Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b67953-3ce3-4afe-9d7e-1ed620452509/1/zxT8kunOPkrqzxRcXVUnSAV_g8c.roa
File: zxT8kunOPkrqzxRcXVUnSAV_g8c.roa (raw, json)
Hash identifier: ZW/eG/TNzDI+n+7Lhl0itDHWoTEwOcyTzvP9L/EVzd0=
Subject key identifier: CF:14:FC:92:E9:CE:3E:4A:EA:CF:14:5C:5D:55:27:48:05:7F:83:C7
Certificate issuer: /CN=27f0b737715114ded20f68ef0347d9f752a0e0b7
Certificate serial: 018216E8157AD03D9A7F5725478FB86B0834
Authority key identifier: 27:F0:B7:37:71:51:14:DE:D2:0F:68:EF:03:47:D9:F7:52:A0:E0:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_C3N3FRFN7SD2jvA0fZ91Kg4Lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b67953-3ce3-4afe-9d7e-1ed620452509/1/zxT8kunOPkrqzxRcXVUnSAV_g8c.roa
Signing time: Tue 19 Jul 2022 14:41:24 +0000
ROA not before: Tue 19 Jul 2022 14:41:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34841
IP address blocks: 46.252.48.0/20 maxlen: 20
185.77.124.0/23 maxlen: 23
185.77.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:e8:15:7a:d0:3d:9a:7f:57:25:47:8f:b8:6b:08:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f0b737715114ded20f68ef0347d9f752a0e0b7
Validity
Not Before: Jul 19 14:41:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf14fc92e9ce3e4aeacf145c5d552748057f83c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:68:ff:36:23:d6:fd:4e:d8:12:36:c0:7f:84:
13:5c:4b:35:25:5b:18:dc:97:a1:42:26:c8:b6:75:
da:c0:31:28:4b:3c:6c:3a:eb:69:57:f4:17:b8:de:
93:9a:32:e6:80:d0:05:2c:4a:b3:76:a6:1d:18:43:
25:30:a7:66:d6:60:94:8e:52:68:c4:af:46:a8:c7:
0d:c0:b6:5d:93:d0:dc:3e:ae:d7:52:75:5d:6a:4b:
d0:31:e5:7c:6c:d0:5a:96:af:31:7e:37:72:92:e6:
94:af:87:ec:f9:c0:72:2c:c2:a4:5b:dc:bc:2a:0a:
1a:5b:77:be:c1:9c:e0:b4:3e:29:35:e0:ac:03:48:
de:c3:f1:de:c4:df:7f:76:42:8f:9e:09:74:92:57:
34:32:50:8a:d8:e0:96:8b:7d:c3:09:58:08:31:c6:
3c:9f:d3:79:14:7b:95:e4:80:ac:a8:68:ca:02:36:
d4:0e:6f:1d:77:e7:7c:52:d7:a5:59:d0:30:00:2a:
90:bb:c7:a3:cc:90:5b:4b:39:8b:27:c8:1e:32:05:
fc:59:47:b5:8c:22:7b:1b:4b:20:40:52:cb:20:7a:
cf:90:67:59:7b:46:93:ef:25:c5:27:1f:ac:cd:a2:
b7:fd:db:23:c5:86:2e:9d:89:b9:ae:b6:f9:05:ac:
5a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:14:FC:92:E9:CE:3E:4A:EA:CF:14:5C:5D:55:27:48:05:7F:83:C7
X509v3 Authority Key Identifier:
keyid:27:F0:B7:37:71:51:14:DE:D2:0F:68:EF:03:47:D9:F7:52:A0:E0:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_C3N3FRFN7SD2jvA0fZ91Kg4Lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b67953-3ce3-4afe-9d7e-1ed620452509/1/zxT8kunOPkrqzxRcXVUnSAV_g8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b67953-3ce3-4afe-9d7e-1ed620452509/1/J_C3N3FRFN7SD2jvA0fZ91Kg4Lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.48.0/20
