Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/ZBrnBH_pi9FI2YQLXRIGhI7rMgU.roa
File: ZBrnBH_pi9FI2YQLXRIGhI7rMgU.roa (raw, json)
Hash identifier: MnHaEmJ13qk4hp78+JE0qRVGvJWw7NCmcMqba7BP2co=
Subject key identifier: 64:1A:E7:04:7F:E9:8B:D1:48:D9:84:0B:5D:12:06:84:8E:EB:32:05
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 01856D8AB1D8B17FD12D6FB347356CD97676
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/ZBrnBH_pi9FI2YQLXRIGhI7rMgU.roa
Signing time: Sun 01 Jan 2023 13:34:43 +0000
ROA not before: Sun 01 Jan 2023 13:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7015
IP address blocks: 206.195.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:b1:d8:b1:7f:d1:2d:6f:b3:47:35:6c:d9:76:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 13:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=641ae7047fe98bd148d9840b5d1206848eeb3205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:67:64:f7:6c:35:0b:99:c3:ce:83:a3:3d:
c0:40:e0:20:d3:be:fe:91:b0:f4:a2:f8:34:db:40:
a7:f6:a9:44:61:0a:45:98:f7:b7:ae:f5:d4:2a:6d:
b3:c2:ec:f2:1f:47:9f:43:1a:46:17:41:57:de:ad:
c9:94:14:b3:39:e9:8b:ae:32:1a:5d:8f:3a:9e:0b:
fe:e1:db:3c:0e:71:20:84:de:62:8e:0f:e3:22:e4:
4e:d0:1b:fa:d3:b8:7b:f1:06:e3:cf:14:1c:69:c5:
e3:de:34:02:eb:45:47:cf:09:53:37:e9:e9:d5:47:
c7:2b:b0:4b:c2:84:3e:ae:ba:e7:9f:a7:8d:e5:6b:
25:35:ec:31:a3:9a:6a:32:e0:a0:cb:be:61:b7:44:
ee:90:d2:4d:de:e8:af:d8:cb:42:08:91:48:fd:89:
75:6b:fd:a8:33:82:10:64:d3:d2:cb:fc:db:03:ec:
10:b3:4d:3f:5b:cb:b6:f2:35:45:a1:25:a8:47:74:
b3:27:78:a4:da:47:a6:d1:32:8e:e2:a2:11:dc:29:
ff:f9:13:46:b1:17:1d:6c:85:4e:2a:4e:e2:e3:3a:
76:cd:6d:46:f5:08:cd:8f:83:43:44:5a:b3:2d:0a:
46:13:42:8f:73:13:52:32:80:d5:3a:6d:72:00:d8:
da:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1A:E7:04:7F:E9:8B:D1:48:D9:84:0B:5D:12:06:84:8E:EB:32:05
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/ZBrnBH_pi9FI2YQLXRIGhI7rMgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.195.52.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d4:6b:0f:8a:85:db:cf:64:4f:0f:4a:4c:5c:7d:fd:47:e5:
8e:1a:2a:2d:e3:18:c5:34:9e:69:68:9d:e2:7b:a3:58:4c:32:
25:9c:62:e4:59:99:5f:57:c5:01:10:19:4a:2f:c2:68:29:c3:
74:fe:f6:72:97:24:9f:79:9c:f3:8b:fe:e6:ac:62:42:b8:78:
ac:21:e0:61:b7:14:8b:d1:89:2b:8a:fb:e4:31:f9:1a:bf:47:
01:ff:5d:63:ee:38:62:cb:b3:5c:cd:17:c1:46:17:86:dd:4a:
12:0a:db:32:3b:15:03:27:5f:fa:90:1e:34:58:22:a5:01:d0:
dd:29:24:90:0f:1c:b3:93:b9:b6:50:a2:f6:1f:7f:9b:ce:44:
77:dc:20:4f:d2:dd:59:60:18:7d:64:20:6f:ce:db:ce:e5:b3:
62:8f:45:d5:a1:eb:99:58:ca:84:ae:3a:c3:b9:42:68:d4:0c:
9b:9d:7c:bf:8f:8e:51:ef:bd:e8:fe:6c:c4:e4:bd:e4:be:fc:
a5:6e:aa:49:94:f0:55:28:d5:b3:71:f6:f3:75:37:b1:c1:91:
41:c5:5a:46:be:56:f5:79:8d:ec:41:a2:11:d5:9d:94:15:15:
0f:58:eb:89:b1:a4:42:13:e5:24:c3:3d:a9:b5:dd:3c:d1:19:
6f:75:00:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtirHYsX/RLW+zRzVs2XZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjIwNjM4Y2ExZDgzNTY1MGUwOGRkY2YzNjNmMTA3ODli
NTMwNTcwHhcNMjMwMTAxMTMzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFhZTcwNDdmZTk4YmQxNDhkOTg0MGI1ZDEyMDY4NDhlZWIzMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhBnZPdsNQuZw86Doz3AQOAg077+
kbD0ovg020Cn9qlEYQpFmPe3rvXUKm2zwuzyH0efQxpGF0FX3q3JlBSzOemLrjIa
XY86ngv+4ds8DnEghN5ijg/jIuRO0Bv607h78QbjzxQcacXj3jQC60VHzwlTN+np
1UfHK7BLwoQ+rrrnn6eN5WslNewxo5pqMuCgy75ht0TukNJN3uiv2MtCCJFI/Yl1
a/2oM4IQZNPSy/zbA+wQs00/W8u28jVFoSWoR3SzJ3ik2kem0TKO4qIR3Cn/+RNG
sRcdbIVOKk7i4zp2zW1G9QjNj4NDRFqzLQpGE0KPcxNSMoDVOm1yANjaWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQa5wR/6YvRSNmEC10SBoSO6zIFMB8GA1UdIwQY
MBaAFJBiBjjKHYNWUOCN3PNj8QeJtTBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMt
YzQzYWM0MjllNTNmLzEvWkJybkJIX3BpOUZJMllRTFhSSUdoSTdyTWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMtYzQzYWM0MjllNTNm
LzEva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzsM0MA0G
CSqGSIb3DQEBCwUAA4IBAQBf1GsPioXbz2RPD0pMXH39R+WOGiot4xjFNJ5paJ3i
e6NYTDIlnGLkWZlfV8UBEBlKL8JoKcN0/vZylySfeZzzi/7mrGJCuHisIeBhtxSL
0YkrivvkMfkav0cB/11j7jhiy7NczRfBRheG3UoSCtsyOxUDJ1/6kB40WCKlAdDd
KSSQDxyzk7m2UKL2H3+bzkR33CBP0t1ZYBh9ZCBvztvO5bNij0XVoeuZWMqErjrD
uUJo1AybnXy/j45R773o/mzE5L3kvvylbqpJlPBVKNWzcfbzdTexwZFBxVpGvlb1
eY3sQaIR1Z2UFRUPWOuJsaRCE+Ukwz2ptd080RlvdQA5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:28 2025 by rpki-client