Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/ZnMJBzqE2uKdaqyEE1eY2NKnlVI.roa
File: ZnMJBzqE2uKdaqyEE1eY2NKnlVI.roa (raw, json)
Hash identifier: wSRXefUrpjLZIrx+UG6dg2mfcZrwzzMGfBIk4TCKfPs=
Subject key identifier: 66:73:09:07:3A:84:DA:E2:9D:6A:AC:84:13:57:98:D8:D2:A7:95:52
Certificate issuer: /CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Certificate serial: 1A9FD43B
Authority key identifier: 13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/ZnMJBzqE2uKdaqyEE1eY2NKnlVI.roa
Signing time: Sat 01 Jan 2022 13:59:49 +0000
ROA not before: Sat 01 Jan 2022 13:59:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12835
IP address blocks: 185.38.252.0/22 maxlen: 22
46.226.200.0/21 maxlen: 21
77.72.192.0/21 maxlen: 21
194.105.48.0/21 maxlen: 21
109.205.104.0/21 maxlen: 21
37.128.136.0/21 maxlen: 21
2a00:10c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 446682171 (0x1a9fd43b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Validity
Not Before: Jan 1 13:59:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=667309073a84dae29d6aac84135798d8d2a79552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ce:53:46:88:f1:e1:f8:f1:ec:80:14:51:8b:
e2:03:98:fd:27:21:8a:89:91:d7:87:93:9b:13:aa:
93:79:9d:0e:93:1f:7a:ff:2a:4e:4d:2f:1b:8e:8c:
14:bf:cb:af:52:7e:15:25:ea:a3:d9:2e:78:45:32:
58:5f:fb:69:bf:ae:b6:21:9e:35:5e:6a:3b:a0:a3:
4f:48:15:c6:eb:d6:90:bf:68:9d:f0:f4:61:0a:c3:
9c:34:9c:c9:1b:40:ca:d7:c7:7d:e4:a0:02:77:22:
5e:5f:6c:22:56:b9:e6:be:a9:f1:36:ed:dc:56:3a:
29:5f:fb:6a:b2:07:a8:59:d4:33:58:a3:df:f2:f1:
4a:85:b2:15:7a:0b:2d:8d:76:bf:c2:ae:b5:f7:ea:
81:b2:a3:f1:6a:4c:a2:07:f8:0e:9b:7b:58:9b:dd:
e8:dd:31:01:99:da:22:1e:9a:d3:c9:dd:0a:37:67:
c1:c9:82:5e:94:5c:a6:98:75:74:c3:f4:1d:2f:a2:
cc:5a:d1:e9:56:00:da:62:9d:26:9a:83:45:9d:d3:
a5:b0:56:4e:72:d4:b2:b1:c4:52:c2:19:f8:41:ae:
d9:53:be:ba:39:c4:dc:0b:44:7d:99:30:c5:3d:7c:
25:5d:2a:63:29:9e:fc:2d:fb:d1:b3:9b:63:74:b6:
09:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:73:09:07:3A:84:DA:E2:9D:6A:AC:84:13:57:98:D8:D2:A7:95:52
X509v3 Authority Key Identifier:
keyid:13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/ZnMJBzqE2uKdaqyEE1eY2NKnlVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/E8n9N8dDHOaqPJOmlSxn8PDJhG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.136.0/21
46.226.200.0/21
77.72.192.0/21
109.205.104.0/21
185.38.252.0/22
194.105.48.0/21
IPv6:
2a00:10c8::/32
Signature Algorithm: sha256WithRSAEncryption
74:ae:a0:35:af:e5:5f:ea:a3:bc:e0:15:60:b7:65:02:4f:50:
