Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/139044-9ebc-4559-ba10-a38e1eca4fd4/1/ZOLwupgDEx1aIS5bq3rfpOhgw40.roa
File: ZOLwupgDEx1aIS5bq3rfpOhgw40.roa (raw, json)
Hash identifier: EAqTS4zCc6an/4Ucmiw62JF3ejPjkuXyOyMvnnjRu5c=
Subject key identifier: 64:E2:F0:BA:98:03:13:1D:5A:21:2E:5B:AB:7A:DF:A4:E8:60:C3:8D
Certificate issuer: /CN=97da420008cfb9193499278ef558bd42d61c7f75
Certificate serial: 018534323EE2E3125556607D8730E6D628BD
Authority key identifier: 97:DA:42:00:08:CF:B9:19:34:99:27:8E:F5:58:BD:42:D6:1C:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9pCAAjPuRk0mSeO9Vi9QtYcf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/139044-9ebc-4559-ba10-a38e1eca4fd4/1/ZOLwupgDEx1aIS5bq3rfpOhgw40.roa
Signing time: Wed 21 Dec 2022 10:19:46 +0000
ROA not before: Wed 21 Dec 2022 10:19:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56410
IP address blocks: 217.115.124.0/24 maxlen: 24
217.115.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:32:3e:e2:e3:12:55:56:60:7d:87:30:e6:d6:28:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97da420008cfb9193499278ef558bd42d61c7f75
Validity
Not Before: Dec 21 10:19:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64e2f0ba9803131d5a212e5bab7adfa4e860c38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fb:cf:02:8b:47:9a:14:eb:db:11:2a:b8:8a:
f0:71:33:b3:b1:68:3e:84:2e:25:31:9b:ab:3a:73:
0e:75:c3:a8:d5:5c:fb:64:cf:72:aa:ba:7a:a6:53:
28:09:05:d4:a1:a9:f5:d6:20:98:b0:a9:ad:89:65:
53:12:4a:f1:10:de:13:3b:bb:8d:6c:b3:45:62:46:
64:39:a5:88:f3:00:86:42:e3:b8:b0:e7:52:f5:aa:
ee:e1:ef:fe:3a:25:08:c1:c3:ca:95:a2:91:be:eb:
4d:26:a0:6a:9e:0b:af:5a:5c:93:98:a8:aa:dc:77:
7a:ee:d8:24:16:aa:ce:c8:e2:36:16:01:fc:fe:9b:
92:07:b1:4a:e1:d3:3a:e5:a1:2c:c0:7c:69:c5:55:
ee:c0:41:78:ab:cd:7f:ea:91:92:ec:0e:d2:c1:7c:
c0:4e:4e:8a:c4:e8:46:fa:ae:d7:ac:db:03:03:30:
55:86:2d:ab:5a:34:1e:9f:71:61:ba:30:1f:39:9e:
93:d3:66:30:2e:d0:f2:89:66:f6:75:c8:f6:a6:37:
8d:64:49:ab:4f:d3:a7:1f:25:6d:e3:a9:3e:0f:69:
47:20:b5:a3:63:4f:4d:98:d3:ae:13:d0:d1:04:76:
9d:8c:e0:6e:4e:e8:02:c1:35:02:bd:f5:aa:3f:31:
10:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E2:F0:BA:98:03:13:1D:5A:21:2E:5B:AB:7A:DF:A4:E8:60:C3:8D
X509v3 Authority Key Identifier:
keyid:97:DA:42:00:08:CF:B9:19:34:99:27:8E:F5:58:BD:42:D6:1C:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9pCAAjPuRk0mSeO9Vi9QtYcf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/139044-9ebc-4559-ba10-a38e1eca4fd4/1/ZOLwupgDEx1aIS5bq3rfpOhgw40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/139044-9ebc-4559-ba10-a38e1eca4fd4/1/l9pCAAjPuRk0mSeO9Vi9QtYcf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.115.121.0/24
