Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ZpAzPxn4VGIBwsCEHhAJiLWN_qc.roa
File: ZpAzPxn4VGIBwsCEHhAJiLWN_qc.roa (raw, json)
Hash identifier: PKEHsgcymqKBMUdsEMu2n0nx0cogsZCoZlJul2UGIMs=
Subject key identifier: 66:90:33:3F:19:F8:54:62:01:C2:C0:84:1E:10:09:88:B5:8D:FE:A7
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 4470B6E3
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ZpAzPxn4VGIBwsCEHhAJiLWN_qc.roa
Signing time: Sat 01 Jan 2022 03:58:19 +0000
ROA not before: Sat 01 Jan 2022 03:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8953
IP address blocks: 92.180.0.0/17 maxlen: 24
90.84.224.0/20 maxlen: 24
90.95.0.0/16 maxlen: 24
90.84.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148237539 (0x4470b6e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6690333f19f8546201c2c0841e100988b58dfea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6f:66:b1:aa:38:61:62:06:d1:e7:65:ff:91:
64:a9:47:e1:74:4b:f7:8a:92:77:2c:c7:cf:5c:6d:
c9:41:05:8e:fc:83:08:74:6c:c3:33:2b:f8:bc:5b:
b3:d0:e4:d2:be:bb:6a:6b:cd:00:40:af:7e:91:0a:
52:65:ec:a3:c7:5e:95:87:5a:41:4f:0f:7b:a7:65:
0b:7c:b0:9f:e1:1b:3b:67:c6:ef:44:01:6d:41:29:
4b:57:9e:d3:60:f3:91:3e:67:cb:fd:0c:01:f0:5c:
bf:69:65:16:ce:c5:a2:a7:a4:59:35:89:44:0a:e1:
46:3a:2e:29:91:c6:32:66:5e:91:11:03:e7:cc:eb:
49:3a:64:a1:0f:f9:df:ff:08:7e:d9:ff:90:85:bc:
1c:18:33:53:2f:5e:0c:7d:ed:5c:e7:68:32:02:39:
05:58:be:72:f0:5a:92:fc:13:21:f2:9c:a1:8a:86:
24:6a:74:7c:6b:6e:8e:18:a8:d8:35:b7:47:0b:61:
38:96:a8:95:d6:ef:30:94:7f:ff:b1:14:04:34:4c:
92:9b:43:c8:25:35:de:3a:6c:70:55:1d:b6:35:48:
fc:f9:43:5b:d1:bb:e1:a0:b8:e8:6d:91:4d:3e:6b:
49:8e:3a:fd:2d:d8:09:b4:3f:e9:d4:c7:e9:71:58:
cd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:90:33:3F:19:F8:54:62:01:C2:C0:84:1E:10:09:88:B5:8D:FE:A7
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ZpAzPxn4VGIBwsCEHhAJiLWN_qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.208.0/21
90.84.224.0/20
90.95.0.0/16
92.180.0.0/17
Signature Algorithm: sha256WithRSAEncryption
38:22:c8:5c:d1:96:75:9e:63:f1:73:fa:d4:a4:bd:17:87:03:
29:52:3d:5a:09:20:8d:9b:c6:64:58:fe:41:00:c6:10:5c:8c:
f9:0b:e3:8e:ba:70:d2:c0:63:bf:3d:ba:db:98:14:60:78:d5:
e0:ad:4d:c4:71:bc:59:d9:2f:ca:20:d0:1b:82:1b:17:a8:89:
c9:98:9b:5a:94:16:03:04:76:09:32:fc:f0:2f:f3:1f:13:bc:
a2:d9:19:89:bb:65:1a:59:c4:a1:53:db:41:8c:0a:d7:c8:d4:
b7:b6:2a:27:5c:b7:b8:9b:8b:3d:1e:57:7b:99:03:b4:a8:85:
4c:0e:17:3b:b3:8b:eb:08:59:e0:b3:11:97:16:53:af:1a:67:
b6:27:c0:e3:fb:5a:17:df:5e:fc:50:10:c9:d6:e0:1d:67:6a:
ff:4e:90:ad:81:40:db:2e:98:ea:5f:6d:2f:1f:84:ce:40:bb:
11:9b:a5:dd:82:96:5f:cf:02:ef:71:32:e2:34:5d:9a:5e:2e:
b2:9b:85:70:26:d5:7a:7b:13:c0:46:13:a6:b6:37:77:a7:cc:
9a:36:98:68:80:3f:0b:6a:ed:75:58:a0:bf:4b:b7:28:fd:ec:
a0:81:8f:18:ad:1d:19:4a:97:33:e4:c0:33:2e:34:b6:21:cd:
2e:4c:3f:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIERHC24zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY5MDMzM2YxOWY4
NTQ2MjAxYzJjMDg0MWUxMDA5ODhiNThkZmVhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRvZrGqOGFiBtHnZf+RZKlH4XRL94qSdyzHz1xtyUEFjvyD
CHRswzMr+Lxbs9Dk0r67amvNAECvfpEKUmXso8delYdaQU8Pe6dlC3ywn+EbO2fG
70QBbUEpS1ee02DzkT5ny/0MAfBcv2llFs7FoqekWTWJRArhRjouKZHGMmZekRED
58zrSTpkoQ/53/8Iftn/kIW8HBgzUy9eDH3tXOdoMgI5BVi+cvBakvwTIfKcoYqG
JGp0fGtujhio2DW3RwthOJaoldbvMJR//7EUBDRMkptDyCU13jpscFUdtjVI/PlD
W9G74aC46G2RTT5rSY46/S3YCbQ/6dTH6XFYzWECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRmkDM/GfhUYgHCwIQeEAmItY3+pzAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L1pwQXpQeG40VkdJQndzQ0VIaEFKaUxXTl9xYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wHQQCAAEwFwMEA1pU0AMEBFpU4AMDAFpfAwQHXLQA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4Ishc0ZZ1nmPxc/rUpL0XhwMpUj1aCSCNm8Zk
WP5BAMYQXIz5C+OOunDSwGO/PbrbmBRgeNXgrU3EcbxZ2S/KINAbghsXqInJmJta
lBYDBHYJMvzwL/MfE7yi2RmJu2UaWcShU9tBjArXyNS3tionXLe4m4s9Hld7mQO0
qIVMDhc7s4vrCFngsxGXFlOvGme2J8Dj+1oX3178UBDJ1uAdZ2r/TpCtgUDbLpjq
X20vH4TOQLsRm6XdgpZfzwLvcTLiNF2aXi6ym4VwJtV6exPARhOmtjd3p8yaNpho
gD8Lau11WKC/S7co/eyggY8YrR0ZSpcz5MAzLjS2Ic0uTD86
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org