f:a4:b6:6b:18:92:ab:36:2c:13:74:
8f:50:1a:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1UYE0hS82r7LLOvB7jxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNzA0ODU4YjY0MzI2NmY3YzcxMDc3MjFjOThmMmJhOTNk
ZDUyNjUwHhcNMjMwMTAyMDQ1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTkxYjMzZmNkZDc0MmNhNDUwYTgyMWU4N2Q2ZTk0NjkxZTg2MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI+zCHQovxLBk/aRcTnUd7pg9cS0
tygeBzxqMOL+1K9pdIC0xcnKPCKXDeMGhSYiLYpp4MLRkm9LvRYu6znSj3PrklZd
ahRh6flrhXVYR+n40YzlHIHDX6Fr/Cj+QQ4tZh5AKjQkTwi5FcSsH8buhOecLXIj
+NFEmtHywDQla69kKy6HpTeaoIM6cdifSFVWeC/RlfOyFGzYKeDlExJY5VQeVx6g
FzK4AekEcGnMrxD37IFDsXecUIv+H7zSqfgZQWQ+YiZ8zAvJ1FUnmPfJqqI3PNNn
5iWH8fizTzcO4EDECXD3FHqtejaSGACPSbobVMmmrvhutUmQZFPxe4I2EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGRsz/N10LKRQqCHofW6UaR6GJdMB8GA1UdIwQY
MBaAFM5wSFi2QyZvfHEHchyY8rqT3VJlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem5CSVdMWkRKbTk4Y1FkeUhKanl1cFBkVW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wMjdhYWUtNDkyMi00MmE5LWE0Yzkt
MzhmODBkNjk2MWVjLzEvOFpHelA4M1hRc3BGQ29JZWg5YnBScEhvWWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wMjdhYWUtNDkyMi00MmE5LWE0YzktMzhmODBkNjk2MWVj
LzEvem5CSVdMWkRKbTk4Y1FkeUhKanl1cFBkVW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucgMMA0G
CSqGSIb3DQEBCwUAA4IBAQCZLugRdiJ9n/p990d0MyL98q1REM/UJyA0D21Hnxl9
WVKDf3ByFPGD9Zn3cmO3phwE444JKkl8AoJEvaYOQaz0cZ+H+3upBtkkvInQay57
uZGLRG0Gh1skd3c/x2O7K8Zkb49ilVHMIfnTsZKmZXa4rGy0Uo4YdzhFkPSdDyL1
zhDwjXcReLiewp1EiPcPEog3JLmwbVAbJfriHpqBMYltpaBn53AnoHqJ0EAEAvt0
gvFybYqsxpVal341ysCkZRizW7lbT2mNGz68QDwIK7AtOMpND1K5YtSgrJHw8s1i
u2/k3P5MAT8OerYTbnhAVBwUf6S2axiSqzYsE3SPUBoi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:35 2025 by rpki-client