Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/zI98DoCeM8nMELEesEiT6lYxr8I.roa
File: zI98DoCeM8nMELEesEiT6lYxr8I.roa (raw, json)
Hash identifier: Cdd6r+GCZeTwv6dRARRGYzNpaskoM3RGZ9IRpamr1WI=
Subject key identifier: CC:8F:7C:0E:80:9E:33:C9:CC:10:B1:1E:B0:48:93:EA:56:31:AF:C2
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 0183C72A398F5B843AFA41E3903576FF0DBC
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/zI98DoCeM8nMELEesEiT6lYxr8I.roa
Signing time: Tue 11 Oct 2022 13:09:36 +0000
ROA not before: Tue 11 Oct 2022 13:09:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205199
IP address blocks: 194.35.182.0/24 maxlen: 24
194.35.95.0/24 maxlen: 24
194.35.92.0/24 maxlen: 24
193.43.14.0/24 maxlen: 24
193.43.28.0/24 maxlen: 24
193.43.37.0/24 maxlen: 24
45.136.156.0/22 maxlen: 22
185.157.168.0/22 maxlen: 22
45.150.160.0/22 maxlen: 22
193.42.219.0/24 maxlen: 24
194.35.78.0/24 maxlen: 24
194.147.242.0/23 maxlen: 23
194.147.250.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:2a:39:8f:5b:84:3a:fa:41:e3:90:35:76:ff:0d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Oct 11 13:09:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc8f7c0e809e33c9cc10b11eb04893ea5631afc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a2:5b:f4:4b:19:33:b9:c5:72:43:69:8a:2e:
4b:7a:90:95:3b:cb:ba:25:b7:38:5a:5b:6c:0a:29:
8c:b8:7e:d9:aa:12:7f:f8:58:74:4c:cf:5c:c2:27:
bf:2b:29:88:8a:03:f9:55:c3:05:b1:b2:bf:c9:c2:
28:7a:50:7d:33:6a:4d:33:cf:29:62:ae:dd:96:b1:
0e:74:f3:5d:2c:bc:82:24:f4:09:ab:5a:87:d7:d0:
ab:c3:9e:59:3f:7b:67:9b:f7:5c:0a:a0:22:57:ca:
e6:3e:cb:77:9f:2a:8b:a2:d3:3d:8e:21:4f:74:44:
75:4c:aa:42:c2:50:ff:1b:e2:bc:e7:9b:eb:f4:05:
1e:ec:a5:49:26:52:09:52:5a:e8:b8:f3:b4:cc:86:
47:88:0f:a7:68:35:7c:21:35:46:a6:57:c4:63:9b:
35:ec:c4:38:c0:74:c5:42:6c:83:bd:df:0e:cf:61:
86:11:ee:ec:60:0f:32:db:eb:3b:51:64:fe:f5:bc:
af:41:d3:2e:cc:8c:0b:2c:53:a3:6e:26:8c:9e:d1:
76:c3:d6:f9:9c:7f:95:df:9a:84:39:ba:ae:c1:35:
15:aa:79:04:d7:c0:83:4b:46:5b:99:28:f1:ba:ab:
7f:34:95:73:3c:e9:f7:c5:14:c0:8b:f4:be:38:17:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8F:7C:0E:80:9E:33:C9:CC:10:B1:1E:B0:48:93:EA:56:31:AF:C2
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/zI98DoCeM8nMELEesEiT6lYxr8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.156.0/22
45.150.160.0/22
185.157.168.0/22
193.42.219.0/24
193.43.14.0/24
193.43.28.0/24
193.43.37.0/24
194.35.78.0/24
194.35.92.0/24
194.35.95.0/24
194.35.182.0/24
