Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZldZedHU0AxgvlU4PBYieK9PKt0.roa
File: ZldZedHU0AxgvlU4PBYieK9PKt0.roa (raw, json)
Hash identifier: mlBzxa8o5CNV6wnq5vUfO9LBNwCYDcVgyDRtPx8aF3M=
Subject key identifier: 66:57:59:79:D1:D4:D0:0C:60:BE:55:38:3C:16:22:78:AF:4F:2A:DD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB03459905B9C4742211002B52F5E9
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZldZedHU0AxgvlU4PBYieK9PKt0.roa
Signing time: Sun 01 Jan 2023 10:05:22 +0000
ROA not before: Sun 01 Jan 2023 10:05:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200606
IP address blocks: 194.14.135.0/24 maxlen: 24
193.235.51.0/24 maxlen: 24
192.36.31.0/24 maxlen: 24
194.71.245.0/24 maxlen: 24
194.103.43.0/24 maxlen: 24
192.165.131.0/24 maxlen: 24
193.182.110.0/24 maxlen: 24
193.234.77.0/24 maxlen: 24
192.121.226.0/24 maxlen: 24
193.234.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:03:45:99:05:b9:c4:74:22:11:00:2b:52:f5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66575979d1d4d00c60be55383c162278af4f2add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dc:ab:fa:78:08:9a:20:3a:07:08:4f:a2:57:
4b:3b:fc:92:30:69:49:ac:98:30:37:1a:43:81:da:
5e:8f:29:8a:96:7f:34:00:24:36:6f:df:db:d1:04:
7c:0e:83:7a:cc:a1:c5:47:ca:fe:93:5e:62:f3:51:
23:90:70:7a:66:98:ed:60:d3:b9:7d:41:f3:6f:83:
fe:df:38:1d:6f:ad:cd:30:dc:67:03:1d:ed:25:a2:
b0:21:f0:0c:15:3d:8d:3f:4e:cb:c4:ad:88:b1:9b:
45:5d:5f:d0:35:64:bd:53:19:46:f7:1a:2c:a3:23:
66:03:7e:52:6d:66:72:e0:47:27:13:51:bc:62:e7:
5f:47:52:15:f5:0e:df:48:29:a6:7b:ba:25:b4:83:
86:e3:6c:23:33:d9:48:17:da:33:48:25:67:59:26:
13:4b:9f:28:10:4d:84:23:c2:1a:03:61:44:02:fe:
6f:b8:b5:89:c6:25:d1:6c:8c:9a:41:58:db:a1:f6:
06:75:78:e1:eb:ab:33:a7:0b:e0:48:4b:64:7f:34:
c9:47:95:70:ff:8a:f1:c5:f8:89:73:75:8d:8e:bd:
3a:ce:82:ee:34:7e:e2:6b:a9:72:1c:6a:2a:4d:2e:
cf:d7:bc:5e:e5:b9:44:c9:44:e9:84:88:10:d7:18:
86:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:57:59:79:D1:D4:D0:0C:60:BE:55:38:3C:16:22:78:AF:4F:2A:DD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZldZedHU0AxgvlU4PBYieK9PKt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.31.0/24
192.121.226.0/24
192.165.131.0/24
193.182.110.0/24
193.234.76.0/23
193.235.51.0/24
194.14.135.0/24
194.71.245.0/24
194.103.43.0/24
Signature Algorithm: sha256WithRSAEncryption
86:b0:7e:c7:c8:ff:3e:e4:3d:6a:4d:60:fb:14:1a:7b:6f:1d:
c2:8f:97:4a:92:44:d1:10:61:61:fd:23:9f:96:83:1f:e3:af:
03:50:37:f1:ef:20:80:79:14:73:b9:fe:32:f3:08:0c:02:b0:
2b:81:60:98:ef:13:0d:7a:85:4e:28:b2:17:3b:4b:41:02:1f:
e5:eb:b3:12:37:b9:b9:5d:a7:30:3c:2b:31:4a:bb:fe:0b:f3:
38:8b:df:5c:3b:e0:9c:d0:1d:aa:f5:31:a3:bc:f7:b1:24:b7:
12:c0:40:b5:cc:df:5b:39:30:0c:62:f1:a9:81:97:be:1b:c6:
09:8b:4f:bb:1b:4b:36:60:61:09:ba:51:ca:54:c8:4a:f8:81:
79:3e:e8:12:fb:90:27:94:45:a1:9e:85:ee:3c:74:d2:ec:96:
ed:55:86:92:82:b5:d1:4b:22:47:87:0d:2a:db:ba:b0:01:89:
17:eb:57:37:65:26:25:73:f8:ba:25:84:55:d1:3c:96:a4:1e:
0b:0d:1e:01:37:1c:eb:83:dd:e0:0d:f5:0a:b4:91:04:0e:29:
cb:28:db:39:11:57:88:8a:ca:8c:cc:af:02:38:90:54:17:80:
50:fa:b9:f2:c2:05:54:35:6a:4a:5c:69:b1:1c:0e:90:85:78:
e9:0b:7e:03
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVsywNFmQW5xHQiEQArUvXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjU3NTk3OWQxZDRkMDBjNjBiZTU1MzgzYzE2MjI3OGFmNGYyYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9yr+ngImiA6BwhPoldLO/ySMGlJ
rJgwNxpDgdpejymKln80ACQ2b9/b0QR8DoN6zKHFR8r+k15i81EjkHB6ZpjtYNO5
fUHzb4P+3zgdb63NMNxnAx3tJaKwIfAMFT2NP07LxK2IsZtFXV/QNWS9UxlG9xos
oyNmA35SbWZy4EcnE1G8YudfR1IV9Q7fSCmme7oltIOG42wjM9lIF9ozSCVnWSYT
S58oEE2EI8IaA2FEAv5vuLWJxiXRbIyaQVjbofYGdXjh66szpwvgSEtkfzTJR5Vw
/4rxxfiJc3WNjr06zoLuNH7ia6lyHGoqTS7P17xe5blEyUTphIgQ1xiGpwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGZXWXnR1NAMYL5VODwWInivTyrdMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWmxkWmVkSFUwQXhndmxVNFBCWWllSzlQS3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwCQfAwQA
wHniAwQAwKWDAwQAwbZuAwQBwepMAwQAweszAwQAwg6HAwQAwkf1AwQAwmcrMA0G
CSqGSIb3DQEBCwUAA4IBAQCGsH7HyP8+5D1qTWD7FBp7bx3Cj5dKkkTREGFh/SOf
loMf468DUDfx7yCAeRRzuf4y8wgMArArgWCY7xMNeoVOKLIXO0tBAh/l67MSN7m5
XacwPCsxSrv+C/M4i99cO+Cc0B2q9TGjvPexJLcSwEC1zN9bOTAMYvGpgZe+G8YJ
i0+7G0s2YGEJulHKVMhK+IF5PugS+5AnlEWhnoXuPHTS7JbtVYaSgrXRSyJHhw0q
27qwAYkX61c3ZSYlc/i6JYRV0TyWpB4LDR4BNxzrg93gDfUKtJEEDinLKNs5EVeI
isqMzK8COJBUF4BQ+rnywgVUNWpKXGmxHA6QhXjpC34D
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:32:21 2025 by rpki-client