Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/Z-6etz0PL_VjG_-7GSu_Vdzk878.roa
File: Z-6etz0PL_VjG_-7GSu_Vdzk878.roa (raw, json)
Hash identifier: dirzpWL/VK3fow8+59+axPKO71JrAKh6EcjZxBkmcd0=
Subject key identifier: 67:EE:9E:B7:3D:0F:2F:F5:63:1B:FF:BB:19:2B:BF:55:DC:E4:F3:BF
Certificate issuer: /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial: 188D6541
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/Z-6etz0PL_VjG_-7GSu_Vdzk878.roa
Signing time: Sat 01 Jan 2022 11:04:25 +0000
ROA not before: Sat 01 Jan 2022 11:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49349
IP address blocks: 185.38.140.0/22 maxlen: 24
185.236.229.0/24 maxlen: 24
185.236.231.0/24 maxlen: 24
185.236.230.0/24 maxlen: 24
188.93.232.0/21 maxlen: 24
5.206.224.0/21 maxlen: 24
2a00:1c60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411919681 (0x188d6541)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Validity
Not Before: Jan 1 11:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67ee9eb73d0f2ff5631bffbb192bbf55dce4f3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e9:46:94:0e:83:9e:06:1b:59:98:be:1c:85:
a8:24:62:4c:87:96:85:2b:aa:27:36:a0:8c:8f:70:
e7:3f:cf:ad:ef:c9:23:b6:50:c9:36:1a:6a:26:3f:
53:69:59:b1:1f:51:97:38:40:20:45:cd:0b:45:e6:
4e:ba:81:0c:21:96:86:66:39:9f:3b:ab:cc:b4:99:
18:47:a0:dd:18:f4:7a:44:17:97:45:08:a8:c8:d4:
aa:2e:cd:e7:0a:33:5b:fd:0a:9b:7e:24:27:99:7b:
59:ed:df:31:83:80:83:1f:d3:d2:3c:9c:9b:cf:4d:
07:98:1c:38:f9:1e:3c:7e:ff:30:a0:24:a3:26:be:
19:66:b8:5a:be:12:d6:7f:ee:fe:4b:cd:e4:0a:6e:
6b:26:ee:f6:67:b5:a5:02:88:a8:7d:57:55:c2:d7:
d1:0a:f8:58:cf:d0:72:29:7a:f9:7c:fb:34:94:e5:
19:0b:90:77:12:61:a8:d6:28:5c:bd:cf:ca:93:a1:
cd:79:86:4b:0c:dc:ea:45:c8:29:b9:38:d9:09:e4:
6a:54:fd:8e:c2:63:aa:a4:c0:9e:b9:7d:fb:6d:f8:
b9:e6:55:9f:3c:b0:a3:9e:5b:90:cc:6b:f9:8c:0a:
d8:67:26:62:bb:86:86:f7:89:f1:5b:6f:08:d7:29:
ce:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:9E:B7:3D:0F:2F:F5:63:1B:FF:BB:19:2B:BF:55:DC:E4:F3:BF
X509v3 Authority Key Identifier:
keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/Z-6etz0PL_VjG_-7GSu_Vdzk878.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.224.0/21
185.38.140.0/22
185.236.229.0-185.236.231.255
188.93.232.0/21
IPv6:
2a00:1c60::/32
Signature Algorithm: sha256WithRSAEncryption
46:88:61:07:61:bc:5c:59:05:c0:0c:4e:80:78:4c:9c:d1:a8:
37:cb:c6:ed:ca:4f:15:9f:a1:8c:14:fc:40:cf:ae:ca:2f:40:
