Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/ZvMxRnj8Ux1bVN_KwC4YG9vsKvU.roa
File: ZvMxRnj8Ux1bVN_KwC4YG9vsKvU.roa (raw, json)
Hash identifier: Csndu/wWKA6Pysj3up+loasQPjqbhBlPnWjj7tmJG7g=
Subject key identifier: 66:F3:31:46:78:FC:53:1D:5B:54:DF:CA:C0:2E:18:1B:DB:EC:2A:F5
Certificate issuer: /CN=34c4956f85671125882c574cd2e2d203aabded05
Certificate serial: 071AF914
Authority key identifier: 34:C4:95:6F:85:67:11:25:88:2C:57:4C:D2:E2:D2:03:AA:BD:ED:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NMSVb4VnESWILFdM0uLSA6q97QU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/ZvMxRnj8Ux1bVN_KwC4YG9vsKvU.roa
Signing time: Sat 01 Jan 2022 14:04:50 +0000
ROA not before: Sat 01 Jan 2022 14:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29042
IP address blocks: 195.68.199.0/24 maxlen: 24
195.68.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119208212 (0x71af914)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34c4956f85671125882c574cd2e2d203aabded05
Validity
Not Before: Jan 1 14:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66f3314678fc531d5b54dfcac02e181bdbec2af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:31:3f:c1:dc:ae:1f:0b:fc:a2:f1:fe:5f:
15:0a:b7:56:fa:2b:02:d9:e9:5d:29:18:26:93:11:
b9:42:42:4e:45:0f:b0:ed:17:51:b2:31:ec:7d:08:
cc:1b:d6:47:c4:5d:c5:85:09:33:b5:54:1b:a6:90:
a7:0e:fa:30:87:59:26:eb:43:44:b2:1d:ad:39:28:
58:8c:c0:42:be:c6:56:61:7a:6b:61:7f:47:4b:47:
19:e4:a2:80:d2:f5:c1:7a:c0:7f:bd:18:56:ab:5b:
4f:74:e3:e0:88:08:bc:cb:88:a8:b3:9f:95:f6:ef:
b8:58:17:d9:86:53:6f:da:38:90:fc:80:37:d6:af:
78:e3:cd:c8:b2:64:70:be:1e:5d:d2:f3:93:0d:74:
a4:f8:ca:5c:5a:66:8f:22:df:4a:9d:30:26:7f:a7:
6e:ed:80:f5:4e:c3:47:ce:4b:ba:9d:3a:e0:fe:9a:
61:9f:64:85:ab:a7:45:32:07:3d:2f:5c:aa:e6:2d:
b1:5f:e6:c2:76:52:fe:b1:0f:82:9f:f6:ff:73:8d:
e4:06:f9:8b:eb:23:cb:eb:df:bf:35:99:8b:3b:56:
65:1e:d9:a2:2e:de:3c:f2:93:f8:c8:81:7b:52:9c:
ed:dc:8f:31:34:4d:ea:ca:e3:10:e0:cc:b8:8b:a0:
ca:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F3:31:46:78:FC:53:1D:5B:54:DF:CA:C0:2E:18:1B:DB:EC:2A:F5
X509v3 Authority Key Identifier:
keyid:34:C4:95:6F:85:67:11:25:88:2C:57:4C:D2:E2:D2:03:AA:BD:ED:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NMSVb4VnESWILFdM0uLSA6q97QU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/ZvMxRnj8Ux1bVN_KwC4YG9vsKvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/NMSVb4VnESWILFdM0uLSA6q97QU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.68.198.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:3d:91:3c:3c:9c:ba:17:a8:6f:e7:b4:6c:13:10:17:11:e2:
