Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/zw0tGP7HNDUhxo_jz05M--9_pH0.roa
File: zw0tGP7HNDUhxo_jz05M--9_pH0.roa (raw, json)
Hash identifier: xbUtLUskK0LR7w+OXqKltGOvnbWdJ7k3Kh+wutAKrVI=
Subject key identifier: CF:0D:2D:18:FE:C7:34:35:21:C6:8F:E3:CF:4E:4C:FB:EF:7F:A4:7D
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0B27CB92
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/zw0tGP7HNDUhxo_jz05M--9_pH0.roa
Signing time: Thu 05 May 2022 11:03:07 +0000
ROA not before: Thu 05 May 2022 11:03:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204175
IP address blocks: 185.177.43.0/24 maxlen: 24
185.177.42.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.220.166.0/23 maxlen: 23
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187157394 (0xb27cb92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: May 5 11:03:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf0d2d18fec7343521c68fe3cf4e4cfbef7fa47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:93:e3:77:18:2b:55:1a:f6:29:67:7c:12:c2:
c4:13:cd:02:a7:d1:dc:6a:33:cb:1c:c9:de:f0:4e:
dc:10:79:71:87:92:49:df:2f:ef:75:54:d0:bf:96:
f1:8a:15:50:52:4f:20:92:f4:13:39:dc:f7:2f:ed:
85:00:d3:f0:05:ef:14:21:8c:e0:99:0e:39:7c:73:
0a:ae:3d:b4:30:01:65:93:b1:c7:ac:40:58:eb:e5:
bf:4d:c4:19:90:be:7a:ca:d2:f2:02:b9:ed:2d:30:
91:52:95:61:03:f3:8e:3f:3a:e4:c2:f5:ea:7a:c0:
b4:99:78:fe:4f:7a:a8:b6:a6:1d:bd:5a:14:b4:76:
c4:3f:da:49:a7:93:60:8a:f3:08:67:60:8f:51:e3:
2d:a7:02:36:86:c4:3c:56:c9:a8:48:95:c4:11:87:
3d:28:90:e8:3b:6b:d8:e2:d2:cd:cf:20:a4:c9:66:
72:d9:e9:ed:f9:e2:56:13:6c:0e:c7:e8:6c:eb:03:
7a:90:de:d1:77:55:2d:84:6e:62:99:69:b5:3d:62:
d1:a1:59:c6:f1:06:fe:3c:10:00:2b:b1:a5:aa:44:
80:d2:c1:f5:6e:9d:8b:10:35:da:cd:af:00:85:bb:
6e:a9:b7:52:d3:8d:9f:a3:22:4c:f0:f5:20:e6:f3:
63:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0D:2D:18:FE:C7:34:35:21:C6:8F:E3:CF:4E:4C:FB:EF:7F:A4:7D
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/zw0tGP7HNDUhxo_jz05M--9_pH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.42.0/23
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
19:e4:ae:7d:0b:bf:0b:4c:67:df:9d:1a:21:10:99:0f:fb:f2:
7b:dd:06:1d:fa:f2:46:9f:05:7e:11:cb:88:93:81:a3:26:07:
b6:05:61:32:1c:21:33:5f:77:61:b7:6a:a5:c9:72:d5:ae:1a:
65:a2:b3:f3:b6:2a:d9:7c:fb:9a:25:82:3f:29:c5:74:0c:53:
4a:86:da:0b:27:48:e2:99:cc:4e:8b:0a:ac:8b:c2:ef:3b:ef:
6c:86:de:ad:bc:26:0d:57:c2:f1:df:28:42:c3:d2:96:c8:9e:
cf:16:b8:10:23:f0:34:3b:01:0d:64:43:6f:d6:2b:dd:73:c9:
96:4f:ee:d9:cf:77:c3:9c:76:5a:99:c6:02:bc:1b:16:51:45:
c0:51:fb:fa:8a:3a:dd:4d:38:f0:8a:3f:72:9e:70:28:13:f7:
69:e2:00:24:15:d5:7b:e7:fa:ea:e5:29:aa:c0:15:f6:29:6a:
ec:8e:c8:bd:ef:38:7e:c2:be:96:0b:85:43:34:4f:08:a4:36:
37:83:95:19:45:46:94:23:c3:7b:26:56:ce:58:50:29:0a:7c:
d5:07:33:48:0d:f9:4e:df:8a:87:10:36:2f:6a:a1:c7:c2:68:
54:49:d1:22:b2:c9:a1:dd:af:89:61:51:4e:a5:74:5c:de:88:
97:bd:34:16
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECyfLkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODQ5MjA0Y2E0ZjBlYjRlNTZlMDhlMDk5ZmUzNzg1Y2UwNmZmZWFhMB4XDTIyMDUw
NTExMDMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YwZDJkMThmZWM3
MzQzNTIxYzY4ZmUzY2Y0ZTRjZmJlZjdmYTQ3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaT43cYK1Ua9ilnfBLCxBPNAqfR3GozyxzJ3vBO3BB5cYeS
Sd8v73VU0L+W8YoVUFJPIJL0Eznc9y/thQDT8AXvFCGM4JkOOXxzCq49tDABZZOx
x6xAWOvlv03EGZC+esrS8gK57S0wkVKVYQPzjj865ML16nrAtJl4/k96qLamHb1a
FLR2xD/aSaeTYIrzCGdgj1HjLacCNobEPFbJqEiVxBGHPSiQ6Dtr2OLSzc8gpMlm
ctnp7fniVhNsDsfobOsDepDe0XdVLYRuYplptT1i0aFZxvEG/jwQACuxpapEgNLB
9W6dixA12s2vAIW7bqm3UtONn6MiTPD1IObzY/sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTPDS0Y/sc0NSHGj+PPTkz773+kfTAfBgNVHSMEGDAWgBSoSSBMpPDrTlbg
jgmf43hc4G/+qjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FFa2dUS1R3NjA1VzRJNEpuLU40WE9Cdl9xby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8x
L3p3MHRHUDdITkRVaHhvX2p6MDVNLS05X3BIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8xL3FFa2dUS1R3NjA1
VzRJNEpuLU40WE9Cdl9xby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAbmxKgMEAbncpgMEAbnohDANBgkq
hkiG9w0BAQsFAAOCAQEAGeSufQu/C0xn350aIRCZD/vye90GHfryRp8FfhHLiJOB
oyYHtgVhMhwhM193Ybdqpcly1a4aZaKz87Yq2Xz7miWCPynFdAxTSobaCydI4pnM
TosKrIvC7zvvbIberbwmDVfC8d8oQsPSlsiezxa4ECPwNDsBDWRDb9Yr3XPJlk/u
2c93w5x2WpnGArwbFlFFwFH7+oo63U048Io/cp5wKBP3aeIAJBXVe+f66uUpqsAV
9ilq7I7Ive84fsK+lguFQzRPCKQ2N4OVGUVGlCPDeyZWzlhQKQp81QczSA35Tt+K
hxA2L2qhx8JoVEnRIrLJod2viWFRTqV0XN6Il700Fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org