Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/ZbHJUEQbd1NzyfKdrrrtMpu1i50.roa
File: ZbHJUEQbd1NzyfKdrrrtMpu1i50.roa (raw, json)
Hash identifier: cSB+9SVALtqt/So7buhbnjfjszBLFdDIuft0RjDDXJs=
Subject key identifier: 65:B1:C9:50:44:1B:77:53:73:C9:F2:9D:AE:BA:ED:32:9B:B5:8B:9D
Certificate issuer: /CN=321ec4626ecde25335aff088b04c71395ae6bc24
Certificate serial: 19AFFD43
Authority key identifier: 32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/ZbHJUEQbd1NzyfKdrrrtMpu1i50.roa
Signing time: Sat 01 Jan 2022 11:57:52 +0000
ROA not before: Sat 01 Jan 2022 11:57:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62217
IP address blocks: 91.220.127.0/24 maxlen: 24
91.216.93.0/24 maxlen: 24
185.43.108.0/22 maxlen: 24
91.212.182.0/24 maxlen: 24
91.227.220.0/22 maxlen: 22
194.0.252.0/24 maxlen: 24
2a01:6c62::/32 maxlen: 32
2a01:6c61::/32 maxlen: 32
2a01:6c63::/32 maxlen: 32
2a01:6c60::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 430964035 (0x19affd43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321ec4626ecde25335aff088b04c71395ae6bc24
Validity
Not Before: Jan 1 11:57:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65b1c950441b775373c9f29daebaed329bb58b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:87:2c:4f:fc:61:55:55:af:47:ae:d2:3b:c3:
8b:4c:8c:77:9f:53:e8:08:60:45:68:bc:11:3c:ba:
11:d0:3f:d8:b9:66:0a:d2:d2:fa:3f:43:9a:f9:9c:
8a:32:83:60:f7:4e:37:c6:5a:a9:cc:63:cc:9f:00:
84:6b:3a:fe:72:52:6b:1c:69:a7:c6:14:53:39:f8:
4a:79:a1:e1:d6:d4:b1:bf:e6:66:0f:5f:7d:32:fd:
d4:1b:80:d5:5d:2b:ae:38:d1:c6:3b:4b:5f:db:c9:
ab:a4:54:18:75:d4:56:e4:8c:af:e5:28:57:c6:c6:
64:b5:54:7f:61:49:4d:26:d7:61:fc:c1:71:62:50:
0f:31:35:d7:9b:92:46:2d:b9:61:e3:69:7a:92:70:
83:dd:6a:27:7e:3d:6f:6c:24:2b:cc:d2:72:a7:8e:
ad:43:5f:c5:1c:3c:72:af:73:cd:1e:a0:1e:1a:30:
bd:c0:94:d5:74:71:f0:82:da:02:c5:b9:5b:2e:36:
a7:d0:46:96:20:04:73:92:1b:26:b0:ff:87:91:5b:
5a:77:51:c3:58:3f:3e:7a:a5:f2:8a:17:dc:68:d1:
b3:ad:b3:45:60:30:b8:d2:19:fd:cd:89:97:a2:cc:
52:38:a3:a7:16:34:4f:dd:ee:20:e4:61:f6:7f:75:
94:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B1:C9:50:44:1B:77:53:73:C9:F2:9D:AE:BA:ED:32:9B:B5:8B:9D
X509v3 Authority Key Identifier:
keyid:32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/ZbHJUEQbd1NzyfKdrrrtMpu1i50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.182.0/24
91.216.93.0/24
91.220.127.0/24
91.227.220.0/22
185.43.108.0/22
194.0.252.0/24
IPv6:
2a01:6c60::/30
Signature Algorithm: sha256WithRSAEncryption
5e:04:cd:b1:fa:7b:da:dd:09:cf:0b:87:8f:1a:a3:bf:16:9a:
04:d0:50:9d:44:85:3d:3d:61:d1:7b:db:9c:e5:85:e8:b1:ca:
25:6b:62:01:3e:70:91:49:43:b8:2c:18:45:94:a8:0a:f4:e5:
9d:ef:d4:a0:22:1b:eb:37:ec:b2:05:4e:bf:6a:41:9b:0f:a6:
48:b4:f9:e5:db:47:12:81:29:71:a5:62:69:6a:dc:91:ab:4d:
27:3b:5f:aa:67:73:f3:c0:a6:e8:b0:c0:be:08:9b:64:2a:a8:
a8:c9:92:5b:ec:a7:77:16:5c:a6:ec:27:c1:3d:f6:ec:c2:da:
e5:9f:4d:75:b8:cd:6a:fb:55:53:68:ec:22:8e:4d:4b:06:69:
3a:a3:6c:50:38:e6:45:04:b5:bc:38:22:17:38:ac:81:e8:23:
2e:1a:9b:1c:24:8c:fa:51:e4:45:61:b1:26:be:3e:8d:d1:5f:
cf:ab:24:b8:ce:ab:a6:64:0b:4b:0a:ac:d5:32:a4:04:7d:08:
f4:3d:18:44:2f:28:a6:58:b4:01:88:56:b2:5b:da:ae:8a:16:
d5:c5:27:aa:13:81:b4:19:bd:40:23:d6:3c:fc:62:78:71:ac:
9f:7b:2a:db:10:33:58:49:16:7a:1f:bd:8e:bc:f3:2f:57:f6:
18:4c:39:34
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEGa/9QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjFlYzQ2MjZlY2RlMjUzMzVhZmYwODhiMDRjNzEzOTVhZTZiYzI0MB4XDTIyMDEw
MTExNTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjViMWM5NTA0NDFi
Nzc1MzczYzlmMjlkYWViYWVkMzI5YmI1OGI5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJOHLE/8YVVVr0eu0jvDi0yMd59T6AhgRWi8ETy6EdA/2Llm
CtLS+j9DmvmcijKDYPdON8ZaqcxjzJ8AhGs6/nJSaxxpp8YUUzn4Snmh4dbUsb/m
Zg9ffTL91BuA1V0rrjjRxjtLX9vJq6RUGHXUVuSMr+UoV8bGZLVUf2FJTSbXYfzB
cWJQDzE115uSRi25YeNpepJwg91qJ349b2wkK8zScqeOrUNfxRw8cq9zzR6gHhow
vcCU1XRx8ILaAsW5Wy42p9BGliAEc5IbJrD/h5FbWndRw1g/Pnql8ooX3GjRs62z
RWAwuNIZ/c2Jl6LMUjijpxY0T93uIORh9n91lBECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRlsclQRBt3U3PJ8p2uuu0ym7WLnTAfBgNVHSMEGDAWgBQyHsRibs3iUzWv
8IiwTHE5Wua8JDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01oN0VZbTdONGxNMXJfQ0lzRXh4T1ZybXZDUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvOGUwOGIzLTQ4N2MtNDg1YS05NDc5LWIwODRjNzM4NjFiOC8x
L1piSEpVRVFiZDFOenlmS2RycnJ0TXB1MWk1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
OGUwOGIzLTQ4N2MtNDg1YS05NDc5LWIwODRjNzM4NjFiOC8xL01oN0VZbTdONGxN
MXJfQ0lzRXh4T1ZybXZDUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAFvUtgMEAFvYXQMEAFvcfwMEAlvj
3AMEArkrbAMEAMIA/DANBAIAAjAHAwUCKgFsYDANBgkqhkiG9w0BAQsFAAOCAQEA
XgTNsfp72t0JzwuHjxqjvxaaBNBQnUSFPT1h0XvbnOWF6LHKJWtiAT5wkUlDuCwY
RZSoCvTlne/UoCIb6zfssgVOv2pBmw+mSLT55dtHEoEpcaViaWrckatNJztfqmdz
88Cm6LDAvgibZCqoqMmSW+yndxZcpuwnwT327MLa5Z9NdbjNavtVU2jsIo5NSwZp
OqNsUDjmRQS1vDgiFzisgegjLhqbHCSM+lHkRWGxJr4+jdFfz6skuM6rpmQLSwqs
1TKkBH0I9D0YRC8opli0AYhWslvarooW1cUnqhOBtBm9QCPWPPxieHGsn3sq2xAz
WEkWeh+9jrzzL1f2GEw5NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:23 2024 by rpki-client on console-ams.rpki-client.org