Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Zy0qzH82_ESUNY_bBgFlzXIi7Po.roa
File: Zy0qzH82_ESUNY_bBgFlzXIi7Po.roa (raw, json)
Hash identifier: tt0wOksdfM4CZ5LWegTRNIzmqoN7+wdn8vzsVXqaYFE=
Subject key identifier: 67:2D:2A:CC:7F:36:FC:44:94:35:8F:DB:06:01:65:CD:72:22:EC:FA
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 082C8725
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Zy0qzH82_ESUNY_bBgFlzXIi7Po.roa
Signing time: Sat 01 Jan 2022 07:56:07 +0000
ROA not before: Sat 01 Jan 2022 07:56:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29182
IP address blocks: 212.22.70.0/24 maxlen: 24
212.22.81.0/24 maxlen: 24
212.22.83.0/24 maxlen: 24
212.22.87.0/24 maxlen: 24
185.65.202.0/24 maxlen: 24
2a06:c3c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137135909 (0x82c8725)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 07:56:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=672d2acc7f36fc4494358fdb060165cd7222ecfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:99:89:2a:47:9e:9b:42:3d:fb:a9:cb:5d:37:
d1:b0:9b:a8:af:61:de:7d:0c:7b:09:7f:59:50:10:
48:88:f5:7f:7b:ab:d9:1b:9e:cd:5a:83:96:43:bd:
7e:53:47:d2:d5:37:7b:13:ad:9a:bb:af:3a:95:65:
c6:ed:8b:b4:9c:c8:cd:4c:47:af:9f:ee:3f:75:0f:
49:be:f7:fe:eb:dd:83:f2:c1:74:8f:c6:5d:19:ce:
a6:2f:79:9e:d8:63:a9:64:90:03:f9:3b:7d:d7:b5:
00:59:5e:79:42:b9:50:f0:f3:04:25:f0:fa:8a:b2:
65:74:e8:85:b4:e8:c0:6d:78:e2:6f:5c:44:a6:85:
d2:45:8d:71:7f:e6:34:a1:86:ff:79:f9:54:19:3c:
7b:1a:98:68:47:a8:7a:08:b3:91:27:14:11:69:30:
81:2d:8f:32:d4:75:0e:3c:bf:6b:31:cc:5f:4c:f2:
98:a1:20:eb:fd:ea:e9:e1:de:1d:0d:3f:18:a9:0b:
5c:cb:2e:b5:ff:eb:00:e7:09:64:73:9f:e9:3d:40:
a0:45:5d:31:7c:06:63:b9:c3:38:31:16:9e:42:14:
12:55:e4:bc:f7:6d:48:a1:6e:e0:ea:29:c2:a7:5e:
06:0e:c3:c1:a2:05:56:8a:9a:07:8a:e2:e3:d8:61:
a9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2D:2A:CC:7F:36:FC:44:94:35:8F:DB:06:01:65:CD:72:22:EC:FA
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Zy0qzH82_ESUNY_bBgFlzXIi7Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.202.0/24
212.22.70.0/24
212.22.81.0/24
212.22.83.0/24
212.22.87.0/24
IPv6:
2a06:c3c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
84:d5:40:4e:aa:37:0a:c4:c4:a9:a4:40:cd:06:76:46:dc:c4:
c7:88:40:57:79:3a:28:a9:4a:5e:c8:15:0f:dc:b7:a3:83:06:
38:d4:41:aa:d8:be:8b:5c:12:c4:55:e8:22:b9:1c:43:47:28:
1d:d2:b9:55:94:e5:93:a7:6a:c3:09:9f:fe:f8:87:d8:37:38:
2e:7d:92:7e:31:e2:34:04:bd:b2:b0:a4:36:1f:52:fd:db:28:
ce:73:3a:ce:83:b6:a3:9b:f1:5e:86:9b:96:8d:75:c6:47:a3:
e8:a7:aa:78:1f:27:c8:74:f1:12:29:fc:3d:f5:8d:68:8d:8c:
7c:f1:6d:de:9a:d1:b8:31:6e:e5:70:96:50:04:b8:a0:eb:a6:
3e:e7:7e:f2:d5:db:72:70:76:3f:fe:4d:2c:5a:cc:b9:a6:64:
cf:39:c1:65:fd:76:34:cb:23:47:df:25:b6:d9:ec:ba:9c:6d:
96:46:42:99:15:25:32:f6:c5:95:d7:4b:0e:4e:a0:03:2e:9f:
b3:92:50:fe:46:84:83:21:df:a9:4f:00:65:d6:5f:ab:2c:f7:
2b:28:22:be:3e:a9:b3:c7:35:2e:b7:7e:71:59:01:c0:53:49:
c3:20:ec:4e:4d:f3:38:2d:a8:77:51:3b:63:1f:94:38:b2:f8:
75:9e:eb:48
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIECCyHJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDYzNjUzNTViNjY1NTY0YTIxMGMzNThjNjhhMDExN2I3ZmJlYjlhMB4XDTIyMDEw
MTA3NTYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjcyZDJhY2M3ZjM2
ZmM0NDk0MzU4ZmRiMDYwMTY1Y2Q3MjIyZWNmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyZiSpHnptCPfupy1030bCbqK9h3n0Mewl/WVAQSIj1f3ur
2RuezVqDlkO9flNH0tU3exOtmruvOpVlxu2LtJzIzUxHr5/uP3UPSb73/uvdg/LB
dI/GXRnOpi95nthjqWSQA/k7fde1AFleeUK5UPDzBCXw+oqyZXTohbTowG144m9c
RKaF0kWNcX/mNKGG/3n5VBk8exqYaEeoegizkScUEWkwgS2PMtR1Djy/azHMX0zy
mKEg6/3q6eHeHQ0/GKkLXMsutf/rAOcJZHOf6T1AoEVdMXwGY7nDODEWnkIUElXk
vPdtSKFu4OopwqdeBg7DwaIFVoqaB4ri49hhqfsCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRnLSrMfzb8RJQ1j9sGAWXNciLs+jAfBgNVHSMEGDAWgBR0Y2U1W2ZVZKIQ
w1jGigEXt/vrmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RHTmxOVnRtVldTaUVNTll4b29CRjdmNzY1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvYWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8x
L1p5MHF6SDgyX0VTVU5ZX2JCZ0ZselhJaTdQby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
YWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8xL2RHTmxOVnRtVldT
aUVNTll4b29CRjdmNzY1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEALlBygMEANQWRgMEANQWUQMEANQW
UwMEANQWVzAPBAIAAjAJAwcAKgbDwAACMA0GCSqGSIb3DQEBCwUAA4IBAQCE1UBO
qjcKxMSppEDNBnZG3MTHiEBXeTooqUpeyBUP3LejgwY41EGq2L6LXBLEVegiuRxD
Rygd0rlVlOWTp2rDCZ/++IfYNzgufZJ+MeI0BL2ysKQ2H1L92yjOczrOg7ajm/Fe
hpuWjXXGR6Pop6p4HyfIdPESKfw99Y1ojYx88W3emtG4MW7lcJZQBLig66Y+537y
1dtycHY//k0sWsy5pmTPOcFl/XY0yyNH3yW22ey6nG2WRkKZFSUy9sWV10sOTqAD
Lp+zklD+RoSDId+pTwBl1l+rLPcrKCK+PqmzxzUut35xWQHAU0nDIOxOTfM4Lah3
UTtjH5Q4svh1nutI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:44 2023 by rpki-client on console-ams.rpki-client.org