Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/zm7dwllUskE4tu4BM6eroRcyzPs.roa
File: zm7dwllUskE4tu4BM6eroRcyzPs.roa (raw, json)
Hash identifier: fXNpua31k44tBnS7VV15ATM1Tqdw/dZn8jobXUo8L2w=
Subject key identifier: CE:6E:DD:C2:59:54:B2:41:38:B6:EE:01:33:A7:AB:A1:17:32:CC:FB
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 0184851962785C081B2D7341E07FFE15E836
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/zm7dwllUskE4tu4BM6eroRcyzPs.roa
Signing time: Thu 17 Nov 2022 10:19:04 +0000
ROA not before: Thu 17 Nov 2022 10:19:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9127
IP address blocks: 82.146.4.0/23 maxlen: 24
84.238.164.0/24 maxlen: 24
84.238.166.0/24 maxlen: 24
82.146.8.0/23 maxlen: 24
82.146.10.0/24 maxlen: 24
82.146.14.0/24 maxlen: 24
82.146.30.0/24 maxlen: 24
212.72.192.0/24 maxlen: 24
212.72.192.0/22 maxlen: 22
212.72.196.0/23 maxlen: 23
212.72.204.0/24 maxlen: 24
212.72.200.0/23 maxlen: 23
212.72.204.0/23 maxlen: 23
212.72.213.0/24 maxlen: 24
212.72.207.0/24 maxlen: 24
212.72.208.0/22 maxlen: 22
213.130.94.0/24 maxlen: 24
212.72.215.0/24 maxlen: 24
212.72.216.0/22 maxlen: 22
212.72.220.0/24 maxlen: 24
212.72.222.0/23 maxlen: 23
213.130.70.0/23 maxlen: 23
213.130.72.0/23 maxlen: 23
213.130.75.0/24 maxlen: 24
2a00:e40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:19:62:78:5c:08:1b:2d:73:41:e0:7f:fe:15:e8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Nov 17 10:19:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce6eddc25954b24138b6ee0133a7aba11732ccfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e8:6a:17:19:bc:92:75:c9:66:0c:95:9c:fa:
39:4e:1a:d7:d0:17:c2:f7:98:2b:aa:08:7b:da:e0:
52:8d:45:fe:2b:93:69:6f:65:a7:1d:7a:2a:dd:c1:
11:a0:ea:d8:4e:28:6a:be:0d:58:0c:76:bc:14:a7:
e4:83:dc:c2:99:cb:9f:75:40:88:4e:9f:6a:1f:1b:
e4:ad:30:8d:b5:1a:b2:ea:4b:94:d0:0f:fc:29:fa:
ef:cc:ed:68:bf:52:3a:37:14:fc:f7:97:8d:01:b4:
4d:2d:51:e3:9e:ab:23:f9:45:5a:a5:39:ae:bb:55:
45:84:5c:5e:25:bf:8e:89:24:82:c1:06:90:3e:cd:
32:c9:be:27:ae:ce:cf:64:c6:f9:7c:94:4f:7a:cc:
39:09:78:88:91:df:e4:be:a3:6a:94:67:ce:27:56:
59:63:22:d2:24:28:a1:45:c1:51:96:54:35:9c:ab:
78:a3:fd:6a:da:a8:b5:2f:d2:7d:f4:74:2b:5e:6d:
17:3c:a4:82:b8:31:0c:ef:84:54:84:c9:e9:67:6a:
56:5b:02:b9:89:ad:4e:f8:7b:44:8d:fc:fe:11:42:
d4:c0:36:29:05:ee:2c:10:99:0c:c2:19:8f:06:26:
dc:e5:68:87:1d:90:cd:23:89:e3:eb:df:af:51:ac:
8b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6E:DD:C2:59:54:B2:41:38:B6:EE:01:33:A7:AB:A1:17:32:CC:FB
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/zm7dwllUskE4tu4BM6eroRcyzPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.4.0/23
82.146.8.0-82.146.10.255
82.146.14.0/24
