Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/ZE-O1MbdAmL3sGUETsdzqiV_pfc.roa
File: ZE-O1MbdAmL3sGUETsdzqiV_pfc.roa (raw, json)
Hash identifier: NZnmp29bMoCwzTjl4iBkz1hpf+DvklhVnWG/pkpX6wI=
Subject key identifier: 64:4F:8E:D4:C6:DD:02:62:F7:B0:65:04:4E:C7:73:AA:25:7F:A5:F7
Certificate issuer: /CN=427a2670508b945123beecbf13145ffbd7bfcde4
Certificate serial: 018A938FD028AEC7EA7CC9960E1B62E57CFE
Authority key identifier: 42:7A:26:70:50:8B:94:51:23:BE:EC:BF:13:14:5F:FB:D7:BF:CD:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QnomcFCLlFEjvuy_ExRf-9e_zeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/ZE-O1MbdAmL3sGUETsdzqiV_pfc.roa
Signing time: Thu 14 Sep 2023 11:59:50 +0000
ROA not before: Thu 14 Sep 2023 11:59:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48199
IP address blocks: 212.42.48.0/24 maxlen: 24
212.42.56.0/22 maxlen: 22
212.42.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:8f:d0:28:ae:c7:ea:7c:c9:96:0e:1b:62:e5:7c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427a2670508b945123beecbf13145ffbd7bfcde4
Validity
Not Before: Sep 14 11:59:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=644f8ed4c6dd0262f7b065044ec773aa257fa5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1d:96:b6:92:0d:8c:a5:88:b4:f4:63:f2:e3:
26:8a:e3:f9:f8:4b:35:df:ea:91:4b:bd:0d:ae:0f:
c9:c4:0f:1c:07:16:f7:74:ed:ea:91:67:f6:1a:dc:
24:33:21:ea:51:11:41:dc:15:84:9c:ca:01:31:d1:
45:fb:bd:2a:82:5c:ab:a0:48:e7:0c:ca:49:2f:62:
22:56:30:2a:c5:e9:d6:d8:3d:08:79:c1:ed:19:3f:
d6:94:78:c4:2c:43:bf:c9:d6:62:68:30:a3:b8:ce:
f7:8a:e8:90:34:ec:7a:6a:31:0d:11:6c:0b:40:36:
78:9c:54:c6:38:4c:44:df:d2:dc:ea:47:e6:57:56:
bb:3b:6c:e7:b0:b4:0f:3f:d8:3b:2b:ae:33:ff:83:
33:f8:f7:1c:e7:6a:82:c8:fe:99:5b:4d:ea:1f:b2:
19:f1:fc:c8:10:ca:61:66:1b:8c:2e:b5:a5:b4:b0:
5f:b4:a8:f8:49:42:c4:56:62:9e:e3:7c:18:c5:45:
f7:59:94:66:6b:8e:9a:0d:06:9f:62:d7:97:40:93:
1b:4f:52:3b:5d:6d:d9:1a:3c:43:8b:22:68:e1:83:
3a:f5:1a:3d:06:e4:c3:c6:c1:fe:fe:4f:9c:69:98:
42:e9:9e:31:5f:5c:11:53:84:b6:cc:5e:c7:e8:96:
8f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:4F:8E:D4:C6:DD:02:62:F7:B0:65:04:4E:C7:73:AA:25:7F:A5:F7
X509v3 Authority Key Identifier:
keyid:42:7A:26:70:50:8B:94:51:23:BE:EC:BF:13:14:5F:FB:D7:BF:CD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnomcFCLlFEjvuy_ExRf-9e_zeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/ZE-O1MbdAmL3sGUETsdzqiV_pfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ec2e08-f63a-4bd7-b864-06b3cea492ee/1/QnomcFCLlFEjvuy_ExRf-9e_zeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.42.48.0/24