88:15:57:e6:68:91:21:00:aa:e9:a2:36:c2:a0:5f:8d:8e:c6:
dd:e8:95:88:38:de:06:6f:4f:b2:d9:13:d5:4a:bf:a6:58:e7:
11:55:7f:78:88:e8:35:76:e8:21:21:0b:5a:af:8c:2b:46:de:
cd:9a:71:e1:1e:a5:1e:26:cf:5a:34:ce:80:7d:90:b8:17:7c:
26:42:ad:ee:4a:ae:8a:ec:9c:01:de:4e:3f:92:aa:18:fd:51:
7d:91:fd:5c:47:81:c3:9b:83:17:17:f1:fd:b3:d8:73:02:c6:
29:04:ae:ac:71:15:bb:ed:b7:81:aa:aa:72:08:4c:a1:ae:f5:
94:f3:fd:c3:15:65:93:e0:ba:36:0e:b5:2f:bf:82:59:6e:f1:
41:34:5a:52:99:9f:5a:8d:43:09:1b:b2:20:66:b5:8f:77:de:
4f:c1:d3:7e:23:85:9c:a8:82:c1:9e:34:a0:41:92:03:0b:cb:
40:d6:a5:3b:21:3c:4a:ad:0e:39:72:0a:91:58:cd:de:6d:12:
ca:6b:2e:76:f4:79:95:b6:99:64:9a:12:56:04:2e:a1:10:c2:
05:6c:e6:6c:5e:9d:4f:3a:96:c9:ff:c5:7c:ab:e6:72:4f:a3:
83:92:d2:b9
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEGp/UOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2M5ZmQzN2M3NDMxY2U2YWEzYzkzYTY5NTJjNjdmMGYwYzk4NDZlMB4XDTIyMDEw
MTEzNTk0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY3MzA5MDczYTg0
ZGFlMjlkNmFhYzg0MTM1Nzk4ZDhkMmE3OTU1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODOU0aI8eH48eyAFFGL4gOY/SchiomR14eTmxOqk3mdDpMf
ev8qTk0vG46MFL/Lr1J+FSXqo9kueEUyWF/7ab+utiGeNV5qO6CjT0gVxuvWkL9o
nfD0YQrDnDScyRtAytfHfeSgAnciXl9sIla55r6p8Tbt3FY6KV/7arIHqFnUM1ij
3/LxSoWyFXoLLY12v8KutffqgbKj8WpMogf4Dpt7WJvd6N0xAZnaIh6a08ndCjdn
wcmCXpRcpph1dMP0HS+izFrR6VYA2mKdJpqDRZ3TpbBWTnLUsrHEUsIZ+EGu2VO+
ujnE3AtEfZkwxT18JV0qYyme/C370bObY3S2CZ8CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRmcwkHOoTa4p1qrIQTV5jY0qeVUjAfBgNVHSMEGDAWgBQTyf03x0Mc5qo8
k6aVLGfw8MmEbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0U4bjlOOGRESE9hcVBKT21sU3huOFBESmhHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvOGU4MjI3LWNkMjAtNGRiOC1hNDBlLTZhM2RmYjQ3ZjhjNC8x
L1puTUpCenFFMnVLZGFxeUVFMWVZMk5LbmxWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
OGU4MjI3LWNkMjAtNGRiOC1hNDBlLTZhM2RmYjQ3ZjhjNC8xL0U4bjlOOGRESE9h
cVBKT21sU3huOFBESmhHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAyWAiAMEAy7iyAMEA01IwAMEA23N
aAMEArkm/AMEA8JpMDANBAIAAjAHAwUAKgAQyDANBgkqhkiG9w0BAQsFAAOCAQEA
dK6gNa/lX+qjvOAVYLdlAk9QiBVX5miRIQCq6aI2wqBfjY7G3eiViDjeBm9PstkT
1Uq/pljnEVV/eIjoNXboISELWq+MK0bezZpx4R6lHibPWjTOgH2QuBd8JkKt7kqu
iuycAd5OP5KqGP1RfZH9XEeBw5uDFxfx/bPYcwLGKQSurHEVu+23gaqqcghMoa71
lPP9wxVlk+C6Ng61L7+CWW7xQTRaUpmfWo1DCRuyIGa1j3feT8HTfiOFnKiCwZ40
oEGSAwvLQNalOyE8Sq0OOXIKkVjN3m0SymsudvR5lbaZZJoSVgQuoRDCBWzmbF6d
TzqWyf/FfKvmck+jg5LSuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:37 2024 by rpki-client on console-ams.rpki-client.org