Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/_ZzNQ182hqsD2tjdpryFvRpXf8U.roa
File: _ZzNQ182hqsD2tjdpryFvRpXf8U.roa (raw, json)
Hash identifier: T7Vfsi++foth5WFCQBMbXLVh6Vre++xSCWBeca6TTMo=
Subject key identifier: FD:9C:CD:43:5F:36:86:AB:03:DA:D8:DD:A6:BC:85:BD:1A:57:7F:C5
Certificate issuer: /CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071
Certificate serial: 0185704BB1DB115AB7A7F25B450B0F42B43B
Authority key identifier: 7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/_ZzNQ182hqsD2tjdpryFvRpXf8U.roa
Signing time: Mon 02 Jan 2023 02:24:46 +0000
ROA not before: Mon 02 Jan 2023 02:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31236
IP address blocks: 160.20.214.0/23 maxlen: 23
82.112.64.0/19 maxlen: 24
94.198.48.0/23 maxlen: 23
2a00:92c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:b1:db:11:5a:b7:a7:f2:5b:45:0b:0f:42:b4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071
Validity
Not Before: Jan 2 02:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd9ccd435f3686ab03dad8dda6bc85bd1a577fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c2:05:b6:af:87:6d:a7:53:e9:15:91:7f:28:
86:94:ef:bc:67:02:0b:77:c9:98:47:35:b6:c2:ea:
fa:35:8c:a8:7d:78:5a:85:b7:3f:4f:f4:e3:28:7e:
80:ae:8e:97:cc:2c:d2:b7:20:55:84:45:19:73:29:
7b:34:46:94:e1:b7:10:c5:60:8d:52:b7:1d:c1:54:
a3:d8:0a:eb:fd:a9:ed:0d:50:f6:05:1a:6e:f4:43:
7e:f0:e2:26:a5:cc:63:97:b2:e8:b5:6b:0f:da:42:
d7:0f:18:9b:87:99:a3:01:38:8d:2e:31:c3:1f:da:
89:82:aa:b3:03:a1:b1:55:c9:14:84:ea:a1:7f:a2:
b2:f9:5a:be:5b:2c:bf:a5:90:64:ca:9e:80:dd:25:
99:ef:5c:df:4c:5d:ae:5e:5e:9f:b1:e8:ed:0f:57:
71:8c:e6:74:31:c5:e1:86:c5:1d:8a:0d:34:66:14:
49:e7:66:18:6e:5d:02:1e:af:a3:e3:b2:7a:e6:4d:
45:1a:f4:20:3d:6f:dc:0e:90:85:50:96:04:20:ff:
8b:55:50:a0:46:14:3c:8e:24:76:5f:c5:e4:2d:e3:
06:37:99:31:50:bc:2c:35:94:07:31:53:0d:ba:02:
1b:53:08:e3:20:ed:e6:7d:f3:59:1c:3d:80:88:b1:
a5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9C:CD:43:5F:36:86:AB:03:DA:D8:DD:A6:BC:85:BD:1A:57:7F:C5
X509v3 Authority Key Identifier:
keyid:7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/_ZzNQ182hqsD2tjdpryFvRpXf8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.64.0/19
94.198.48.0/23
160.20.214.0/23
IPv6:
2a00:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
23:c8:f5:e8:86:75:fa:71:8a:ab:21:b9:b4:77:33:f7:52:e9:
98:06:d4:5c:f5:3b:0d:34:6e:b4:47:4f:81:8a:74:cf:23:d1:
89:bc:87:d9:ab:99:7e:c0:e0:43:cb:32:37:48:8d:ff:c9:96:
e3:fd:53:83:fe:46:5f:e3:10:84:bb:a0:eb:ba:bf:92:5d:80:
eb:c9:55:0d:27:cf:8b:05:12:bf:be:8d:79:e3:6c:6d:c0:70:
ce:fe:bd:5b:ad:8f:c4:9f:81:dc:ad:7d:cd:75:3a:83:a3:70:
2d:66:f6:ad:f9:bc:34:a2:23:eb:7a:50:24:7c:e9:55:c2:51:
73:f4:7d:c4:90:e5:42:e1:4b:55:68:6f:bf:e6:92:b0:ea:4b:
0f:28:59:10:6b:8f:99:37:5f:3b:f6:29:a9:d4:98:ba:52:8f:
84:ca:a8:88:51:eb:98:25:6f:74:16:30:c1:51:d8:23:16:24:
31:5f:85:bd:61:92:87:db:74:76:96:26:2d:00:cf:3c:ed:94:
6a:17:af:73:b6:58:93:b5:03:48:34:c3:9e:7d:1f:38:9a:07:
b4:72:01:73:e4:f6:f9:a4:e9:37:c1:f1:60:8d:bb:6c:f3:06:
e6:87:01:5d:e9:46:a3:20:cb:c0:b2:52:38:7f:8d:5b:c3:81:
12:46:3c:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwS7HbEVq3p/JbRQsPQrQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTdiMTUzZWVkMTEwYmNiZDE0ZGM3ZTMzZmQ0N2YwMmUy
ZmUwNzEwHhcNMjMwMTAyMDIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDljY2Q0MzVmMzY4NmFiMDNkYWQ4ZGRhNmJjODViZDFhNTc3ZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58IFtq+HbadT6RWRfyiGlO+8ZwIL
d8mYRzW2wur6NYyofXhahbc/T/TjKH6Aro6XzCzStyBVhEUZcyl7NEaU4bcQxWCN
UrcdwVSj2Arr/antDVD2BRpu9EN+8OImpcxjl7LotWsP2kLXDxibh5mjATiNLjHD
H9qJgqqzA6GxVckUhOqhf6Ky+Vq+Wyy/pZBkyp6A3SWZ71zfTF2uXl6fsejtD1dx
jOZ0McXhhsUdig00ZhRJ52YYbl0CHq+j47J65k1FGvQgPW/cDpCFUJYEIP+LVVCg
RhQ8jiR2X8XkLeMGN5kxULwsNZQHMVMNugIbUwjjIO3mffNZHD2AiLGlhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP2czUNfNoarA9rY3aa8hb0aV3/FMB8GA1UdIwQY
MBaAFH1XsVPu0RC8vRTcfjP9R/AuL+BxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQt
MDgwNzA5MWFhNzdkLzEvX1p6TlExODJocXNEMnRqZHByeUZ2UnBYZjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQtMDgwNzA5MWFhNzdk
LzEvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUnBAAwQB
XsYwAwQBoBTWMA0EAgACMAcDBQMqAJLAMA0GCSqGSIb3DQEBCwUAA4IBAQAjyPXo
hnX6cYqrIbm0dzP3UumYBtRc9TsNNG60R0+BinTPI9GJvIfZq5l+wOBDyzI3SI3/
yZbj/VOD/kZf4xCEu6Drur+SXYDryVUNJ8+LBRK/vo1542xtwHDO/r1brY/En4Hc
rX3NdTqDo3AtZvat+bw0oiPrelAkfOlVwlFz9H3EkOVC4UtVaG+/5pKw6ksPKFkQ
a4+ZN1879imp1Ji6Uo+EyqiIUeuYJW90FjDBUdgjFiQxX4W9YZKH23R2liYtAM88
7ZRqF69ztliTtQNINMOefR84mge0cgFz5Pb5pOk3wfFgjbts8wbmhwFd6UajIMvA
slI4f41bw4ESRjyC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:32 2025 by rpki-client