212.42.52.0/24
212.42.56.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:79:57:38:2f:b3:a5:cb:2b:97:19:0e:e1:c3:c4:06:c1:c9:
16:90:98:9c:07:96:60:96:4a:c7:83:e5:0f:08:ac:ac:29:18:
e1:2a:1d:ff:56:f7:9c:6f:c1:80:bc:e3:07:45:ee:19:79:17:
32:26:d6:20:7c:2e:4c:6d:6c:98:35:ec:2b:3b:79:a0:45:98:
63:a0:18:c5:e2:4c:16:2a:79:04:31:58:76:95:19:14:62:c6:
79:4c:53:5c:34:22:25:92:f7:e6:9c:f0:47:cc:4e:78:14:93:
d1:87:ad:89:e6:cd:f1:61:5d:1b:b7:b5:cb:bd:03:e7:52:60:
67:78:ae:8f:f2:a7:82:08:30:2c:39:c3:09:1c:d4:d4:9b:14:
19:87:ec:15:a4:14:2b:e0:1b:aa:f5:50:0f:eb:72:fe:69:0c:
e5:76:ac:10:9f:de:2a:89:7a:a8:b6:5b:e1:74:d9:9f:d8:6c:
86:e4:b5:42:0e:fc:9b:da:94:e6:8b:14:d9:dd:26:fb:9e:c3:
b3:07:95:0b:05:57:f0:37:bb:51:b8:31:70:f7:88:d8:c1:4c:
c0:cd:83:b9:49:a0:e5:f5:a3:25:77:84:d3:83:10:f6:9e:d1:
31:ec:83:91:08:b5:0a:f5:e3:3d:04:74:3b:28:d4:08:07:1b:
46:39:a8:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqTj9AorsfqfMmWDhti5Xz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2EyNjcwNTA4Yjk0NTEyM2JlZWNiZjEzMTQ1ZmZiZDdi
ZmNkZTQwHhcNMjMwOTE0MTE1OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDRmOGVkNGM2ZGQwMjYyZjdiMDY1MDQ0ZWM3NzNhYTI1N2ZhNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx2WtpINjKWItPRj8uMmiuP5+Es1
3+qRS70Nrg/JxA8cBxb3dO3qkWf2GtwkMyHqURFB3BWEnMoBMdFF+70qglyroEjn
DMpJL2IiVjAqxenW2D0IecHtGT/WlHjELEO/ydZiaDCjuM73iuiQNOx6ajENEWwL
QDZ4nFTGOExE39Lc6kfmV1a7O2znsLQPP9g7K64z/4Mz+Pcc52qCyP6ZW03qH7IZ
8fzIEMphZhuMLrWltLBftKj4SULEVmKe43wYxUX3WZRma46aDQafYteXQJMbT1I7
XW3ZGjxDiyJo4YM69Ro9BuTDxsH+/k+caZhC6Z4xX1wRU4S2zF7H6JaPrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGRPjtTG3QJi97BlBE7Hc6olf6X3MB8GA1UdIwQY
MBaAFEJ6JnBQi5RRI77svxMUX/vXv83kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5vbWNGQ0xsRkVqdnV5X0V4UmYtOWVfemVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lYzJlMDgtZjYzYS00YmQ3LWI4NjQt
MDZiM2NlYTQ5MmVlLzEvWkUtTzFNYmRBbUwzc0dVRVRzZHpxaVZfcGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lYzJlMDgtZjYzYS00YmQ3LWI4NjQtMDZiM2NlYTQ5MmVl
LzEvUW5vbWNGQ0xsRkVqdnV5X0V4UmYtOWVfemVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1CowAwQA
1Co0AwQC1Co4MA0GCSqGSIb3DQEBCwUAA4IBAQCPeVc4L7OlyyuXGQ7hw8QGwckW
kJicB5ZglkrHg+UPCKysKRjhKh3/Vvecb8GAvOMHRe4ZeRcyJtYgfC5MbWyYNewr
O3mgRZhjoBjF4kwWKnkEMVh2lRkUYsZ5TFNcNCIlkvfmnPBHzE54FJPRh62J5s3x
YV0bt7XLvQPnUmBneK6P8qeCCDAsOcMJHNTUmxQZh+wVpBQr4Buq9VAP63L+aQzl
dqwQn94qiXqotlvhdNmf2GyG5LVCDvyb2pTmixTZ3Sb7nsOzB5ULBVfwN7tRuDFw
94jYwUzAzYO5SaDl9aMld4TTgxD2ntEx7IORCLUK9eM9BHQ7KNQIBxtGOajC
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:35:24 2025 by rpki-client