194.147.242.0/23
194.147.250.0/23
Signature Algorithm: sha256WithRSAEncryption
13:7a:95:e9:94:9d:50:6e:e9:8b:14:17:bf:82:58:3e:f8:60:
10:7b:b1:58:c7:6b:09:71:7f:79:d1:eb:54:7f:4d:99:c1:2f:
66:96:d9:02:05:42:80:5b:1d:50:0e:99:1b:c0:5b:cc:04:40:
9e:21:fd:03:a1:fc:6e:22:56:e7:19:00:a2:42:47:56:29:07:
91:12:09:88:6f:ee:2f:8c:3f:e4:12:cd:8e:c4:37:ea:4b:8f:
08:26:17:08:f7:c8:3a:2a:24:9b:19:d0:d8:f3:d4:76:4e:ff:
49:52:be:30:9a:0b:4d:a9:f3:6d:78:00:68:1f:97:b4:7d:e3:
df:2d:02:77:83:b0:84:8a:50:6d:49:21:80:40:17:b7:bb:c9:
bc:95:03:9a:3e:2e:44:7d:28:2d:da:e4:1a:72:a9:d8:ba:80:
ea:9b:06:77:a3:df:48:55:6f:f2:4a:85:7c:88:60:64:72:76:
f5:62:38:d7:a3:f4:de:86:d1:b7:35:ee:a0:8a:8f:eb:20:b9:
85:ae:e3:dc:26:5d:0b:ad:9e:d7:96:7a:8d:f4:1d:00:b2:6c:
c3:e4:f7:38:26:f7:27:e3:35:5e:c7:42:b6:79:62:24:01:e3:
47:04:d0:f0:4f:c7:66:8a:15:3f:be:14:7d:51:89:f1:d8:c2:
3f:8b:33:df
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYPHKjmPW4Q6+kHjkDV2/w28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzcyMGU5NzBmYWEwZTA3ZjUwYTYzODllN2FlNTNhZmE0
MzlkYWIwHhcNMjIxMDExMTMwOTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzhmN2MwZTgwOWUzM2M5Y2MxMGIxMWViMDQ4OTNlYTU2MzFhZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqJb9EsZM7nFckNpii5LepCVO8u6
Jbc4WltsCimMuH7ZqhJ/+Fh0TM9cwie/KymIigP5VcMFsbK/ycIoelB9M2pNM88p
Yq7dlrEOdPNdLLyCJPQJq1qH19Crw55ZP3tnm/dcCqAiV8rmPst3nyqLotM9jiFP
dER1TKpCwlD/G+K855vr9AUe7KVJJlIJUlrouPO0zIZHiA+naDV8ITVGplfEY5s1
7MQ4wHTFQmyDvd8Oz2GGEe7sYA8y2+s7UWT+9byvQdMuzIwLLFOjbiaMntF2w9b5
nH+V35qEObquwTUVqnkE18CDS0ZbmSjxuqt/NJVzPOn3xRTAi/S+OBdoGwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMyPfA6AnjPJzBCxHrBIk+pWMa/CMB8GA1UdIwQY
MBaAFJ83IOlw+qDgf1CmOJ565Tr6Q52rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQt
MTJlNmEwZDQzMThhLzEvekk5OERvQ2VNOG5NRUxFZXNFaVQ2bFl4cjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQtMTJlNmEwZDQzMThh
LzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCLYicAwQC
LZagAwQCuZ2oAwQAwSrbAwQAwSsOAwQAwSscAwQAwSslAwQAwiNOAwQAwiNcAwQA
wiNfAwQAwiO2AwQBwpPyAwQBwpP6MA0GCSqGSIb3DQEBCwUAA4IBAQATepXplJ1Q
bumLFBe/glg++GAQe7FYx2sJcX950etUf02ZwS9mltkCBUKAWx1QDpkbwFvMBECe
If0DofxuIlbnGQCiQkdWKQeREgmIb+4vjD/kEs2OxDfqS48IJhcI98g6KiSbGdDY
89R2Tv9JUr4wmgtNqfNteABoH5e0fePfLQJ3g7CEilBtSSGAQBe3u8m8lQOaPi5E
fSgt2uQacqnYuoDqmwZ3o99IVW/ySoV8iGBkcnb1YjjXo/TehtG3Ne6gio/rILmF
ruPcJl0LrZ7XlnqN9B0AsmzD5Pc4Jvcn4zVex0K2eWIkAeNHBNDwT8dmihU/vhR9
UYnx2MI/izPf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org