Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/1ZVstsKAzliPm3kOqHf62bKD4pM.roa
File: 1ZVstsKAzliPm3kOqHf62bKD4pM.roa (raw, json)
Hash identifier: NDjLdl+wSqFC4anPN5a/xQRI5Og1iKeEaTZ7A0FlAV4=
Subject key identifier: D5:95:6C:B6:C2:80:CE:58:8F:9B:79:0E:A8:77:FA:D9:B2:83:E2:93
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182F953005C596EAEA83013FD4FEEB9AC94
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/1ZVstsKAzliPm3kOqHf62bKD4pM.roa
Signing time: Thu 01 Sep 2022 13:52:22 +0000
ROA not before: Thu 01 Sep 2022 13:52:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.103.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f9:53:00:5c:59:6e:ae:a8:30:13:fd:4f:ee:b9:ac:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 1 13:52:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5956cb6c280ce588f9b790ea877fad9b283e293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d3:37:dd:15:dd:74:ba:94:27:36:b7:d1:81:
c5:cb:6b:78:5f:72:c8:01:e1:5e:b6:ee:99:f3:95:
ff:39:97:7c:2e:7d:aa:e2:34:f5:5a:b8:85:56:c9:
a3:27:b1:b1:b7:1e:b1:8f:08:dc:05:de:1d:f1:06:
a1:ba:42:2d:19:8e:79:1c:8a:b0:50:53:8e:79:91:
89:bf:af:ff:db:7b:d3:18:59:2a:3f:56:6e:4c:06:
cf:8f:1e:d9:06:09:46:0f:48:63:a8:df:13:79:97:
28:a8:11:da:02:96:29:e5:ac:c5:30:f9:78:d1:84:
e9:0e:76:32:c3:86:28:01:5a:2c:23:94:dc:82:d4:
02:c6:fa:07:d4:3f:80:32:00:40:7f:e3:e8:13:cd:
d5:e7:f0:d3:25:1b:cc:05:52:f6:1b:d7:25:cd:d3:
38:53:e3:f4:5c:24:ac:0a:41:fb:29:a6:39:f8:5e:
76:f1:dc:66:6a:09:a3:95:56:89:85:cb:84:ad:e6:
12:e2:26:0b:02:2b:0a:54:02:a6:75:3a:02:8a:0d:
7f:0f:b2:c2:66:ce:3f:bd:31:a0:be:84:88:92:88:
46:85:2e:6b:22:7e:20:e2:0d:c6:ba:ca:44:e2:53:
b6:be:21:2c:09:c9:c5:f0:0d:35:4e:67:4d:b2:b6:
bf:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:95:6C:B6:C2:80:CE:58:8F:9B:79:0E:A8:77:FA:D9:B2:83:E2:93
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/1ZVstsKAzliPm3kOqHf62bKD4pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
46.23.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:6b:8a:e1:95:e7:e5:3e:dd:77:ea:e3:f3:72:f5:06:59:f6:
58:f4:2f:fb:cc:e7:55:aa:15:2f:f7:a6:9c:cb:2e:6e:a2:33:
a6:74:73:ee:ed:9b:96:53:a8:10:d3:96:5f:8a:7f:26:a1:9f:
5f:75:da:8f:c3:11:a5:7d:55:14:47:3f:0e:2b:18:47:33:b9:
61:6a:89:5e:8e:96:84:e6:4c:69:e9:5b:b5:9f:ef:82:bc:f3:
82:0e:3f:eb:f3:88:d2:8c:fb:1c:47:05:e0:16:cf:7c:c8:b4:
31:f1:71:98:87:04:02:ea:fb:86:fe:a6:7b:f2:fe:71:48:00:
db:4e:e0:c1:16:2c:53:39:a7:93:90:27:4f:41:2f:cd:aa:0e:
d2:0a:f5:c5:31:53:b4:5d:a4:22:d8:8a:7b:70:45:6f:de:02:
03:19:cb:13:d0:10:41:01:39:26:2c:80:85:8e:24:17:55:34:
d9:f4:86:f4:61:59:98:ed:fa:9f:97:72:38:6a:73:ae:db:11:
56:4e:3e:1f:29:e1:0a:76:e1:14:6e:53:9f:4a:09:a9:c4:bb:
7e:a6:c0:0f:e9:99:30:c0:57:35:d4:62:70:b5:3b:56:cf:76:
b1:7f:c9:94:7c:5d:a9:85:41:57:ff:31:a8:c7:2d:58:66:18:
04:73:1f:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYL5UwBcWW6uqDAT/U/uuayUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwOTAxMTM1MjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk1NmNiNmMyODBjZTU4OGY5Yjc5MGVhODc3ZmFkOWIyODNlMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtM33RXddLqUJza30YHFy2t4X3LI
AeFetu6Z85X/OZd8Ln2q4jT1WriFVsmjJ7Gxtx6xjwjcBd4d8QahukItGY55HIqw
UFOOeZGJv6//23vTGFkqP1ZuTAbPjx7ZBglGD0hjqN8TeZcoqBHaApYp5azFMPl4
0YTpDnYyw4YoAVosI5TcgtQCxvoH1D+AMgBAf+PoE83V5/DTJRvMBVL2G9clzdM4
U+P0XCSsCkH7KaY5+F528dxmagmjlVaJhcuEreYS4iYLAisKVAKmdToCig1/D7LC
Zs4/vTGgvoSIkohGhS5rIn4g4g3GuspE4lO2viEsCcnF8A01TmdNsra/8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNWVbLbCgM5Yj5t5Dqh3+tmyg+KTMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMVpWc3RzS0F6bGlQbTNrT3FIZjYyYktENHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYDIAwQC
LhdkMA0GCSqGSIb3DQEBCwUAA4IBAQCia4rhleflPt136uPzcvUGWfZY9C/7zOdV
qhUv96acyy5uojOmdHPu7ZuWU6gQ05Zfin8moZ9fddqPwxGlfVUURz8OKxhHM7lh
aolejpaE5kxp6Vu1n++CvPOCDj/r84jSjPscRwXgFs98yLQx8XGYhwQC6vuG/qZ7
8v5xSADbTuDBFixTOaeTkCdPQS/Nqg7SCvXFMVO0XaQi2Ip7cEVv3gIDGcsT0BBB
ATkmLICFjiQXVTTZ9Ib0YVmY7fqfl3I4anOu2xFWTj4fKeEKduEUblOfSgmpxLt+
psAP6ZkwwFc11GJwtTtWz3axf8mUfF2phUFX/zGoxy1YZhgEcx/z
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:58 2025 by rpki-client