Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_zygkm1vZ8cZO5FICht_5jqXblo.roa
File: _zygkm1vZ8cZO5FICht_5jqXblo.roa (raw, json)
Hash identifier: kqwrQgN2uJnR2fS0gu4HxPi3joSBe90wdNKHhxYQv+0=
Subject key identifier: FF:3C:A0:92:6D:6F:67:C7:19:3B:91:48:0A:1B:7F:E6:3A:97:6E:5A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01852F30EFCC7DA28A130C7ACD4A00D1BB55
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_zygkm1vZ8cZO5FICht_5jqXblo.roa
Signing time: Tue 20 Dec 2022 11:00:14 +0000
ROA not before: Tue 20 Dec 2022 11:00:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:30:ef:cc:7d:a2:8a:13:0c:7a:cd:4a:00:d1:bb:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 11:00:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff3ca0926d6f67c7193b91480a1b7fe63a976e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:25:60:53:c2:a7:d1:f0:a4:81:90:ce:e0:09:
e7:cd:91:c0:88:1f:25:d3:4e:01:85:d6:6a:dc:92:
40:c3:2d:0c:77:4d:70:90:f1:ec:f2:fe:2f:de:93:
db:22:f3:2d:4e:92:a4:a0:d6:34:da:51:bf:ba:86:
c6:f4:3b:35:0c:7c:d1:9a:68:e6:46:0c:05:14:2f:
c2:2b:15:c7:b4:5a:64:37:0e:c6:9c:28:10:8b:83:
cb:aa:8a:04:f7:85:64:64:f3:de:87:47:38:5c:0b:
18:13:2c:83:95:85:27:ab:dd:2e:0f:f0:dd:dc:25:
7e:d9:d7:07:a3:87:19:d4:e2:3b:94:c1:3b:09:db:
ab:b2:30:e2:39:e1:ce:99:43:d3:f2:29:cd:90:de:
6f:85:49:0f:29:b0:be:66:3c:cb:c5:a7:00:ed:73:
93:4e:5a:66:77:89:2b:f4:24:94:c4:b2:9f:eb:5c:
e6:3b:f5:88:09:72:35:ad:93:6c:c6:68:5e:0c:c8:
cc:4a:30:12:b0:eb:fe:d2:ea:bb:c2:b0:e4:25:6a:
1b:b0:8c:9e:0d:36:cf:57:e5:4e:2a:25:41:40:e2:
93:b8:6b:be:65:71:5f:bb:b6:72:dd:ad:50:b4:02:
db:92:47:e2:34:23:a8:bf:ad:5d:9d:96:9f:78:99:
ba:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3C:A0:92:6D:6F:67:C7:19:3B:91:48:0A:1B:7F:E6:3A:97:6E:5A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_zygkm1vZ8cZO5FICht_5jqXblo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0/24
94.156.11.0/24
141.98.1.0/24
185.221.64.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:42:b6:1c:9c:4f:50:7e:df:fb:0a:fa:02:f3:98:5a:3d:5a:
75:db:b9:39:f3:d0:3d:ff:1f:72:d0:9a:8f:12:29:0c:2d:a1:
98:57:c4:0f:bb:1b:4d:d3:f8:a4:ae:59:72:85:cc:a2:37:af:
d6:fb:9b:c0:d2:94:b5:0e:7a:de:4b:f5:95:ea:80:2c:80:66:
0e:cb:b4:82:22:57:cb:fd:9f:13:88:8b:d7:b6:75:ef:45:76:
6b:7a:37:8d:1b:5b:43:75:9e:08:59:6a:9f:c4:89:33:5d:30:
cd:18:07:b2:bb:9e:53:9e:03:a6:1d:42:33:7f:6d:11:5c:df:
b3:d3:53:8c:6f:45:d4:d2:00:03:66:46:10:91:5e:2a:2f:bd:
e0:44:38:2a:45:f3:6a:2e:5b:61:01:cc:5d:61:aa:ed:3a:12:
08:1d:d5:35:75:2b:aa:d5:0b:27:5e:d9:b9:c3:36:09:d9:fa:
05:84:20:96:8a:f1:27:d8:6f:1e:2e:2d:4a:97:59:84:52:c1:
9d:c6:2e:8d:1c:04:0f:dc:12:36:f9:95:b8:14:ee:ab:04:51:
cf:a6:7e:d4:d7:0d:62:a2:a8:84:9e:51:70:b1:a6:44:a1:01:
d2:14:09:9d:76:e6:25:43:f9:7b:8d:f5:ee:1b:85:9e:cf:ce:
cd:94:e7:4a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUvMO/MfaKKEwx6zUoA0btVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjIwMTEwMDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNjYTA5MjZkNmY2N2M3MTkzYjkxNDgwYTFiN2ZlNjNhOTc2ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryVgU8Kn0fCkgZDO4AnnzZHAiB8l
004BhdZq3JJAwy0Md01wkPHs8v4v3pPbIvMtTpKkoNY02lG/uobG9Ds1DHzRmmjm
RgwFFC/CKxXHtFpkNw7GnCgQi4PLqooE94VkZPPeh0c4XAsYEyyDlYUnq90uD/Dd
3CV+2dcHo4cZ1OI7lME7CdursjDiOeHOmUPT8inNkN5vhUkPKbC+ZjzLxacA7XOT
Tlpmd4kr9CSUxLKf61zmO/WICXI1rZNsxmheDMjMSjASsOv+0uq7wrDkJWobsIye
DTbPV+VOKiVBQOKTuGu+ZXFfu7Zy3a1QtALbkkfiNCOov61dnZafeJm6YQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP88oJJtb2fHGTuRSAobf+Y6l25aMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX3p5Z2ttMXZaOGNaTzVGSUNodF81anFYYmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCJd14AwQA
LVHxAwQAXpwLAwQAjWIBAwQAud1AAwQBwZUCMA0GCSqGSIb3DQEBCwUAA4IBAQB+
QrYcnE9Qft/7CvoC85haPVp127k589A9/x9y0JqPEikMLaGYV8QPuxtN0/ikrlly
hcyiN6/W+5vA0pS1DnreS/WV6oAsgGYOy7SCIlfL/Z8TiIvXtnXvRXZrejeNG1tD
dZ4IWWqfxIkzXTDNGAeyu55TngOmHUIzf20RXN+z01OMb0XU0gADZkYQkV4qL73g
RDgqRfNqLlthAcxdYartOhIIHdU1dSuq1QsnXtm5wzYJ2foFhCCWivEn2G8eLi1K
l1mEUsGdxi6NHAQP3BI2+ZW4FO6rBFHPpn7U1w1ioqiEnlFwsaZEoQHSFAmdduYl
Q/l7jfXuG4Wez87NlOdK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org