48:e8:f1:64:0e:75:d4:99:ba:c0:fd:9d:a8:5b:9f:2f:87:39:
b9:1a:b7:d0:ea:35:4f:a3:9f:01:cc:ab:13:7d:2c:3e:99:33:
71:ef:eb:3d:87:46:e3:bb:96:b1:39:99:e0:71:e5:e1:eb:0f:
66:0f:d1:d8:6f:4c:0e:d0:37:8d:1c:d5:20:fa:bd:34:ff:d2:
56:49:66:eb:34:ea:44:3d:e4:51:11:f4:99:3e:e0:f2:bd:cd:
23:3a:dd:d3:7a:cb:bd:8c:a9:c6:70:f8:3f:43:ad:82:64:bc:
87:89:f0:aa:6b:7d:3b:4d:17:f7:48:6f:85:06:10:e8:08:b1:
b2:98:66:e0:c4:8b:a8:46:03:46:b0:f4:aa:2f:e5:a1:d6:dc:
07:61:f3:fb:5c:be:47:ce:f8:9a:83:de:df:66:71:51:79:12:
76:01:f0:8e:b8:03:47:0a:80:57:ab:7d:2a:7d:ab:d4:c0:62:
0f:3e:10:21:7c:68:ec:fe:e0:63:25:9d:58:cb:2d:d8:45:65:
69:46:4c:aa:65:29:a8:58:82:57:73:65:f1:cc:59:91:1a:eb:
31:10:f4:c7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEGI1lQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzlmMGI5YWMxZDU2NTJmM2RjYTFlZjE2MjNiZjk5YWIyOTY0N2RmMB4XDTIyMDEw
MTExMDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdlZTllYjczZDBm
MmZmNTYzMWJmZmJiMTkyYmJmNTVkY2U0ZjNiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzpRpQOg54GG1mYvhyFqCRiTIeWhSuqJzagjI9w5z/Pre/J
I7ZQyTYaaiY/U2lZsR9RlzhAIEXNC0XmTrqBDCGWhmY5nzurzLSZGEeg3Rj0ekQX
l0UIqMjUqi7N5wozW/0Km34kJ5l7We3fMYOAgx/T0jycm89NB5gcOPkePH7/MKAk
oya+GWa4Wr4S1n/u/kvN5Apuaybu9me1pQKIqH1XVcLX0Qr4WM/Qcil6+Xz7NJTl
GQuQdxJhqNYoXL3PypOhzXmGSwzc6kXIKbk42QnkalT9jsJjqqTAnrl9+234ueZV
nzywo55bkMxr+YwK2GcmYruGhveJ8VtvCNcpzvsCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRn7p63PQ8v9WMb/7sZK79V3OTzvzAfBgNVHSMEGDAWgBS8nwuawdVlLz3K
HvFiO/maspZH3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZKOExtc0hWWlM4OXloN3hZanY1bXJLV1I5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvNDk5MmI2LWZkYWUtNGM5Zi1iZjNlLTk1Yzg5NDJkZjcyNC8x
L1otNmV0ejBQTF9WakdfLTdHU3VfVmR6azg3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
NDk5MmI2LWZkYWUtNGM5Zi1iZjNlLTk1Yzg5NDJkZjcyNC8xL3ZKOExtc0hWWlM4
OXloN3hZanY1bXJLV1I5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEAwXO4AMEArkmjDAMAwQAuezlAwQD
uezgAwQDvF3oMA0EAgACMAcDBQAqABxgMA0GCSqGSIb3DQEBCwUAA4IBAQBGiGEH
YbxcWQXADE6AeEyc0ag3y8btyk8Vn6GMFPxAz67KL0BI6PFkDnXUmbrA/Z2oW58v
hzm5GrfQ6jVPo58BzKsTfSw+mTNx7+s9h0bju5axOZngceXh6w9mD9HYb0wO0DeN
HNUg+r00/9JWSWbrNOpEPeRREfSZPuDyvc0jOt3Tesu9jKnGcPg/Q62CZLyHifCq
a307TRf3SG+FBhDoCLGymGbgxIuoRgNGsPSqL+Wh1twHYfP7XL5Hzviag97fZnFR
eRJ2AfCOuANHCoBXq30qfavUwGIPPhAhfGjs/uBjJZ1Yyy3YRWVpRkyqZSmoWIJX
c2XxzFmRGusxEPTH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:08 2024 by rpki-client on console-ams.rpki-client.org