185.77.124.0/22
Signature Algorithm: sha256WithRSAEncryption
67:ca:d1:bc:d9:cc:4f:11:0d:e0:64:d0:ab:6d:45:2b:99:65:
be:fe:3d:8c:10:94:36:4d:a5:a4:f6:52:b1:2e:65:3f:97:54:
63:6d:be:df:cf:88:75:9e:22:1d:ac:f3:5e:da:ec:d2:ad:b5:
db:74:ae:f5:16:2b:37:88:c0:68:cd:de:1d:f4:eb:46:97:1c:
ab:c5:94:e4:93:87:a3:da:01:22:b8:5b:98:40:87:a9:7a:ae:
8f:98:bf:7b:fb:53:0d:fe:82:a2:76:c5:60:e7:89:e7:56:be:
df:61:18:92:3c:ef:0f:2f:46:6d:0b:6c:aa:83:18:49:15:3c:
c1:db:c5:f5:5e:d3:59:60:70:2e:d7:94:00:1e:4e:77:09:53:
b2:58:4f:df:58:15:af:d1:4e:7e:99:1e:df:37:1a:7c:87:79:
a3:98:0f:ed:b8:9b:10:14:27:28:36:cd:de:9e:29:53:75:ac:
23:a5:c7:4a:c5:2b:01:25:07:9d:08:09:83:45:60:a2:66:ff:
41:85:8e:13:e5:a0:98:09:d5:62:b6:38:7a:30:20:4d:8d:f9:
d6:ed:95:70:b1:c6:bc:20:f9:ab:0a:a4:0e:b4:3b:93:81:b8:
6d:66:10:8e:fc:2b:0a:fb:0a:c2:cf:59:be:17:45:02:50:39:
d2:52:fb:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIW6BV60D2af1clR4+4awg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjBiNzM3NzE1MTE0ZGVkMjBmNjhlZjAzNDdkOWY3NTJh
MGUwYjcwHhcNMjIwNzE5MTQ0MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjE0ZmM5MmU5Y2UzZTRhZWFjZjE0NWM1ZDU1Mjc0ODA1N2Y4M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWj/NiPW/U7YEjbAf4QTXEs1JVsY
3JehQibItnXawDEoSzxsOutpV/QXuN6TmjLmgNAFLEqzdqYdGEMlMKdm1mCUjlJo
xK9GqMcNwLZdk9DcPq7XUnVdakvQMeV8bNBalq8xfjdykuaUr4fs+cByLMKkW9y8
KgoaW3e+wZzgtD4pNeCsA0jew/HexN9/dkKPngl0klc0MlCK2OCWi33DCVgIMcY8
n9N5FHuV5ICsqGjKAjbUDm8dd+d8UtelWdAwACqQu8ejzJBbSzmLJ8geMgX8WUe1
jCJ7G0sgQFLLIHrPkGdZe0aT7yXFJx+szaK3/dsjxYYunYm5rrb5BaxadQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM8U/JLpzj5K6s8UXF1VJ0gFf4PHMB8GA1UdIwQY
MBaAFCfwtzdxURTe0g9o7wNH2fdSoOC3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9DM04zRlJGTjdTRDJqdkEwZlo5MUtnNExjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iNjc5NTMtM2NlMy00YWZlLTlkN2Ut
MWVkNjIwNDUyNTA5LzEvenhUOGt1bk9Qa3JxenhSY1hWVW5TQVZfZzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iNjc5NTMtM2NlMy00YWZlLTlkN2UtMWVkNjIwNDUyNTA5
LzEvSl9DM04zRlJGTjdTRDJqdkEwZlo5MUtnNExjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELvwwAwQC
uU18MA0GCSqGSIb3DQEBCwUAA4IBAQBnytG82cxPEQ3gZNCrbUUrmWW+/j2MEJQ2
TaWk9lKxLmU/l1Rjbb7fz4h1niIdrPNe2uzSrbXbdK71Fis3iMBozd4d9OtGlxyr
xZTkk4ej2gEiuFuYQIepeq6PmL97+1MN/oKidsVg54nnVr7fYRiSPO8PL0ZtC2yq
gxhJFTzB28X1XtNZYHAu15QAHk53CVOyWE/fWBWv0U5+mR7fNxp8h3mjmA/tuJsQ
FCcoNs3enilTdawjpcdKxSsBJQedCAmDRWCiZv9BhY4T5aCYCdVitjh6MCBNjfnW
7ZVwsca8IPmrCqQOtDuTgbhtZhCO/CsK+wrCz1m+F0UCUDnSUvus
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org