Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/zOaPJ_mgJhF3M6HiF5R8NzlF0rM.roa
File: zOaPJ_mgJhF3M6HiF5R8NzlF0rM.roa (raw, json)
Hash identifier: c0ZZa7oq83NM3zlQFgHBH9+6EPdaIGHNdsybXaGpsn0=
Subject key identifier: CC:E6:8F:27:F9:A0:26:11:77:33:A1:E2:17:94:7C:37:39:45:D2:B3
Certificate issuer: /CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Certificate serial: 022684
Authority key identifier: 78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/zOaPJ_mgJhF3M6HiF5R8NzlF0rM.roa
Signing time: Thu 17 Mar 2022 19:24:44 +0000
ROA not before: Thu 17 Mar 2022 19:24:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201587
IP address blocks: 85.194.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140932 (0x22684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Validity
Not Before: Mar 17 19:24:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cce68f27f9a026117733a1e217947c373945d2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:45:87:cf:e5:5f:0d:c1:70:46:e4:b6:75:8a:
95:48:dc:ab:95:de:6d:24:bc:69:27:df:d8:11:28:
f8:59:b8:d0:e6:a4:bc:21:19:e7:48:14:4b:d3:75:
a0:a9:3d:78:d4:ab:25:a9:84:62:bf:48:aa:eb:58:
bd:c2:cb:3a:63:a2:d7:66:33:dc:2c:29:de:22:83:
0d:32:d4:d2:ca:bb:03:3e:a5:cb:01:8b:17:7a:87:
3e:78:6d:67:08:bb:0a:90:f5:28:98:2d:f0:13:c6:
e8:49:03:a4:96:7a:a4:f1:e0:1a:2b:f2:89:40:0e:
d0:af:f6:17:3e:50:26:c9:71:43:28:07:81:a7:7b:
56:46:ba:ab:eb:45:39:e9:01:5f:1b:84:e3:07:ed:
41:95:ed:b8:dd:e1:66:55:23:1d:a4:30:94:7f:57:
8c:be:b1:37:d7:07:4b:ad:ff:3c:a9:2a:45:5c:6b:
8b:c4:ca:e4:fb:79:37:3c:12:b5:c6:f8:03:69:17:
aa:ac:46:0f:c4:1b:5d:6c:63:00:36:7c:90:ef:f9:
28:61:97:95:8c:ee:4d:79:a8:d1:c3:d9:21:cf:c7:
5b:77:d1:e0:95:0d:c2:17:0b:b3:16:5d:30:91:4a:
1d:f6:8f:08:9c:e0:56:a0:ef:34:b6:ca:e8:16:ad:
aa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E6:8F:27:F9:A0:26:11:77:33:A1:E2:17:94:7C:37:39:45:D2:B3
X509v3 Authority Key Identifier:
keyid:78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/zOaPJ_mgJhF3M6HiF5R8NzlF0rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/ePsJmqQwgayDle4LkMzxqIRPjWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.224.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:cd:7e:31:d9:3d:ca:e3:53:ad:fc:e7:ce:65:d9:cf:3c:8a:
19:a8:b4:c0:75:bc:87:03:76:00:e9:8e:ba:2a:38:83:62:c1:
98:6b:0d:57:8c:de:37:11:d1:a8:26:b3:88:4e:02:cc:61:c4:
9d:37:6c:9c:16:29:bf:5a:62:7b:a2:e8:f5:31:b1:50:59:fe:
c5:a5:4d:80:49:7c:ac:8a:34:c8:fa:66:0a:a1:08:b7:5b:c2:
bb:64:79:e0:59:05:99:74:c0:63:ec:cf:fb:f7:f3:f2:4b:57:
85:af:f5:49:2c:49:f0:f8:65:a0:4a:89:60:10:31:fd:93:1e:
55:77:c8:8a:03:ee:02:98:42:4b:0b:5c:41:ef:61:bc:85:cd:
11:22:cd:b0:b7:10:19:98:17:7d:d3:3e:d3:25:e4:50:21:7b:
0c:6f:48:1b:f0:26:f9:72:60:76:0c:2f:90:d5:4e:9d:7c:71:
f1:82:49:e1:ef:71:1f:b6:aa:18:a5:0f:7a:88:ee:9e:90:5c:
b5:c7:c1:6e:11:e7:23:ab:a1:64:5b:83:50:b4:28:55:5a:5a:
d2:a2:cb:00:08:64:66:01:98:8d:72:6c:40:c2:bb:ab:f0:c8:
d5:10:3c:09:4a:06:6e:e8:3c:a2:a8:81:5e:66:04:c6:56:87:
74:83:81:49
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAiaEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc4
ZmIwOTlhYTQzMDgxYWM4Mzk1ZWUwYjkwY2NmMWE4ODQ0ZjhkNjQwHhcNMjIwMzE3
MTkyNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjY2U2OGYyN2Y5YTAy
NjExNzczM2ExZTIxNzk0N2MzNzM5NDVkMmIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkkWHz+VfDcFwRuS2dYqVSNyrld5tJLxpJ9/YESj4WbjQ5qS8
IRnnSBRL03WgqT141KslqYRiv0iq61i9wss6Y6LXZjPcLCneIoMNMtTSyrsDPqXL
AYsXeoc+eG1nCLsKkPUomC3wE8boSQOklnqk8eAaK/KJQA7Qr/YXPlAmyXFDKAeB
p3tWRrqr60U56QFfG4TjB+1Ble243eFmVSMdpDCUf1eMvrE31wdLrf88qSpFXGuL
xMrk+3k3PBK1xvgDaReqrEYPxBtdbGMANnyQ7/koYZeVjO5NeajRw9khz8dbd9Hg
lQ3CFwuzFl0wkUod9o8InOBWoO80tsroFq2qRQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMzmjyf5oCYRdzOh4heUfDc5RdKzMB8GA1UdIwQYMBaAFHj7CZqkMIGsg5Xu
C5DM8aiET41kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZVBzSm1xUXdnYXlEbGU0TGtNenhxSVJQaldRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kOS9jZDE3ZmUtZTQ0YS00Yjk4LTlmMWMtMmQ4YThkOTY2OWY4LzEv
ek9hUEpfbWdKaEYzTTZIaUY1UjhOemxGMHJNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9j
ZDE3ZmUtZTQ0YS00Yjk4LTlmMWMtMmQ4YThkOTY2OWY4LzEvZVBzSm1xUXdnYXlE
bGU0TGtNenhxSVJQaldRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVcLgMA0GCSqGSIb3DQEBCwUAA4IB
AQBuzX4x2T3K41Ot/OfOZdnPPIoZqLTAdbyHA3YA6Y66KjiDYsGYaw1XjN43EdGo
JrOITgLMYcSdN2ycFim/WmJ7ouj1MbFQWf7FpU2ASXysijTI+mYKoQi3W8K7ZHng
WQWZdMBj7M/79/PyS1eFr/VJLEnw+GWgSolgEDH9kx5Vd8iKA+4CmEJLC1xB72G8
hc0RIs2wtxAZmBd90z7TJeRQIXsMb0gb8Cb5cmB2DC+Q1U6dfHHxgknh73EftqoY
pQ96iO6ekFy1x8FuEecjq6FkW4NQtChVWlrSossACGRmAZiNcmxAwrur8MjVEDwJ
SgZu6DyiqIFeZgTGVod0g4FJ
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:44:11 2025 by rpki-client