Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zt3JF6LG0kup8o4uLFIn7wZZ3-o.roa
File: Zt3JF6LG0kup8o4uLFIn7wZZ3-o.roa (raw, json)
Hash identifier: udhuRO9h7kKwphaBhor4GMazZa6CONfizSNWhBQI7pI=
Subject key identifier: 66:DD:C9:17:A2:C6:D2:4B:A9:F2:8E:2E:2C:52:27:EF:06:59:DF:EA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188B5B0827B5BC445947D8264445898947F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zt3JF6LG0kup8o4uLFIn7wZZ3-o.roa
Signing time: Tue 13 Jun 2023 16:57:03 +0000
ROA not before: Tue 13 Jun 2023 16:57:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 194.87.63.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:b0:82:7b:5b:c4:45:94:7d:82:64:44:58:98:94:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 13 16:57:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66ddc917a2c6d24ba9f28e2e2c5227ef0659dfea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:65:f9:2f:2b:71:70:df:96:79:b0:7c:27:30:
8e:d9:a2:36:ae:b5:de:88:14:10:10:a1:ac:a5:63:
ec:bf:d0:b5:fd:17:22:3e:24:76:c4:90:37:fe:05:
63:a7:56:2f:d5:b5:f0:c9:77:3d:4c:86:e0:46:da:
8a:f3:e2:72:ad:fc:45:6d:3f:26:4b:19:52:3f:43:
fe:7f:e0:26:0d:5e:5e:f2:52:7b:4e:f8:7c:e6:46:
66:20:7a:45:f8:16:61:14:98:91:c3:1e:49:6f:67:
78:60:52:47:73:2a:fb:58:16:7b:88:27:7a:37:05:
3e:7f:0c:94:d1:0f:9f:f1:b9:6a:c1:bd:f1:bc:74:
62:86:ec:68:2c:b0:ec:d5:31:f5:2a:d5:21:ba:6a:
d1:59:4c:ae:6a:1a:59:8b:57:72:fb:89:e4:36:57:
d0:c9:87:9e:f0:05:39:a5:73:54:6a:5d:67:78:83:
56:97:a1:d0:f0:f5:42:d7:33:a0:5e:32:fc:a1:38:
5f:9f:16:35:a9:98:0e:6f:f3:3a:3b:01:ba:de:b8:
be:ab:45:9e:53:fc:44:0d:6a:56:a9:bc:ec:d1:49:
ac:d7:43:d5:44:96:c9:e3:2e:39:db:9c:a7:82:cc:
5f:8b:00:65:8d:38:45:66:72:45:7d:ac:bf:b4:d7:
0e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DD:C9:17:A2:C6:D2:4B:A9:F2:8E:2E:2C:52:27:EF:06:59:DF:EA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zt3JF6LG0kup8o4uLFIn7wZZ3-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.63.0/24
195.58.58.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e7:cf:f6:25:60:4a:4f:52:8d:6b:27:08:b6:46:9d:99:4d:
fa:06:f6:51:e9:4e:ff:e1:90:a3:26:f3:3b:a4:aa:a2:47:62:
ac:60:33:ab:cd:97:1f:fe:44:d8:8c:21:99:d3:9a:3c:f5:d9:
08:03:5f:2d:37:26:c1:7f:f1:3b:83:e8:9d:9b:3c:eb:6d:76:
fe:eb:23:e2:25:2e:c2:4f:c7:b4:3a:ed:bb:67:b4:dc:d9:83:
bc:e9:1c:48:ca:f5:b6:ce:c3:0a:7a:48:73:34:17:6e:b5:78:
41:5d:cc:39:6c:54:56:0d:7b:f1:60:27:79:20:ba:f1:08:d6:
e6:88:1e:02:48:4a:ff:8d:f4:90:e4:e3:10:49:aa:c7:ed:fd:
cc:d1:bb:1d:cc:5e:29:14:84:01:67:6b:d8:8f:25:e7:9d:b5:
8d:e0:c6:ff:f5:30:65:50:2e:47:70:d5:9a:12:c9:07:8d:9d:
3e:45:30:18:0c:2b:ae:ed:9b:78:2f:03:ef:b9:b2:11:19:69:
98:09:8a:f2:06:4b:4d:f1:41:f6:84:3d:7e:ac:36:b5:20:90:
ba:96:b5:57:fe:3f:c5:5d:15:4a:27:c0:3c:88:5e:50:71:90:
95:b9:7f:8d:7c:d9:29:35:21:8d:ef:95:93:66:34:ce:aa:81:
52:8d:a6:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi1sIJ7W8RFlH2CZERYmJR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjEzMTY1NzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmRkYzkxN2EyYzZkMjRiYTlmMjhlMmUyYzUyMjdlZjA2NTlkZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGX5LytxcN+WebB8JzCO2aI2rrXe
iBQQEKGspWPsv9C1/RciPiR2xJA3/gVjp1Yv1bXwyXc9TIbgRtqK8+JyrfxFbT8m
SxlSP0P+f+AmDV5e8lJ7Tvh85kZmIHpF+BZhFJiRwx5Jb2d4YFJHcyr7WBZ7iCd6
NwU+fwyU0Q+f8blqwb3xvHRihuxoLLDs1TH1KtUhumrRWUyuahpZi1dy+4nkNlfQ
yYee8AU5pXNUal1neINWl6HQ8PVC1zOgXjL8oThfnxY1qZgOb/M6OwG63ri+q0We
U/xEDWpWqbzs0Ums10PVRJbJ4y4525yngsxfiwBljThFZnJFfay/tNcOjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGbdyReixtJLqfKOLixSJ+8GWd/qMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWnQzSkY2TEcwa3VwOG80dUxGSW43d1paMy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlc/AwQA
wzo6MA0GCSqGSIb3DQEBCwUAA4IBAQB658/2JWBKT1KNaycItkadmU36BvZR6U7/
4ZCjJvM7pKqiR2KsYDOrzZcf/kTYjCGZ05o89dkIA18tNybBf/E7g+idmzzrbXb+
6yPiJS7CT8e0Ou27Z7Tc2YO86RxIyvW2zsMKekhzNBdutXhBXcw5bFRWDXvxYCd5
ILrxCNbmiB4CSEr/jfSQ5OMQSarH7f3M0bsdzF4pFIQBZ2vYjyXnnbWN4Mb/9TBl
UC5HcNWaEskHjZ0+RTAYDCuu7Zt4LwPvubIRGWmYCYryBktN8UH2hD1+rDa1IJC6
lrVX/j/FXRVKJ8A8iF5QcZCVuX+NfNkpNSGN75WTZjTOqoFSjabo
-----END CERTIFICATE-----
Generated at Mon Jun 16 17:42:01 2025 by rpki-client