Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/ZwbMLWBwtMs4uX68_7qwmFHc8rs.roa
File: ZwbMLWBwtMs4uX68_7qwmFHc8rs.roa (raw, json)
Hash identifier: QnWmr+qBNfcshI0xO6qqWnJX4G8eLUZvSA7QL/ENKqg=
Subject key identifier: 67:06:CC:2D:60:70:B4:CB:38:B9:7E:BC:FF:BA:B0:98:51:DC:F2:BB
Certificate issuer: /CN=c6dfebac8b75451122f914fca024ee1f5417cabb
Certificate serial: 018A6950A6A65103AE770E39DF8A15F4D27A
Authority key identifier: C6:DF:EB:AC:8B:75:45:11:22:F9:14:FC:A0:24:EE:1F:54:17:CA:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xt_rrIt1RREi-RT8oCTuH1QXyrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/ZwbMLWBwtMs4uX68_7qwmFHc8rs.roa
Signing time: Wed 06 Sep 2023 07:06:47 +0000
ROA not before: Wed 06 Sep 2023 07:06:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29413
IP address blocks: 185.214.120.0/22 maxlen: 24
2a0b:9940::/32 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:50:a6:a6:51:03:ae:77:0e:39:df:8a:15:f4:d2:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6dfebac8b75451122f914fca024ee1f5417cabb
Validity
Not Before: Sep 6 07:06:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6706cc2d6070b4cb38b97ebcffbab09851dcf2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9f:e7:6b:d5:7c:56:2e:9d:86:14:7e:49:33:
d9:a5:be:96:be:c8:09:30:c9:af:ed:50:7e:5e:f5:
1c:0c:66:05:d4:c5:5c:fc:2b:9d:4b:f1:a9:b1:c6:
88:ee:45:f4:da:7f:9d:ed:75:d6:9b:ca:6e:40:3c:
6b:ef:ce:d8:44:dd:93:fb:c7:c6:45:54:72:48:8d:
01:22:2f:24:8f:a0:a8:8d:b4:b6:1d:bf:07:4f:ac:
30:49:81:d9:5a:25:67:52:92:8f:3f:08:6b:56:ef:
aa:b9:96:3a:1c:41:4a:ad:0a:8b:93:de:54:a8:36:
83:58:08:63:54:ab:06:6a:1c:0b:7a:31:34:7f:1c:
aa:9a:26:f0:f9:c6:51:1e:8d:3a:e8:19:4c:46:38:
f9:6e:41:23:8b:81:f4:04:ae:be:93:a1:ad:34:1b:
eb:24:5c:01:d1:e1:ee:c6:23:d8:ad:45:72:8e:b2:
8e:79:10:1c:c7:5c:e4:1a:1a:43:87:46:a7:78:14:
c7:b2:61:ef:ab:8b:07:db:cb:19:70:39:5f:eb:51:
59:97:f2:df:b8:61:1e:2a:7f:82:98:64:f2:58:8b:
ff:2c:4f:4d:0c:30:79:3b:c7:d8:d8:65:41:22:b0:
99:7e:0b:f9:3f:9a:59:b7:1a:55:0f:c3:e8:0e:74:
62:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:06:CC:2D:60:70:B4:CB:38:B9:7E:BC:FF:BA:B0:98:51:DC:F2:BB
X509v3 Authority Key Identifier:
keyid:C6:DF:EB:AC:8B:75:45:11:22:F9:14:FC:A0:24:EE:1F:54:17:CA:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xt_rrIt1RREi-RT8oCTuH1QXyrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/ZwbMLWBwtMs4uX68_7qwmFHc8rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/xt_rrIt1RREi-RT8oCTuH1QXyrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.120.0/22
IPv6:
2a0b:9940::/32
