Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/zX4KzQW5vaHt9cvbbTpiyYYzCeU.roa
File: zX4KzQW5vaHt9cvbbTpiyYYzCeU.roa (raw, json)
Hash identifier: U6EtusaH0Z/kQat8tqVggndHF0hKFNgt3cjnD5lgqGU=
Subject key identifier: CD:7E:0A:CD:05:B9:BD:A1:ED:F5:CB:DB:6D:3A:62:C9:86:33:09:E5
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 01891B94E6504D88EC02381A29D779574DBA
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/zX4KzQW5vaHt9cvbbTpiyYYzCeU.roa
Signing time: Mon 03 Jul 2023 11:48:10 +0000
ROA not before: Mon 03 Jul 2023 11:48:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 92.42.22.0/24 maxlen: 24
92.42.23.0/24 maxlen: 24
92.42.21.0/24 maxlen: 24
92.42.20.0/24 maxlen: 24
194.50.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:94:e6:50:4d:88:ec:02:38:1a:29:d7:79:57:4d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jul 3 11:48:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd7e0acd05b9bda1edf5cbdb6d3a62c9863309e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:79:21:67:b8:c7:22:5b:14:ab:6d:dc:65:9c:
04:ca:8b:fa:ba:9c:eb:ed:51:e5:ba:a9:bb:10:b7:
ed:d4:43:45:27:e0:f0:ee:ee:ef:d6:0d:8f:3c:83:
31:e5:2c:a9:72:e6:f4:14:47:71:d4:3e:f2:c9:a0:
05:a9:a6:31:b2:e9:c0:24:45:bc:7e:9f:56:ea:5d:
21:24:8a:33:52:fa:72:f9:a9:ff:93:0e:d1:df:10:
79:d4:58:46:0f:79:10:fb:3b:1a:5a:05:22:33:af:
97:3e:17:8b:cf:01:dd:1e:81:a6:5f:92:aa:61:f3:
4a:39:6c:a2:2d:11:bb:79:3f:19:19:e3:bb:7c:86:
81:3c:32:10:fd:4b:88:1e:bc:c6:c0:54:6f:c0:a2:
99:96:90:e7:bc:a8:20:7e:cb:bb:3e:ff:3b:a5:4d:
1d:2a:c0:0a:0f:f6:f9:6b:c4:09:88:da:d3:e5:72:
c7:a8:e2:df:6f:7c:ca:53:71:39:74:34:88:67:4c:
b8:1b:0b:d8:96:16:fc:1b:d7:e9:8c:08:39:05:5f:
87:c5:bd:52:e5:0d:23:98:23:c1:41:4e:dc:9f:ff:
b6:77:95:38:ea:86:b1:77:83:05:8c:5f:0c:85:23:
7c:95:85:27:4e:51:8d:c0:02:ca:7f:2c:0b:a9:31:
18:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7E:0A:CD:05:B9:BD:A1:ED:F5:CB:DB:6D:3A:62:C9:86:33:09:E5
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/zX4KzQW5vaHt9cvbbTpiyYYzCeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.20.0/22
194.50.59.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f5:96:82:6c:c4:97:f3:8d:8b:49:03:a4:f7:f7:11:71:15:
62:a3:8f:46:81:6f:3f:38:04:95:81:68:a2:b4:99:9c:e5:59:
ac:e5:02:45:5f:3e:da:e4:7f:31:19:24:1b:b1:33:de:c9:f4:
62:39:08:70:bb:20:ad:59:3f:de:a4:09:53:fb:eb:00:14:fd:
d0:08:e1:6e:be:ef:47:4b:5b:04:9f:e6:4c:b0:5d:ce:c1:e9:
a8:16:43:fa:1f:08:aa:26:94:ba:6a:cd:e7:d1:b7:ab:12:ba:
82:e2:5d:17:8e:40:50:85:78:f9:69:1a:10:14:c8:d4:a9:af:
79:1f:d5:3c:bf:ea:a5:97:0a:d4:2c:ba:86:60:97:b0:39:97:
ca:a6:d3:23:44:5e:32:af:ae:ed:d7:19:48:d9:72:2b:a9:7a:
d6:8d:19:04:55:f9:7f:12:00:93:34:16:8f:63:fe:2f:57:2c:
b6:c0:6c:93:7e:ce:18:82:b7:dd:8e:e5:d4:f7:c2:f6:8b:bc:
93:7b:e6:4c:e1:5f:63:39:da:b4:ff:f3:89:10:45:95:cf:1c:
11:fd:fa:0e:a7:66:ed:c8:0c:79:97:16:62:fe:27:e9:cc:f8:
1a:5b:0f:cd:c0:08:63:05:47:d4:3b:06:02:13:70:ae:94:5d:
99:e1:1b:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkblOZQTYjsAjgaKdd5V026MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMwNzAzMTE0ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdlMGFjZDA1YjliZGExZWRmNWNiZGI2ZDNhNjJjOTg2MzMwOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23khZ7jHIlsUq23cZZwEyov6upzr
7VHluqm7ELft1ENFJ+Dw7u7v1g2PPIMx5Sypcub0FEdx1D7yyaAFqaYxsunAJEW8
fp9W6l0hJIozUvpy+an/kw7R3xB51FhGD3kQ+zsaWgUiM6+XPheLzwHdHoGmX5Kq
YfNKOWyiLRG7eT8ZGeO7fIaBPDIQ/UuIHrzGwFRvwKKZlpDnvKggfsu7Pv87pU0d
KsAKD/b5a8QJiNrT5XLHqOLfb3zKU3E5dDSIZ0y4GwvYlhb8G9fpjAg5BV+Hxb1S
5Q0jmCPBQU7cn/+2d5U46oaxd4MFjF8MhSN8lYUnTlGNwALKfywLqTEYYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM1+Cs0Fub2h7fXL2206YsmGMwnlMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvelg0S3pRVzV2YUh0OWN2YmJUcGl5WVl6Q2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXCoUAwQA
wjI7MA0GCSqGSIb3DQEBCwUAA4IBAQB29ZaCbMSX842LSQOk9/cRcRVio49GgW8/
OASVgWiitJmc5Vms5QJFXz7a5H8xGSQbsTPeyfRiOQhwuyCtWT/epAlT++sAFP3Q
COFuvu9HS1sEn+ZMsF3OwemoFkP6HwiqJpS6as3n0berErqC4l0XjkBQhXj5aRoQ
FMjUqa95H9U8v+qllwrULLqGYJewOZfKptMjRF4yr67t1xlI2XIrqXrWjRkEVfl/
EgCTNBaPY/4vVyy2wGyTfs4YgrfdjuXU98L2i7yTe+ZM4V9jOdq0//OJEEWVzxwR
/foOp2btyAx5lxZi/ifpzPgaWw/NwAhjBUfUOwYCE3CulF2Z4Rur
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:24 2025 by rpki-client