87:16:80:3b:68:89:56:3b:e1:6f:5d:f7:61:bd:3b:1b:2b:6a:
3e:b2:c5:f9:32:68:d8:a5:1f:fc:79:87:85:e7:60:b9:94:6a:
7b:a6:d3:f8:dc:65:36:28:bb:33:ee:51:bd:da:05:20:9d:20:
ee:73:00:d2:89:00:88:42:82:97:13:ce:50:cf:98:7a:7b:a7:
f9:cb:d2:e4:06:41:02:1e:c7:79:b4:96:fb:df:db:84:24:ce:
49:d5:c7:e8:0f:48:7d:dc:b8:5b:a2:d3:61:0d:7d:bb:6a:65:
c6:72:f7:c4:26:29:c9:dd:67:7c:07:fe:90:15:1c:d5:cd:86:
39:4d:4f:63:c4:e1:d1:b3:fc:80:24:c8:20:a7:b9:6f:af:61:
20:67:d2:be:f9:29:87:31:c1:57:ed:a8:91:88:37:3f:99:67:
fa:da:36:b4:49:15:92:46:19:c6:6d:11:9f:05:74:44:02:5a:
2f:a0:13:d8:3b:7d:f9:cc:d6:b3:66:bd:48:5f:9e:d5:7b:7f:
8f:2b:2b:a0:06:9e:39:d0:1e:28:eb:4d:d7:12:51:29:e3:4e:
cf:35:c7:34:b8:51:ce:60:53:29:f4:a5:80:8e:2f:aa:ef:84:
ac:43:bb:c3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBxr5FDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGM0OTU2Zjg1NjcxMTI1ODgyYzU3NGNkMmUyZDIwM2FhYmRlZDA1MB4XDTIyMDEw
MTE0MDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZmMzMxNDY3OGZj
NTMxZDViNTRkZmNhYzAyZTE4MWJkYmVjMmFmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOZMT/B3K4fC/yi8f5fFQq3VvorAtnpXSkYJpMRuUJCTkUP
sO0XUbIx7H0IzBvWR8RdxYUJM7VUG6aQpw76MIdZJutDRLIdrTkoWIzAQr7GVmF6
a2F/R0tHGeSigNL1wXrAf70YVqtbT3Tj4IgIvMuIqLOflfbvuFgX2YZTb9o4kPyA
N9aveOPNyLJkcL4eXdLzkw10pPjKXFpmjyLfSp0wJn+nbu2A9U7DR85Lup064P6a
YZ9khaunRTIHPS9cquYtsV/mwnZS/rEPgp/2/3ON5Ab5i+sjy+vfvzWZiztWZR7Z
oi7ePPKT+MiBe1Kc7dyPMTRN6srjEODMuIugyiECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRm8zFGePxTHVtU38rALhgb2+wq9TAfBgNVHSMEGDAWgBQ0xJVvhWcRJYgs
V0zS4tIDqr3tBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05NU1ZiNFZuRVNXSUxGZE0wdUxTQTZxOTdRVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvZjNlNjdhLWNmZDctNDc0NS04MmI3LTJkOTBjN2ZkMGQ2MC8x
L1p2TXhSbmo4VXgxYlZOX0t3QzRZRzl2c0t2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
ZjNlNjdhLWNmZDctNDc0NS04MmI3LTJkOTBjN2ZkMGQ2MC8xL05NU1ZiNFZuRVNX
SUxGZE0wdUxTQTZxOTdRVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcNExjANBgkqhkiG9w0BAQsFAAOC
AQEAGz2RPDycuheob+e0bBMQFxHihxaAO2iJVjvhb133Yb07GytqPrLF+TJo2KUf
/HmHhedguZRqe6bT+NxlNii7M+5RvdoFIJ0g7nMA0okAiEKClxPOUM+Yenun+cvS
5AZBAh7HebSW+9/bhCTOSdXH6A9Ifdy4W6LTYQ19u2plxnL3xCYpyd1nfAf+kBUc
1c2GOU1PY8Th0bP8gCTIIKe5b69hIGfSvvkphzHBV+2okYg3P5ln+to2tEkVkkYZ
xm0RnwV0RAJaL6AT2Dt9+czWs2a9SF+e1Xt/jysroAaeOdAeKOtN1xJRKeNOzzXH
NLhRzmBTKfSlgI4vqu+ErEO7ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:25 2024 by rpki-client on console-ams.rpki-client.org