Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Z-MvimAp0UYOgxBFt7jcfzx5wAM.roa
File: Z-MvimAp0UYOgxBFt7jcfzx5wAM.roa (raw, json)
Hash identifier: bt/9TJh0UPqogrtnKpjBs0NJ1QJUMWKUHUn6d152/Dk=
Subject key identifier: 67:E3:2F:8A:60:29:D1:46:0E:83:10:45:B7:B8:DC:7F:3C:79:C0:03
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01857E2489F9F3D19FA9FD021388F973C3CF
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Z-MvimAp0UYOgxBFt7jcfzx5wAM.roa
Signing time: Wed 04 Jan 2023 18:56:41 +0000
ROA not before: Wed 04 Jan 2023 18:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7e:24:89:f9:f3:d1:9f:a9:fd:02:13:88:f9:73:c3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 4 18:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67e32f8a6029d1460e831045b7b8dc7f3c79c003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e6:46:16:79:5b:8f:c7:08:a3:cc:f7:32:72:
2d:0c:2c:ac:67:f5:db:7d:d6:d2:22:b5:de:d5:15:
00:18:fe:bb:3f:9b:ed:2a:78:c7:0e:24:39:a5:29:
e0:d1:e5:c4:76:d0:34:2a:73:21:5c:33:38:d2:63:
fd:72:95:a7:9b:12:1e:26:ce:95:03:c6:d9:49:f2:
e9:34:cb:78:70:8e:23:a7:92:1e:13:22:02:97:99:
c7:50:8c:be:14:c0:78:a3:b2:1b:7d:b9:ce:e9:fc:
cc:6b:47:e8:52:20:98:7d:63:da:8d:44:29:cc:28:
46:76:a1:3c:90:e2:e7:90:20:ed:d8:d4:75:2d:73:
fb:79:ff:68:6a:15:8d:28:0d:69:4c:a3:60:77:bd:
b2:47:de:54:cd:63:5a:e8:0a:07:00:52:7b:56:e5:
f6:09:79:c4:79:2a:e8:ba:06:a1:f7:90:3d:98:3e:
3c:a4:67:aa:c8:9e:e3:59:d3:63:bf:be:7a:3e:24:
de:4a:00:50:d8:e2:f2:05:60:f3:c0:51:ed:f9:c5:
45:49:e7:b5:03:12:94:08:f8:13:d5:8c:75:6a:8b:
4e:ce:0e:d0:f1:c5:b7:1a:b8:f8:c4:ee:28:1c:94:
97:92:6f:22:84:47:ee:23:36:92:40:e6:5a:b6:1d:
4f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E3:2F:8A:60:29:D1:46:0E:83:10:45:B7:B8:DC:7F:3C:79:C0:03
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Z-MvimAp0UYOgxBFt7jcfzx5wAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.201.0-37.128.203.255
46.23.96.0/24
46.23.98.0/23
Signature Algorithm: sha256WithRSAEncryption
58:90:a9:fd:31:11:22:82:32:c7:a6:28:66:e7:33:40:f8:d3:
b4:49:d1:15:35:94:4d:30:93:b5:90:31:7c:e0:92:c8:7c:54:
08:b7:1b:d6:88:33:25:af:1f:f8:db:1c:ce:54:69:56:47:d4:
0f:6a:96:72:3a:49:d8:0d:18:0d:63:91:d0:71:b6:53:70:3a:
fb:57:3e:e6:07:48:ca:70:da:bb:a7:a3:67:32:cc:39:9a:32:
26:20:95:d9:e1:15:60:53:8b:a2:58:11:a5:80:73:37:e9:a2:
72:30:95:b5:28:f4:b5:40:66:7e:82:86:bd:dc:52:8f:87:9c:
09:46:8d:12:d9:2b:2b:5b:2a:dc:67:a5:03:1d:60:a4:1f:6d:
d6:95:81:db:e7:b3:ed:ac:3d:56:1e:8e:66:4f:72:1d:c8:5e:
16:b5:32:2e:c3:bc:a0:de:19:43:3a:5f:cc:55:27:1b:b9:8f:
ec:b4:c5:61:16:c0:9b:5b:4f:c4:7a:22:61:b3:fa:43:13:c6:
1b:1b:70:f7:77:38:c3:45:8f:b9:17:f6:a9:f8:3e:28:5c:1d:
a8:31:38:ce:bb:e8:88:37:ba:3b:56:91:b1:88:91:b6:fc:a0:
6f:39:9e:45:ce:0d:c5:78:98:fd:d6:df:cd:ce:e8:d9:78:09:
d9:e8:51:2c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYV+JIn589Gfqf0CE4j5c8PPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTA0MTg1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UzMmY4YTYwMjlkMTQ2MGU4MzEwNDViN2I4ZGM3ZjNjNzljMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeZGFnlbj8cIo8z3MnItDCysZ/Xb
fdbSIrXe1RUAGP67P5vtKnjHDiQ5pSng0eXEdtA0KnMhXDM40mP9cpWnmxIeJs6V
A8bZSfLpNMt4cI4jp5IeEyICl5nHUIy+FMB4o7IbfbnO6fzMa0foUiCYfWPajUQp
zChGdqE8kOLnkCDt2NR1LXP7ef9oahWNKA1pTKNgd72yR95UzWNa6AoHAFJ7VuX2
CXnEeSrougah95A9mD48pGeqyJ7jWdNjv756PiTeSgBQ2OLyBWDzwFHt+cVFSee1
AxKUCPgT1Yx1aotOzg7Q8cW3Grj4xO4oHJSXkm8ihEfuIzaSQOZath1PjwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGfjL4pgKdFGDoMQRbe43H88ecADMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvWi1NdmltQXAwVVlPZ3hCRnQ3amNmeng1d0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAlgMkD
BAIlgMgDBAAuF2ADBAEuF2IwDQYJKoZIhvcNAQELBQADggEBAFiQqf0xESKCMsem
KGbnM0D407RJ0RU1lE0wk7WQMXzgksh8VAi3G9aIMyWvH/jbHM5UaVZH1A9qlnI6
SdgNGA1jkdBxtlNwOvtXPuYHSMpw2runo2cyzDmaMiYgldnhFWBTi6JYEaWAczfp
onIwlbUo9LVAZn6Chr3cUo+HnAlGjRLZKytbKtxnpQMdYKQfbdaVgdvns+2sPVYe
jmZPch3IXha1Mi7DvKDeGUM6X8xVJxu5j+y0xWEWwJtbT8R6ImGz+kMTxhsbcPd3
OMNFj7kX9qn4PihcHagxOM676Ig3ujtWkbGIkbb8oG85nkXODcV4mP3W383O6Nl4
CdnoUSw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:44 2025 by rpki-client