Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/1-zaPe9ZyhMctwa3dxgeMfltlo28.roa
File: 1-zaPe9ZyhMctwa3dxgeMfltlo28.roa (raw, json)
Hash identifier: Iw6tod4begx+xp9EzHq8JbnJ/ShXUsmrka9aL0dH5V0=
Subject key identifier: FB:36:8F:7B:D6:72:84:C7:2D:C1:AD:DD:C6:07:8C:7E:5B:65:A3:6F
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 018C2EC075E2D7A76F74CA5C86DE18F5099A
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/1-zaPe9ZyhMctwa3dxgeMfltlo28.roa
Signing time: Sun 03 Dec 2023 08:16:54 +0000
ROA not before: Sun 03 Dec 2023 08:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212330
IP address blocks: 188.72.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2e:c0:75:e2:d7:a7:6f:74:ca:5c:86:de:18:f5:09:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Dec 3 08:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb368f7bd67284c72dc1adddc6078c7e5b65a36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:70:07:ce:5a:35:42:24:32:c4:c1:a2:77:f9:
be:47:d0:78:7b:74:49:72:45:1e:e3:6a:e7:c0:14:
ee:9c:79:9d:e9:6d:5c:5d:fd:31:b7:94:8f:bb:9f:
47:b6:7f:9c:f7:60:1b:d6:a5:63:6a:53:4f:94:98:
81:f4:16:1f:a0:92:de:4b:08:3f:c7:1f:d2:15:b0:
3b:4e:15:56:67:51:b1:c3:08:95:8d:5e:1b:0e:eb:
32:48:d2:0f:f9:0e:4d:8e:8d:b0:77:cc:41:c9:9a:
fb:53:16:2a:a1:7b:48:3b:f3:41:42:0e:90:83:e8:
5d:d5:e5:35:cf:8f:cf:52:25:dc:9a:ee:e3:b6:c2:
d9:22:c0:d4:40:ba:ac:11:63:91:ff:1e:55:bb:c9:
80:81:af:97:77:d6:2f:d3:db:08:a5:e6:15:49:b5:
02:1b:f9:fe:76:52:db:97:0d:a6:bb:5c:54:ea:aa:
f8:8b:c4:a4:0b:0c:54:26:16:1f:e4:01:83:19:43:
99:38:96:44:bd:15:77:25:de:72:0c:cc:c7:07:d6:
22:13:fc:07:d5:dc:5a:39:17:26:ae:ab:35:61:95:
04:ee:f8:52:53:5a:e3:fb:01:d3:e5:68:64:6c:a9:
7c:33:b9:ba:5b:c7:eb:42:4b:47:04:ab:58:a1:b9:
8e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:36:8F:7B:D6:72:84:C7:2D:C1:AD:DD:C6:07:8C:7E:5B:65:A3:6F
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/1-zaPe9ZyhMctwa3dxgeMfltlo28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.1.0/24
Signature Algorithm: sha256WithRSAEncryption
e0:1d:7c:b0:2c:83:31:05:20:51:f0:a4:49:d7:9e:d7:08:f3:
83:79:4e:cb:a1:12:d0:60:3c:06:31:37:29:66:d0:02:dc:11:
21:bb:4f:21:99:68:e0:4a:09:c0:90:9b:84:3d:35:ee:7e:4c:
b7:50:3b:55:4e:63:49:86:11:7d:60:22:62:4f:b7:ad:b6:47:
59:04:8f:f5:e5:6d:59:8b:1d:e5:0c:18:57:f8:79:45:ea:87:
ef:14:39:f8:21:75:e5:a0:18:50:21:ab:0e:61:20:67:f9:75:
7e:2c:8a:f6:93:e2:04:a1:f7:5b:5c:c4:af:5a:d4:f7:93:ec:
8e:83:92:df:be:05:1d:c8:f8:b2:c9:99:5c:1f:38:1e:2e:52:
c9:85:b1:fe:03:15:6d:9d:70:fe:55:b6:5d:fa:4d:2f:da:72:
8a:6b:54:dc:b2:22:b9:cf:39:28:80:6f:4c:e2:22:f1:f8:96:
5a:04:6c:6d:bb:b5:75:e4:f0:a0:5e:02:ad:83:8e:52:af:1a:
df:35:86:1d:ed:20:10:f4:53:db:95:00:4f:d7:81:e2:f2:d8:
49:dd:f7:e4:53:ab:ee:be:eb:85:54:6c:7c:71:9c:d3:f4:19:
c4:1d:68:ed:f8:16:b1:b4:0d:56:f9:a4:bc:26:10:4f:32:81:
6f:3c:1d:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwuwHXi16dvdMpcht4Y9QmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMxMjAzMDgxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjM2OGY3YmQ2NzI4NGM3MmRjMWFkZGRjNjA3OGM3ZTViNjVhMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3AHzlo1QiQyxMGid/m+R9B4e3RJ
ckUe42rnwBTunHmd6W1cXf0xt5SPu59Htn+c92Ab1qVjalNPlJiB9BYfoJLeSwg/
xx/SFbA7ThVWZ1GxwwiVjV4bDusySNIP+Q5Njo2wd8xByZr7UxYqoXtIO/NBQg6Q
g+hd1eU1z4/PUiXcmu7jtsLZIsDUQLqsEWOR/x5Vu8mAga+Xd9Yv09sIpeYVSbUC
G/n+dlLblw2mu1xU6qr4i8SkCwxUJhYf5AGDGUOZOJZEvRV3Jd5yDMzHB9YiE/wH
1dxaORcmrqs1YZUE7vhSU1rj+wHT5WhkbKl8M7m6W8frQktHBKtYobmOKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPs2j3vWcoTHLcGt3cYHjH5bZaNvMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvMS16YVBlOVp5aE1jdHdhM2R4Z2VNZmx0bG8yOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2MvMDU1NGEyLWQzZDktNGZjNC04ZWQ1LWRlOTE0NjlkMzc3
Mi8xL0RGRkFLQ1dSLVpFdmxqbnVGQksyMGR6X0NHRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxIATAN
BgkqhkiG9w0BAQsFAAOCAQEA4B18sCyDMQUgUfCkSdee1wjzg3lOy6ES0GA8BjE3
KWbQAtwRIbtPIZlo4EoJwJCbhD017n5Mt1A7VU5jSYYRfWAiYk+3rbZHWQSP9eVt
WYsd5QwYV/h5ReqH7xQ5+CF15aAYUCGrDmEgZ/l1fiyK9pPiBKH3W1zEr1rU95Ps
joOS374FHcj4ssmZXB84Hi5SyYWx/gMVbZ1w/lW2XfpNL9pyimtU3LIiuc85KIBv
TOIi8fiWWgRsbbu1deTwoF4CrYOOUq8a3zWGHe0gEPRT25UAT9eB4vLYSd335FOr
7r7rhVRsfHGc0/QZxB1o7fgWsbQNVvmkvCYQTzKBbzwdPw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:23:18 2025 by rpki-client