82.146.30.0/24
84.238.164.0/24
84.238.166.0/24
212.72.192.0-212.72.197.255
212.72.200.0/23
212.72.204.0/23
212.72.207.0-212.72.211.255
212.72.213.0/24
212.72.215.0-212.72.220.255
212.72.222.0/23
213.130.70.0-213.130.73.255
213.130.75.0/24
213.130.94.0/24
IPv6:
2a00:e40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:f0:73:b2:d1:fe:a0:bc:a4:23:62:94:48:94:6c:e0:99:c7:
ac:b4:e0:23:44:b6:48:49:27:b3:b8:a4:4f:ac:36:b0:ff:cf:
4f:67:ec:ff:42:c9:e4:4b:fb:94:e4:e4:b1:25:53:d3:fd:65:
ac:d1:e7:b1:9d:87:eb:a5:7b:68:59:0d:3b:3b:82:c2:b6:e7:
78:47:ff:8f:c9:b6:e7:c4:47:bf:c3:1b:1b:fc:2f:23:82:b7:
29:ed:4f:fe:de:cb:ac:76:50:36:27:fc:91:28:54:bb:4b:f1:
79:42:14:5d:eb:7f:3a:a5:53:b5:5d:d7:d5:71:8a:bc:ec:78:
44:5a:91:34:7e:48:6d:79:30:fa:e7:d9:99:b8:80:3b:23:44:
1a:b7:99:61:f6:a4:36:fe:33:24:fd:76:09:c8:15:58:db:a0:
24:59:4a:b3:d8:fa:44:72:77:a7:ef:31:dc:9d:a2:d8:0a:ab:
c9:62:b0:29:a1:c4:d3:ac:df:76:91:39:85:37:7b:a8:2b:b0:
1b:59:e1:b4:76:38:ec:50:10:6b:65:02:40:dd:60:bc:34:37:
ee:1a:d3:a9:ba:36:39:c6:e8:36:d1:2e:df:f0:2f:29:09:cb:
bc:7f:39:07:09:b1:2f:ed:82:8d:7b:ca:61:28:41:79:ea:e8:
2a:58:22:a9
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYSFGWJ4XAgbLXNB4H/+Feg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjIxMTE3MTAxOTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTZlZGRjMjU5NTRiMjQxMzhiNmVlMDEzM2E3YWJhMTE3MzJjY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuhqFxm8knXJZgyVnPo5ThrX0BfC
95grqgh72uBSjUX+K5Npb2WnHXoq3cERoOrYTihqvg1YDHa8FKfkg9zCmcufdUCI
Tp9qHxvkrTCNtRqy6kuU0A/8KfrvzO1ov1I6NxT895eNAbRNLVHjnqsj+UVapTmu
u1VFhFxeJb+OiSSCwQaQPs0yyb4nrs7PZMb5fJRPesw5CXiIkd/kvqNqlGfOJ1ZZ
YyLSJCihRcFRllQ1nKt4o/1q2qi1L9J99HQrXm0XPKSCuDEM74RUhMnpZ2pWWwK5
ia1O+HtEjfz+EULUwDYpBe4sEJkMwhmPBibc5WiHHZDNI4nj69+vUayL2wIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFM5u3cJZVLJBOLbuATOnq6EXMsz7MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvem03ZHdsbFVza0U0dHU0Qk02ZXJvUmN5elBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgDBAFS
kgQwDAMEA1KSCAMEAFKSCgMEAFKSDgMEAFKSHgMEAFTupAMEAFTupjAMAwQG1EjA
AwQB1EjEAwQB1EjIAwQB1EjMMAwDBADUSM8DBALUSNADBADUSNUwDAMEANRI1wME
ANRI3AMEAdRI3jAMAwQB1YJGAwQB1YJIAwQA1YJLAwQA1YJeMA0EAgACMAcDBQAq
AA5AMA0GCSqGSIb3DQEBCwUAA4IBAQBb8HOy0f6gvKQjYpRIlGzgmcestOAjRLZI
SSezuKRPrDaw/89PZ+z/QsnkS/uU5OSxJVPT/WWs0eexnYfrpXtoWQ07O4LCtud4
R/+PybbnxEe/wxsb/C8jgrcp7U/+3susdlA2J/yRKFS7S/F5QhRd6386pVO1XdfV
cYq87HhEWpE0fkhteTD659mZuIA7I0Qat5lh9qQ2/jMk/XYJyBVY26AkWUqz2PpE
cnen7zHcnaLYCqvJYrApocTTrN92kTmFN3uoK7AbWeG0djjsUBBrZQJA3WC8NDfu
GtOpujY5xug20S7f8C8pCcu8fzkHCbEv7YKNe8phKEF56ugqWCKp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:54 2024 by rpki-client on console-ams.rpki-client.org