Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zT9eew-zXvwOFCHS5lv8Iz4Tb4U.roa
File: zT9eew-zXvwOFCHS5lv8Iz4Tb4U.roa (raw, json)
Hash identifier: pfGjJUF/gTaR1/0QsZlAYAYc3h+9Tz9o8fde3BpmjgI=
Subject key identifier: CD:3F:5E:7B:0F:B3:5E:FC:0E:14:21:D2:E6:5B:FC:23:3E:13:6F:85
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1D045894
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zT9eew-zXvwOFCHS5lv8Iz4Tb4U.roa
Signing time: Thu 03 Feb 2022 16:28:49 +0000
ROA not before: Thu 03 Feb 2022 16:28:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 192.145.29.0/24 maxlen: 24
192.145.31.0/24 maxlen: 24
192.145.30.0/24 maxlen: 24
192.145.28.0/24 maxlen: 24
185.252.162.0/24 maxlen: 24
185.252.160.0/24 maxlen: 24
185.252.161.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
193.148.50.0/24 maxlen: 24
194.11.199.0/24 maxlen: 24
194.11.197.0/24 maxlen: 24
193.148.48.0/24 maxlen: 24
193.148.51.0/24 maxlen: 24
193.148.49.0/24 maxlen: 24
194.11.196.0/24 maxlen: 24
194.11.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486824084 (0x1d045894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 3 16:28:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd3f5e7b0fb35efc0e1421d2e65bfc233e136f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3c:75:03:87:38:e1:60:20:21:f0:d7:04:81:
27:75:a4:14:b6:3c:3d:f3:ab:48:6e:2d:e9:8f:b5:
cb:a4:7f:e0:72:bd:90:9c:5e:65:fd:60:c3:69:4d:
5c:29:33:d7:2b:c4:d5:95:a4:f1:20:37:cb:a9:16:
1e:f8:9e:1a:3d:79:1d:a5:0f:37:7d:a2:c9:79:c0:
8f:61:f4:f1:f1:b7:a8:4f:1e:59:86:f9:bd:03:d4:
79:53:5a:46:46:e4:da:5b:e7:a9:f8:1e:a4:4d:48:
cd:0f:f7:7d:75:16:df:0a:ec:b3:ec:13:6b:16:77:
48:cc:52:5d:94:b7:74:19:15:97:7c:d5:2f:75:d7:
a9:f5:d3:fe:31:89:a3:bf:8d:e2:a2:45:aa:e8:b9:
f9:49:48:68:e8:86:aa:69:ad:3c:16:f5:81:b9:31:
31:b3:2a:9f:57:fe:8f:07:10:40:cf:69:02:b4:04:
5b:30:81:c6:b5:0f:a3:a4:1a:bc:21:47:30:17:95:
10:fd:f4:98:2b:df:84:d8:2b:45:70:f7:2e:8e:4a:
f9:c1:c3:a2:55:f8:13:b5:b7:87:28:2e:ad:f6:56:
c9:3c:10:4c:b4:bf:9e:4b:33:3b:d8:ae:c5:6e:cd:
53:58:d9:42:77:67:42:02:6a:63:d3:b5:89:d1:d7:
b5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3F:5E:7B:0F:B3:5E:FC:0E:14:21:D2:E6:5B:FC:23:3E:13:6F:85
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zT9eew-zXvwOFCHS5lv8Iz4Tb4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.68.0/22
185.252.160.0/22
192.145.28.0/22
193.148.48.0/22
194.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:c3:1f:3c:fc:f5:a7:e9:b9:c9:04:b1:02:82:7c:0c:7c:ac:
6c:90:96:5a:74:52:5b:79:21:94:41:06:f7:e3:a6:8b:aa:5e:
af:28:ba:0e:92:c2:ca:1d:ba:2a:73:38:32:d1:64:9f:18:ff:
0f:61:1e:72:1b:aa:43:cb:68:f3:f5:af:37:3d:a7:4d:56:27:
82:e9:4d:c5:17:73:3d:de:a3:1f:bf:55:08:ef:81:5b:3c:0c:
06:9c:39:b1:5f:70:66:ba:92:4e:96:11:f4:b0:31:68:8d:1a:
98:a3:fd:ad:d6:d5:cf:25:7b:60:aa:84:8d:5e:5c:ec:1f:08:
25:e2:f9:77:71:41:87:9e:37:d8:cc:67:4a:cf:f1:10:84:19:
b3:b2:ad:3d:8c:22:11:08:4c:1a:5f:66:0e:d4:7c:20:3d:f9:
a5:75:51:e6:07:af:05:57:3d:f3:b4:72:ce:e9:fd:8b:a3:f8:
a9:60:04:52:f1:89:2f:ef:56:b4:73:30:cc:a9:e9:12:67:be:
61:78:79:08:98:16:c0:b9:fb:79:16:87:ab:a9:95:d9:09:d0:
a3:e4:d5:63:e3:f5:87:77:de:36:6c:e7:a0:31:89:9f:33:c6:
d9:94:80:a3:13:44:cc:f7:15:67:d5:74:e0:c1:aa:a5:cb:8b:
21:eb:e0:c8
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEHQRYlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDIw
MzE2Mjg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QzZjVlN2IwZmIz
NWVmYzBlMTQyMWQyZTY1YmZjMjMzZTEzNmY4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANs8dQOHOOFgICHw1wSBJ3WkFLY8PfOrSG4t6Y+1y6R/4HK9
kJxeZf1gw2lNXCkz1yvE1ZWk8SA3y6kWHvieGj15HaUPN32iyXnAj2H08fG3qE8e
WYb5vQPUeVNaRkbk2lvnqfgepE1IzQ/3fXUW3wrss+wTaxZ3SMxSXZS3dBkVl3zV
L3XXqfXT/jGJo7+N4qJFqui5+UlIaOiGqmmtPBb1gbkxMbMqn1f+jwcQQM9pArQE
WzCBxrUPo6QavCFHMBeVEP30mCvfhNgrRXD3Lo5K+cHDolX4E7W3hygurfZWyTwQ
TLS/nkszO9iuxW7NU1jZQndnQgJqY9O1idHXtWcCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTNP157D7Ne/A4UIdLmW/wjPhNvhTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L3pUOWVldy16WHZ3T0ZDSFM1bHY4SXo0VGI0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEArnYRAMEArn8oAMEAsCRHAMEAsGU
MAMEAsILxDANBgkqhkiG9w0BAQsFAAOCAQEATsMfPPz1p+m5yQSxAoJ8DHysbJCW
WnRSW3khlEEG9+Omi6peryi6DpLCyh26KnM4MtFknxj/D2EechuqQ8to8/WvNz2n
TVYngulNxRdzPd6jH79VCO+BWzwMBpw5sV9wZrqSTpYR9LAxaI0amKP9rdbVzyV7
YKqEjV5c7B8IJeL5d3FBh5432MxnSs/xEIQZs7KtPYwiEQhMGl9mDtR8ID35pXVR
5gevBVc987Ryzun9i6P4qWAEUvGJL+9WtHMwzKnpEme+YXh5CJgWwLn7eRaHq6mV
2QnQo+TVY+P1h3feNmznoDGJnzPG2ZSAoxNEzPcVZ9V04MGqpcuLIevgyA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:44 2023 by rpki-client on console-ams.rpki-client.org