Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZlYX08LVullKFH2eou00TqPLbn0.roa
File: ZlYX08LVullKFH2eou00TqPLbn0.roa (raw, json)
Hash identifier: PUQCRsHyVCH2s/Y8nwYDoncGoNaEfJa3+eja9utd/aY=
Subject key identifier: 66:56:17:D3:C2:D5:BA:59:4A:14:7D:9E:A2:ED:34:4E:A3:CB:6E:7D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D47F7E2
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZlYX08LVullKFH2eou00TqPLbn0.roa
Signing time: Tue 31 May 2022 07:05:15 +0000
ROA not before: Tue 31 May 2022 07:05:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 109.72.122.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.202.0/24 maxlen: 24
89.185.0.0/24 maxlen: 24
93.185.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 491255778 (0x1d47f7e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 31 07:05:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=665617d3c2d5ba594a147d9ea2ed344ea3cb6e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a7:95:0c:98:ab:90:c6:2e:b7:60:58:a2:6b:
dd:86:01:76:17:76:13:03:50:12:08:95:69:b5:af:
ef:63:0d:22:aa:ab:37:9d:6e:d6:85:84:16:2c:43:
69:fd:ae:c5:c4:c1:96:24:cd:21:ee:03:ba:65:e1:
17:78:eb:89:c2:65:19:01:9c:c3:db:4a:dd:c6:76:
c5:6f:ba:5c:d9:44:3a:7f:cb:5b:87:fe:2d:47:5c:
bd:8b:d8:d5:2a:62:a9:e8:d7:8e:3e:e5:26:81:3e:
af:42:9e:39:d1:b9:b2:fc:a0:40:03:a5:48:3e:ba:
d8:f4:f0:ae:b6:4b:c7:c9:1f:96:a9:af:95:54:d3:
19:c0:5e:9c:18:0d:73:08:0c:3d:78:f5:63:f7:30:
d1:4e:74:af:0c:f4:17:e5:46:e3:eb:7c:0d:b2:30:
18:12:c4:81:cd:33:9c:b7:5a:36:47:5f:da:5b:d9:
a2:bd:75:dd:68:b7:6a:43:22:6d:ab:b7:f9:ae:1e:
cd:a5:18:c9:3a:bb:b3:54:83:79:77:ff:08:7f:e2:
b9:92:23:95:56:b0:b3:da:94:20:ea:de:cb:99:05:
b6:63:32:4e:28:8c:f4:fe:4d:8a:8a:73:5e:a4:9d:
76:21:ea:4e:8c:87:bf:f0:11:64:5a:e6:16:4c:03:
76:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:56:17:D3:C2:D5:BA:59:4A:14:7D:9E:A2:ED:34:4E:A3:CB:6E:7D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZlYX08LVullKFH2eou00TqPLbn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/24
93.185.214.0/24
109.72.122.0/24
185.30.200.0-185.30.202.255
Signature Algorithm: sha256WithRSAEncryption
5a:46:e0:24:03:dc:83:3a:4d:5f:38:f8:c1:f9:04:de:01:a9:
b2:d0:bb:75:ac:24:27:81:dc:f0:4a:1d:56:eb:88:c2:9f:5f:
97:97:a5:de:b4:dc:42:88:bc:d1:6a:e4:a5:c1:7a:dd:61:02:
53:fc:a7:7a:1b:4f:bd:44:ce:60:ba:b5:89:7d:69:af:40:2c:
f1:2e:2b:ad:ca:06:e9:60:fd:c2:2c:7c:26:94:a6:03:84:a3:
73:eb:fa:8c:72:fb:26:21:8b:99:10:d6:ee:e3:f8:f9:16:eb:
02:45:32:cd:53:4f:fa:72:86:72:87:41:8e:2d:ae:cd:c3:25:
fa:6e:17:8d:8c:8f:fa:e3:c0:94:7e:20:07:0c:ea:db:f1:36:
2d:eb:d7:97:a4:28:e3:c3:46:e6:94:78:95:fe:fb:d9:52:6f:
70:88:00:e7:68:69:62:50:4e:94:01:07:78:87:e0:70:f3:33:
e3:ad:cb:b1:8a:37:03:23:f5:0a:66:c5:91:98:7a:a3:7d:af:
ce:e3:20:c7:cc:78:cf:92:89:04:1b:e6:b0:f1:de:17:e7:45:
54:ea:12:24:86:fa:f7:54:35:4c:fd:89:3e:d5:80:a6:23:7d:
c8:01:0d:83:2c:1b:52:54:cd:97:c4:4e:02:8a:c2:b2:d6:f2:
fb:d6:53:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHUf34jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDUz
MTA3MDUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY1NjE3ZDNjMmQ1
YmE1OTRhMTQ3ZDllYTJlZDM0NGVhM2NiNmU3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmnlQyYq5DGLrdgWKJr3YYBdhd2EwNQEgiVabWv72MNIqqr
N51u1oWEFixDaf2uxcTBliTNIe4DumXhF3jricJlGQGcw9tK3cZ2xW+6XNlEOn/L
W4f+LUdcvYvY1SpiqejXjj7lJoE+r0KeOdG5svygQAOlSD662PTwrrZLx8kflqmv
lVTTGcBenBgNcwgMPXj1Y/cw0U50rwz0F+VG4+t8DbIwGBLEgc0znLdaNkdf2lvZ
or113Wi3akMibau3+a4ezaUYyTq7s1SDeXf/CH/iuZIjlVaws9qUIOrey5kFtmMy
TiiM9P5NiopzXqSddiHqToyHv/ARZFrmFkwDdt8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRmVhfTwtW6WUoUfZ6i7TROo8tufTAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L1psWVgwOExWdWxsS0ZIMmVvdTAwVHFQTGJuMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFm5AAMEAF251gMEAG1IejAMAwQD
uR7IAwQAuR7KMA0GCSqGSIb3DQEBCwUAA4IBAQBaRuAkA9yDOk1fOPjB+QTeAamy
0Lt1rCQngdzwSh1W64jCn1+Xl6XetNxCiLzRauSlwXrdYQJT/Kd6G0+9RM5gurWJ
fWmvQCzxLiutygbpYP3CLHwmlKYDhKNz6/qMcvsmIYuZENbu4/j5FusCRTLNU0/6
coZyh0GOLa7NwyX6bheNjI/648CUfiAHDOrb8TYt69eXpCjjw0bmlHiV/vvZUm9w
iADnaGliUE6UAQd4h+Bw8zPjrcuxijcDI/UKZsWRmHqjfa/O4yDHzHjPkokEG+aw
8d4X50VU6hIkhvr3VDVM/Yk+1YCmI33IAQ2DLBtSVM2XxE4CisKy1vL71lNJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org