Signature Algorithm: sha256WithRSAEncryption
a3:cf:87:d9:9d:6d:09:be:b9:d0:11:d8:d6:9f:74:09:6f:5a:
4a:30:c0:2a:c7:41:dc:8e:58:32:61:53:ad:93:cf:20:3c:19:
ca:a2:39:d7:dd:5f:e5:e1:b1:ae:c6:53:d7:9b:62:97:e8:82:
2a:96:58:4d:1c:d5:c9:d3:a2:cf:fc:e7:e5:91:2b:2e:bd:a4:
62:ec:27:6c:62:46:40:81:ea:b3:fe:3a:b9:fb:5c:e2:2f:c3:
39:a0:8d:8b:f5:56:26:09:5d:92:31:a4:87:ee:46:3b:2b:ad:
33:ca:a5:c6:06:54:a1:10:08:d5:be:28:50:e2:a4:6d:2d:e4:
33:09:94:d0:8c:3c:a2:d5:aa:2e:f7:79:fd:06:38:76:48:ab:
8c:63:48:fa:dd:26:87:90:27:ea:05:93:f9:0b:03:dc:6a:eb:
18:97:7e:15:f2:be:82:0a:fc:fc:7a:fe:24:c0:e8:19:01:0a:
e1:31:cf:cb:d1:e7:44:d0:36:b2:d5:67:8f:da:87:9d:47:de:
d5:d2:a5:d0:38:3f:54:10:05:51:4c:30:dc:ca:89:ee:f0:ac:
d6:96:b6:eb:1b:fd:62:73:25:85:4a:73:06:95:83:70:39:f5:
b1:35:25:2b:16:f3:c1:95:77:0b:57:c2:00:c8:bd:8f:12:d3:
b6:c4:d0:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYppUKamUQOudw4534oV9NJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZGZlYmFjOGI3NTQ1MTEyMmY5MTRmY2EwMjRlZTFmNTQx
N2NhYmIwHhcNMjMwOTA2MDcwNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA2Y2MyZDYwNzBiNGNiMzhiOTdlYmNmZmJhYjA5ODUxZGNmMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z/na9V8Vi6dhhR+STPZpb6WvsgJ
MMmv7VB+XvUcDGYF1MVc/CudS/GpscaI7kX02n+d7XXWm8puQDxr787YRN2T+8fG
RVRySI0BIi8kj6CojbS2Hb8HT6wwSYHZWiVnUpKPPwhrVu+quZY6HEFKrQqLk95U
qDaDWAhjVKsGahwLejE0fxyqmibw+cZRHo066BlMRjj5bkEji4H0BK6+k6GtNBvr
JFwB0eHuxiPYrUVyjrKOeRAcx1zkGhpDh0aneBTHsmHvq4sH28sZcDlf61FZl/Lf
uGEeKn+CmGTyWIv/LE9NDDB5O8fY2GVBIrCZfgv5P5pZtxpVD8PoDnRiNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGcGzC1gcLTLOLl+vP+6sJhR3PK7MB8GA1UdIwQY
MBaAFMbf66yLdUURIvkU/KAk7h9UF8q7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRfcnJJdDFSUkVpLVJUOG9DVHVIMVFYeXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hNjVhNDgtMDkzNS00YTc5LWFjMGYt
MzgwOTFiMTk3NjRiLzEvWndiTUxXQnd0TXM0dVg2OF83cXdtRkhjOHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hNjVhNDgtMDkzNS00YTc5LWFjMGYtMzgwOTFiMTk3NjRi
LzEveHRfcnJJdDFSUkVpLVJUOG9DVHVIMVFYeXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudZ4MA0E
AgACMAcDBQAqC5lAMA0GCSqGSIb3DQEBCwUAA4IBAQCjz4fZnW0JvrnQEdjWn3QJ
b1pKMMAqx0HcjlgyYVOtk88gPBnKojnX3V/l4bGuxlPXm2KX6IIqllhNHNXJ06LP
/OflkSsuvaRi7CdsYkZAgeqz/jq5+1ziL8M5oI2L9VYmCV2SMaSH7kY7K60zyqXG
BlShEAjVvihQ4qRtLeQzCZTQjDyi1aou93n9Bjh2SKuMY0j63SaHkCfqBZP5CwPc
ausYl34V8r6CCvz8ev4kwOgZAQrhMc/L0edE0Day1WeP2oedR97V0qXQOD9UEAVR
TDDcyonu8KzWlrbrG/1icyWFSnMGlYNwOfWxNSUrFvPBlXcLV8IAyL2PEtO2xNDy
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:22:23 2025 by rpki-client