Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZOjORJZ6msA87pK4gAV85KaKHKI.roa
File: ZOjORJZ6msA87pK4gAV85KaKHKI.roa (raw, json)
Hash identifier: FSq59XsNUyEI0sT2K+R8GQI3UE/opdbqrI5hW0On8eo=
Subject key identifier: 64:E8:CE:44:96:7A:9A:C0:3C:EE:92:B8:80:05:7C:E4:A6:8A:1C:A2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018224AA19C56A01676C1545EA13E73D285F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZOjORJZ6msA87pK4gAV85KaKHKI.roa
Signing time: Fri 22 Jul 2022 06:48:23 +0000
ROA not before: Fri 22 Jul 2022 06:48:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393398
IP address blocks: 81.161.237.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
193.42.35.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:24:aa:19:c5:6a:01:67:6c:15:45:ea:13:e7:3d:28:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 22 06:48:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64e8ce44967a9ac03cee92b880057ce4a68a1ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6e:28:19:2f:8a:ed:53:63:43:65:f5:38:41:
75:b3:31:ce:a1:21:0d:66:2d:f5:56:a9:58:1b:4d:
f9:84:cb:1b:ba:9c:e6:f6:01:1e:c6:0b:37:bc:de:
3d:b1:7f:ce:0e:c6:d1:db:2b:cc:15:b5:2f:de:e1:
11:ef:59:a2:61:e2:5a:c7:51:af:52:18:ff:8f:14:
c8:18:b0:c4:b8:6a:22:54:9c:42:a3:5b:de:20:01:
1b:15:20:06:ff:a4:d7:31:6e:ab:48:76:c5:2c:57:
99:74:05:39:b5:72:23:4c:38:ff:d0:f7:17:a6:14:
cc:ab:76:e2:9b:ee:06:c3:0e:32:24:1b:a9:07:0a:
c2:4e:4f:16:d3:51:e9:b4:3d:8e:01:bd:5a:45:6c:
ce:05:ee:f9:ad:dd:c0:ae:0a:4c:1b:e4:1d:bf:12:
a9:b7:90:42:f8:63:36:7a:e3:2c:1d:7a:4f:e0:8d:
f8:6a:f8:e1:b9:15:8b:91:0e:02:c2:0e:cd:1b:0e:
b3:dc:e2:4e:8b:28:02:cd:a6:b0:d2:ab:16:0b:bd:
28:dc:57:3d:39:4b:6f:95:18:00:4d:6c:5b:55:53:
e6:a5:a1:c1:22:a1:0c:4c:e2:d7:63:1c:7f:9d:ed:
4e:60:5d:6f:0e:ed:a1:32:ad:b5:16:16:ee:72:d6:
c3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E8:CE:44:96:7A:9A:C0:3C:EE:92:B8:80:05:7C:E4:A6:8A:1C:A2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZOjORJZ6msA87pK4gAV85KaKHKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
193.42.33.0-193.42.35.255
193.58.121.0-193.58.123.255
Signature Algorithm: sha256WithRSAEncryption
30:cc:fc:98:e9:0f:02:06:9f:90:0a:16:38:d0:5a:bf:d0:ab:
e3:ec:52:40:a1:dd:3c:63:b8:e0:92:fa:d7:f6:d7:09:e2:24:
c5:68:c6:22:08:21:b2:82:8b:42:03:d7:c1:53:f2:1d:0b:ff:
69:db:bd:af:51:3c:f4:e8:c4:e9:e9:a6:37:e1:9c:42:53:f3:
5c:29:93:9b:fb:b3:11:d7:23:be:04:06:73:05:83:fe:23:6e:
ee:55:38:ba:a8:78:83:2d:e9:4d:4a:1d:50:c0:48:49:ce:39:
c6:07:3a:c9:4c:47:2d:34:6a:93:7e:b7:ab:0e:e0:61:67:65:
e7:12:e1:78:68:26:7b:45:87:fa:6a:bf:6c:6d:f9:2f:fe:2e:
29:4c:2d:79:fe:62:ce:f7:fe:a1:aa:46:3e:3a:3d:f7:09:f5:
c9:a6:3a:d5:b8:11:18:45:ec:39:76:29:1e:7f:df:4b:aa:55:
f0:74:b2:81:9e:47:4e:69:c0:ea:c6:95:a9:2e:db:96:18:04:
be:88:76:e6:54:3a:b7:09:20:74:89:ed:73:ad:46:f9:e2:99:
52:ad:c6:c7:bb:57:d0:63:be:ef:cb:22:93:ba:50:b9:7c:b9:
d5:e5:f1:a6:d3:88:9e:f8:2f:0b:53:c3:88:d9:5f:10:14:1d:
d4:36:f4:6a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYIkqhnFagFnbBVF6hPnPShfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzIyMDY0ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGU4Y2U0NDk2N2E5YWMwM2NlZTkyYjg4MDA1N2NlNGE2OGExY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiG4oGS+K7VNjQ2X1OEF1szHOoSEN
Zi31VqlYG035hMsbupzm9gEexgs3vN49sX/ODsbR2yvMFbUv3uER71miYeJax1Gv
Uhj/jxTIGLDEuGoiVJxCo1veIAEbFSAG/6TXMW6rSHbFLFeZdAU5tXIjTDj/0PcX
phTMq3bim+4Gww4yJBupBwrCTk8W01HptD2OAb1aRWzOBe75rd3ArgpMG+QdvxKp
t5BC+GM2euMsHXpP4I34avjhuRWLkQ4Cwg7NGw6z3OJOiygCzaaw0qsWC70o3Fc9
OUtvlRgATWxbVVPmpaHBIqEMTOLXYxx/ne1OYF1vDu2hMq21FhbuctbD7wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGTozkSWeprAPO6SuIAFfOSmihyiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWk9qT1JKWjZtc0E4N3BLNGdBVjg1S2FLSEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAUaHtMAwD
BADBKiEDBALBKiAwDAMEAME6eQMEAsE6eDANBgkqhkiG9w0BAQsFAAOCAQEAMMz8
mOkPAgafkAoWONBav9Cr4+xSQKHdPGO44JL61/bXCeIkxWjGIgghsoKLQgPXwVPy
HQv/adu9r1E89OjE6emmN+GcQlPzXCmTm/uzEdcjvgQGcwWD/iNu7lU4uqh4gy3p
TUodUMBISc45xgc6yUxHLTRqk363qw7gYWdl5xLheGgme0WH+mq/bG35L/4uKUwt
ef5izvf+oapGPjo99wn1yaY61bgRGEXsOXYpHn/fS6pV8HSygZ5HTmnA6saVqS7b
lhgEvoh25lQ6twkgdIntc61G+eKZUq3Gx7tX0GO+78sik7pQuXy51eXxptOInvgv
C1PDiNlfEBQd1Db0ag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org