Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/zTnFL26uhLnfbCtKXUaYKReJD-I.roa
File: zTnFL26uhLnfbCtKXUaYKReJD-I.roa (raw, json)
Hash identifier: 8bhTOVbYnQ8EmdLTCyznyjcvIbXCMk7g6xhu3L4DZ9U=
Subject key identifier: CD:39:C5:2F:6E:AE:84:B9:DF:6C:2B:4A:5D:46:98:29:17:89:0F:E2
Certificate issuer: /CN=07f2a175be20108641c649553213f212511667a5
Certificate serial: 01856F824E10FA4096EEFC2FE39DBE2E60C7
Authority key identifier: 07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/zTnFL26uhLnfbCtKXUaYKReJD-I.roa
Signing time: Sun 01 Jan 2023 22:44:48 +0000
ROA not before: Sun 01 Jan 2023 22:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 185.166.232.0/23 maxlen: 24
185.166.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4e:10:fa:40:96:ee:fc:2f:e3:9d:be:2e:60:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f2a175be20108641c649553213f212511667a5
Validity
Not Before: Jan 1 22:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd39c52f6eae84b9df6c2b4a5d46982917890fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:e5:d4:d0:13:85:4e:7b:27:67:66:ac:6b:
0a:eb:5d:62:e0:aa:8a:b9:33:37:db:89:7f:3a:da:
14:3e:e2:d8:76:8c:d9:06:2b:80:38:d9:29:5e:c8:
d3:f1:93:2d:25:6c:f9:c7:36:3a:c9:73:06:a7:4c:
1b:88:a8:ee:20:2d:2f:cc:08:01:74:2f:71:17:23:
5f:95:97:e0:61:89:90:12:f8:0b:71:b9:bc:20:8e:
4d:1f:e5:b1:a4:55:89:35:5e:b0:e1:21:56:65:c5:
1f:15:a9:ec:b0:2d:ea:fc:6f:8e:59:a7:17:79:58:
58:61:6f:b5:5b:bb:42:50:ab:e2:29:ec:7d:74:7a:
d7:63:40:2d:05:a3:30:85:16:e2:05:1f:15:33:1f:
ab:09:9f:d8:88:c1:ed:b4:52:2f:cd:aa:e9:90:ae:
f6:67:4e:8d:07:a1:e7:92:91:4b:c9:53:0d:74:fa:
d6:96:21:e9:66:32:4a:f7:95:1f:83:28:31:1f:e0:
d7:87:77:ba:df:1e:74:a1:80:7e:bf:55:2b:03:67:
5a:98:1d:d6:1d:5a:1b:4c:71:9a:6f:ce:3d:67:87:
a4:85:ff:c5:1b:17:f1:eb:0a:0b:e6:5f:eb:32:0c:
b6:5f:ec:3d:9a:f3:ce:20:86:fa:d7:ae:80:b3:62:
7b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:39:C5:2F:6E:AE:84:B9:DF:6C:2B:4A:5D:46:98:29:17:89:0F:E2
X509v3 Authority Key Identifier:
keyid:07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/zTnFL26uhLnfbCtKXUaYKReJD-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.232.0/23
185.166.235.0/24
Signature Algorithm: sha256WithRSAEncryption
44:7a:a5:fc:1c:49:22:99:b2:f3:60:a8:a8:1e:44:da:0a:a0:
24:20:d9:f6:d8:32:4d:f5:59:f8:7c:bb:05:ba:64:f5:70:18:
6a:cd:97:3f:9c:ee:c7:fc:0d:6d:76:06:26:87:a8:93:a2:40:
6e:da:d6:13:31:93:ea:eb:e7:6d:69:15:81:15:56:70:76:47:
e3:35:e8:85:12:b5:11:b2:96:40:9d:2e:8a:bd:8e:d0:70:27:
a3:dc:99:b2:64:85:af:b2:35:3d:9f:a0:96:02:49:5d:c3:7f:
52:a7:dc:7e:89:ea:9f:88:e8:cd:49:25:fa:1e:3a:9f:09:65:
be:d0:d7:39:a3:3f:8f:66:63:7f:0b:5c:55:40:00:ae:5e:9f:
72:82:6b:32:df:1f:61:c2:a6:a5:02:fa:15:16:1e:73:55:bc:
3e:23:65:5b:ed:f3:23:25:19:81:49:ac:2b:bd:01:29:2f:5c:
12:79:9e:d7:5e:c0:2e:93:25:7a:e3:4d:a6:c9:7a:2c:3c:a5:
50:f8:15:c9:f6:7f:a6:c9:b3:5e:3c:a8:23:a5:e3:ad:41:04:
6c:fd:b9:fc:3f:92:2a:02:44:10:04:1c:78:db:8e:83:3d:be:
7c:8b:5b:47:ba:b5:ca:78:0b:0c:5a:04:ec:8e:fb:79:cc:cb:
1a:e6:cb:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvgk4Q+kCW7vwv452+LmDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjJhMTc1YmUyMDEwODY0MWM2NDk1NTMyMTNmMjEyNTEx
NjY3YTUwHhcNMjMwMTAxMjI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDM5YzUyZjZlYWU4NGI5ZGY2YzJiNGE1ZDQ2OTgyOTE3ODkwZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl17l1NAThU57J2dmrGsK611i4KqK
uTM324l/OtoUPuLYdozZBiuAONkpXsjT8ZMtJWz5xzY6yXMGp0wbiKjuIC0vzAgB
dC9xFyNflZfgYYmQEvgLcbm8II5NH+WxpFWJNV6w4SFWZcUfFanssC3q/G+OWacX
eVhYYW+1W7tCUKviKex9dHrXY0AtBaMwhRbiBR8VMx+rCZ/YiMHttFIvzarpkK72
Z06NB6HnkpFLyVMNdPrWliHpZjJK95UfgygxH+DXh3e63x50oYB+v1UrA2damB3W
HVobTHGab849Z4ekhf/FGxfx6woL5l/rMgy2X+w9mvPOIIb6166As2J79wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM05xS9uroS532wrSl1GmCkXiQ/iMB8GA1UdIwQY
MBaAFAfyoXW+IBCGQcZJVTIT8hJRFmelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGIt
Mzc2NDI2ZmZkNjYyLzEvelRuRkwyNnVoTG5mYkN0S1hVYVlLUmVKRC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGItMzc2NDI2ZmZkNjYy
LzEvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaboAwQA
uabrMA0GCSqGSIb3DQEBCwUAA4IBAQBEeqX8HEkimbLzYKioHkTaCqAkINn22DJN
9Vn4fLsFumT1cBhqzZc/nO7H/A1tdgYmh6iTokBu2tYTMZPq6+dtaRWBFVZwdkfj
NeiFErURspZAnS6KvY7QcCej3JmyZIWvsjU9n6CWAkldw39Sp9x+ieqfiOjNSSX6
HjqfCWW+0Nc5oz+PZmN/C1xVQACuXp9ygmsy3x9hwqalAvoVFh5zVbw+I2Vb7fMj
JRmBSawrvQEpL1wSeZ7XXsAukyV6402myXosPKVQ+BXJ9n+mybNePKgjpeOtQQRs
/bn8P5IqAkQQBBx4246DPb58i1tHurXKeAsMWgTsjvt5zMsa5sse
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:21 2025 by rpki-client