Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/ZS80HYYJSN7wsF3bf5803GGzGmA.roa
File: ZS80HYYJSN7wsF3bf5803GGzGmA.roa (raw, json)
Hash identifier: naKSTzrS9mvQ1yrm1k+9m0aBmCum8vCq4/hn5GEg6do=
Subject key identifier: 65:2F:34:1D:86:09:48:DE:F0:B0:5D:DB:7F:9F:34:DC:61:B3:1A:60
Certificate issuer: /CN=53855c8ece9bd6f8e3940202212ce09b05f5f8a0
Certificate serial: 01856B93395E3A3531D9ED52E78F094CE1DD
Authority key identifier: 53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/ZS80HYYJSN7wsF3bf5803GGzGmA.roa
Signing time: Sun 01 Jan 2023 04:24:48 +0000
ROA not before: Sun 01 Jan 2023 04:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 2001:678:868::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:39:5e:3a:35:31:d9:ed:52:e7:8f:09:4c:e1:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53855c8ece9bd6f8e3940202212ce09b05f5f8a0
Validity
Not Before: Jan 1 04:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=652f341d860948def0b05ddb7f9f34dc61b31a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:ee:45:e2:15:4b:73:79:60:18:ba:37:fc:
41:03:8d:8b:79:0f:92:23:c5:63:4d:70:8a:9e:55:
30:29:4b:36:be:fe:f2:18:ed:14:cc:a5:6d:57:e8:
27:f7:9b:bc:1c:02:1b:f4:79:fa:7b:ee:d0:14:ea:
4c:91:95:9b:4b:12:26:6e:4c:c4:1a:fb:15:40:51:
4b:9f:a3:b4:c4:48:c1:8c:73:17:45:9c:b2:85:4e:
6c:de:9d:3e:50:30:72:b7:76:6a:cf:4d:e9:0f:8b:
77:ec:8d:5b:c5:26:f9:fc:16:a2:e3:6d:cb:4f:34:
76:c2:a1:74:7e:f4:88:dc:bd:5c:ba:b5:be:f2:d9:
c9:a0:a6:57:43:6d:c8:7d:f8:fb:4a:8f:2d:cd:c1:
39:fa:f5:d0:ab:98:c8:b7:95:d1:ea:a5:a5:31:9a:
82:f5:3a:91:ab:96:3e:d4:57:e3:71:57:5f:9d:04:
f9:38:e1:9e:c4:2c:5d:f0:29:87:f0:b2:36:19:16:
b8:57:e9:ed:ea:56:f5:45:32:c4:b1:86:99:de:a7:
2f:44:74:8e:e7:be:15:ae:b2:1f:5b:fe:82:03:8c:
4d:fe:96:33:cb:1d:62:e1:09:27:33:90:30:6f:5f:
21:f6:94:e1:67:7d:28:9a:40:60:45:62:43:ce:27:
d6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2F:34:1D:86:09:48:DE:F0:B0:5D:DB:7F:9F:34:DC:61:B3:1A:60
X509v3 Authority Key Identifier:
keyid:53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/ZS80HYYJSN7wsF3bf5803GGzGmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:868::/48
Signature Algorithm: sha256WithRSAEncryption
31:1f:32:2e:54:03:dd:a7:03:3e:52:b8:3a:ce:a8:0e:d4:6a:
61:cc:25:52:46:09:00:5b:9a:cd:8c:3d:fe:28:c5:49:a0:51:
ad:70:55:fe:20:c2:33:2f:13:ce:f3:0e:f2:6d:4e:39:1e:de:
5b:10:4f:90:ff:7c:c1:87:9f:ca:aa:e1:ea:dc:47:5b:58:4d:
a5:93:16:29:6b:e1:38:7c:66:08:03:07:ad:c8:88:ec:f0:e1:
8c:2d:72:11:09:14:e2:40:97:5a:83:0a:c8:10:ba:07:44:01:
19:72:48:43:35:8d:d3:56:26:ee:38:dd:02:be:e9:d5:51:7e:
3d:9e:89:09:1a:69:f2:2d:b5:25:9c:50:8d:81:7f:0b:ae:43:
a5:bc:7f:84:92:fe:05:14:0f:ae:3b:85:98:94:39:47:a3:dd:
81:ba:d9:14:e5:1f:bc:95:1e:cf:2f:f8:eb:6e:42:e4:26:cb:
33:6e:15:81:7b:ab:c5:11:91:a1:b8:d0:af:7e:0b:38:38:ef:
14:53:38:7c:96:0b:d5:82:d8:37:b7:95:82:35:a0:1f:de:47:
29:95:d4:ff:50:18:b2:05:ff:df:34:b3:eb:0f:78:00:56:9b:
99:dd:51:fd:e0:ec:6f:a9:ef:81:37:82:33:8f:10:fb:fc:67:
cd:12:6d:38
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrkzleOjUx2e1S548JTOHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzODU1YzhlY2U5YmQ2ZjhlMzk0MDIwMjIxMmNlMDliMDVm
NWY4YTAwHhcNMjMwMTAxMDQyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJmMzQxZDg2MDk0OGRlZjBiMDVkZGI3ZjlmMzRkYzYxYjMxYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOHuReIVS3N5YBi6N/xBA42LeQ+S
I8VjTXCKnlUwKUs2vv7yGO0UzKVtV+gn95u8HAIb9Hn6e+7QFOpMkZWbSxImbkzE
GvsVQFFLn6O0xEjBjHMXRZyyhU5s3p0+UDByt3Zqz03pD4t37I1bxSb5/Bai423L
TzR2wqF0fvSI3L1curW+8tnJoKZXQ23Iffj7So8tzcE5+vXQq5jIt5XR6qWlMZqC
9TqRq5Y+1FfjcVdfnQT5OOGexCxd8CmH8LI2GRa4V+nt6lb1RTLEsYaZ3qcvRHSO
574VrrIfW/6CA4xN/pYzyx1i4QknM5Awb18h9pThZ30omkBgRWJDzifWKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGUvNB2GCUje8LBd23+fNNxhsxpgMB8GA1UdIwQY
MBaAFFOFXI7Om9b445QCAiEs4JsF9figMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRWY2pzNmIxdmpqbEFJQ0lTemdtd1gxLUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MzM2YjAtY2JlNC00ZGEyLTg0MWIt
MWNlZmQxZmExMGE2LzEvWlM4MEhZWUpTTjd3c0YzYmY1ODAzR0d6R21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MzM2YjAtY2JlNC00ZGEyLTg0MWItMWNlZmQxZmExMGE2
LzEvVTRWY2pzNmIxdmpqbEFJQ0lTemdtd1gxLUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAho
MA0GCSqGSIb3DQEBCwUAA4IBAQAxHzIuVAPdpwM+Urg6zqgO1GphzCVSRgkAW5rN
jD3+KMVJoFGtcFX+IMIzLxPO8w7ybU45Ht5bEE+Q/3zBh5/KquHq3EdbWE2lkxYp
a+E4fGYIAwetyIjs8OGMLXIRCRTiQJdagwrIELoHRAEZckhDNY3TVibuON0CvunV
UX49nokJGmnyLbUlnFCNgX8LrkOlvH+Ekv4FFA+uO4WYlDlHo92ButkU5R+8lR7P
L/jrbkLkJsszbhWBe6vFEZGhuNCvfgs4OO8UUzh8lgvVgtg3t5WCNaAf3kcpldT/
UBiyBf/fNLPrD3gAVpuZ3VH94Oxvqe+BN4IzjxD7/GfNEm04
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:46 2025 by rpki-client