217.115.124.0/24
Signature Algorithm: sha256WithRSAEncryption
00:0e:51:02:59:27:a1:aa:e2:0a:28:3b:15:0e:d1:71:ab:7f:
cb:f2:11:f1:69:7f:6e:22:27:7c:f3:89:90:75:a5:c7:4a:5a:
04:e8:be:a1:21:d3:b1:9a:3a:80:b8:09:87:1a:95:0b:2a:63:
93:3d:b6:5a:65:2a:c9:d5:b1:60:6b:9c:67:61:3c:4b:b0:80:
7f:eb:7e:7f:83:55:5e:14:3c:4e:17:a5:c0:ff:f2:08:2c:ad:
58:60:34:17:74:ef:c9:dc:c6:0b:be:00:8f:52:62:77:c0:6e:
d7:a8:be:63:9d:bf:e4:89:45:09:15:95:9a:7c:12:81:dd:1a:
fb:c1:fc:dc:9f:2a:f2:06:d9:b2:72:3d:13:c3:7f:42:22:7b:
36:84:d5:42:03:91:c9:6e:de:6c:05:c8:7a:25:98:0c:3b:b4:
47:89:bb:51:ee:31:b9:ae:ba:27:21:04:e7:f8:70:ce:9a:ec:
ac:e0:97:7a:e2:3b:ba:6b:9f:4c:11:2d:69:39:26:12:f3:79:
1b:f5:45:9e:65:66:6d:5f:88:ab:1e:0a:91:13:56:68:ca:54:
4c:1e:1b:33:87:d4:c5:38:97:ed:e5:d3:d1:ca:a1:69:63:da:
32:f8:e8:6c:31:20:8a:70:fe:d2:32:fd:1b:09:7a:3f:e4:7a:
8d:85:72:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU0Mj7i4xJVVmB9hzDm1ii9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZGE0MjAwMDhjZmI5MTkzNDk5Mjc4ZWY1NThiZDQyZDYx
YzdmNzUwHhcNMjIxMjIxMTAxOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGUyZjBiYTk4MDMxMzFkNWEyMTJlNWJhYjdhZGZhNGU4NjBjMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/vPAotHmhTr2xEquIrwcTOzsWg+
hC4lMZurOnMOdcOo1Vz7ZM9yqrp6plMoCQXUoan11iCYsKmtiWVTEkrxEN4TO7uN
bLNFYkZkOaWI8wCGQuO4sOdS9aru4e/+OiUIwcPKlaKRvutNJqBqnguvWlyTmKiq
3Hd67tgkFqrOyOI2FgH8/puSB7FK4dM65aEswHxpxVXuwEF4q81/6pGS7A7SwXzA
Tk6KxOhG+q7XrNsDAzBVhi2rWjQen3FhujAfOZ6T02YwLtDyiWb2dcj2pjeNZEmr
T9OnHyVt46k+D2lHILWjY09NmNOuE9DRBHadjOBuTugCwTUCvfWqPzEQuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGTi8LqYAxMdWiEuW6t636ToYMONMB8GA1UdIwQY
MBaAFJfaQgAIz7kZNJknjvVYvULWHH91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDlwQ0FBalB1UmswbVNlTzlWaTlRdFljZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xMzkwNDQtOWViYy00NTU5LWJhMTAt
YTM4ZTFlY2E0ZmQ0LzEvWk9Md3VwZ0RFeDFhSVM1YnEzcmZwT2hndzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xMzkwNDQtOWViYy00NTU5LWJhMTAtYTM4ZTFlY2E0ZmQ0
LzEvbDlwQ0FBalB1UmswbVNlTzlWaTlRdFljZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2XN5AwQA
2XN8MA0GCSqGSIb3DQEBCwUAA4IBAQAADlECWSehquIKKDsVDtFxq3/L8hHxaX9u
Iid884mQdaXHSloE6L6hIdOxmjqAuAmHGpULKmOTPbZaZSrJ1bFga5xnYTxLsIB/
635/g1VeFDxOF6XA//IILK1YYDQXdO/J3MYLvgCPUmJ3wG7XqL5jnb/kiUUJFZWa
fBKB3Rr7wfzcnyryBtmycj0Tw39CIns2hNVCA5HJbt5sBch6JZgMO7RHibtR7jG5
rronIQTn+HDOmuys4Jd64ju6a59MES1pOSYS83kb9UWeZWZtX4irHgqRE1ZoylRM
Hhszh9TFOJft5dPRyqFpY9oy+OhsMSCKcP7SMv0bCXo/5HqNhXJI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:00 2024 by rpki-client on console-fra.rpki-client.org