Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/zfrnU1oyrYcF4N0azdze4Go2h94.roa
File: zfrnU1oyrYcF4N0azdze4Go2h94.roa (raw, json)
Hash identifier: Kl1gMfsFOu4igDtJR9Ffm1TvIWJJXmNdgB2vjMrsies=
Subject key identifier: CD:FA:E7:53:5A:32:AD:87:05:E0:DD:1A:CD:DC:DE:E0:6A:36:87:DE
Certificate issuer: /CN=4baff48ad1145b100c783fb7afb6f3028bd8f34e
Certificate serial: 02A05D
Authority key identifier: 4B:AF:F4:8A:D1:14:5B:10:0C:78:3F:B7:AF:B6:F3:02:8B:D8:F3:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6_0itEUWxAMeD-3r7bzAovY804.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/zfrnU1oyrYcF4N0azdze4Go2h94.roa
Signing time: Wed 30 Mar 2022 09:59:36 +0000
ROA not before: Wed 30 Mar 2022 09:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48943
IP address blocks: 185.254.140.0/22 maxlen: 22
2a0c:4e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172125 (0x2a05d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4baff48ad1145b100c783fb7afb6f3028bd8f34e
Validity
Not Before: Mar 30 09:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdfae7535a32ad8705e0dd1acddcdee06a3687de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:de:40:86:b6:52:3d:5b:bc:6c:2a:9b:57:96:
da:36:4c:d3:61:2f:00:99:58:56:f9:2c:48:63:76:
15:a9:de:50:f8:b7:01:c2:19:e1:67:a8:ff:b2:7a:
3b:fa:da:c6:d2:59:bc:24:2f:6d:fc:30:dc:7e:75:
aa:50:71:36:dd:ee:51:19:f2:1b:30:20:b0:48:96:
fd:56:40:7b:59:2f:f7:61:51:12:d8:fb:ac:46:6b:
1c:62:20:4b:8d:2b:13:62:fa:5e:d8:50:91:5b:dc:
5b:0a:22:84:ba:fd:46:c0:05:0e:59:6b:c4:b8:1b:
82:78:96:7b:f8:6c:8a:56:eb:b3:7b:63:d9:49:06:
22:6c:c9:2e:44:0e:31:5c:1a:6a:cf:4c:4e:a7:0a:
a0:b1:fe:b5:b7:1f:67:15:57:4e:47:7e:da:be:01:
af:63:93:58:3b:e6:dc:2d:95:9b:61:82:67:d2:07:
84:3b:4d:b0:7b:dc:38:f9:d3:56:00:2c:f3:6a:1d:
0d:c2:98:3b:85:b1:f5:b6:3d:6b:68:fd:a3:4e:e2:
b3:81:00:ab:c6:2e:75:45:b6:6f:84:1c:11:34:73:
80:9c:07:f3:01:4c:45:37:24:1a:7e:aa:30:a7:6e:
a3:f6:91:8d:cf:63:87:08:5e:df:d4:92:d7:72:7f:
f4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FA:E7:53:5A:32:AD:87:05:E0:DD:1A:CD:DC:DE:E0:6A:36:87:DE
X509v3 Authority Key Identifier:
keyid:4B:AF:F4:8A:D1:14:5B:10:0C:78:3F:B7:AF:B6:F3:02:8B:D8:F3:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6_0itEUWxAMeD-3r7bzAovY804.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/zfrnU1oyrYcF4N0azdze4Go2h94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/S6_0itEUWxAMeD-3r7bzAovY804.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.140.0/22
IPv6:
2a0c:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
9b:43:2a:26:79:2d:96:5b:63:bb:34:5e:12:98:b2:54:53:94:
8a:2c:b0:d1:39:16:ed:13:17:f2:cd:9b:79:74:34:56:66:9e:
25:d0:7c:e6:18:6c:e2:ee:f9:9c:39:7b:3a:f4:38:ad:cc:7a:
a2:07:fb:45:23:c0:56:9a:77:a1:17:b9:8e:cb:15:2d:b3:b7:
a3:b9:53:4e:08:e4:f0:80:5b:63:39:05:9c:f4:fa:67:be:38:
2d:1a:90:70:8c:22:8d:e6:74:ac:04:65:34:84:52:9d:3a:9e:
32:6c:d4:56:0e:17:e2:c7:66:ac:4d:1a:cb:38:47:6d:67:c3:
17:4c:87:d3:e3:16:78:54:89:00:82:5b:cd:3e:16:4d:a2:19:
95:43:a3:c7:46:e2:15:d2:07:fb:64:62:8e:a6:31:a5:d5:d2:
7c:3c:81:74:8a:27:38:e2:63:3a:52:08:f5:a0:f2:4c:0a:3d:
4d:0b:6a:dc:bb:a8:d5:28:3c:a1:7a:e6:31:a8:bd:ff:19:a3:
62:2b:dd:5b:60:05:bb:83:d2:5f:5a:d4:a9:9c:50:6a:3d:c4:
30:3a:8c:84:cb:3f:22:23:c7:51:40:38:12:7c:b7:ea:33:6a:
2f:c5:a9:fd:7f:5f:c2:9b:fb:ae:77:b3:6f:02:84:be:ac:21:
26:09:f0:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAqBdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
YWZmNDhhZDExNDViMTAwYzc4M2ZiN2FmYjZmMzAyOGJkOGYzNGUwHhcNMjIwMzMw
MDk1OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZGZhZTc1MzVhMzJh
ZDg3MDVlMGRkMWFjZGRjZGVlMDZhMzY4N2RlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA495AhrZSPVu8bCqbV5baNkzTYS8AmVhW+SxIY3YVqd5Q+LcB
whnhZ6j/sno7+trG0lm8JC9t/DDcfnWqUHE23e5RGfIbMCCwSJb9VkB7WS/3YVES
2PusRmscYiBLjSsTYvpe2FCRW9xbCiKEuv1GwAUOWWvEuBuCeJZ7+GyKVuuze2PZ
SQYibMkuRA4xXBpqz0xOpwqgsf61tx9nFVdOR37avgGvY5NYO+bcLZWbYYJn0geE
O02we9w4+dNWACzzah0Nwpg7hbH1tj1raP2jTuKzgQCrxi51RbZvhBwRNHOAnAfz
AUxFNyQafqowp26j9pGNz2OHCF7f1JLXcn/0MQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFM3651NaMq2HBeDdGs3c3uBqNofeMB8GA1UdIwQYMBaAFEuv9IrRFFsQDHg/
t6+28wKL2PNOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UzZfMGl0RVVXeEFNZUQtM3I3YnpBb3ZZODA0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNS9lNGZmYzUtZmI4ZC00YzQwLThiNzMtYmZlYjdjZWEyMDlkLzEv
emZyblUxb3lyWWNGNE4wYXpkemU0R28yaDk0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9l
NGZmYzUtZmI4ZC00YzQwLThiNzMtYmZlYjdjZWEyMDlkLzEvUzZfMGl0RVVXeEFN
ZUQtM3I3YnpBb3ZZODA0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf6MMA0EAgACMAcDBQMqDE5AMA0G
CSqGSIb3DQEBCwUAA4IBAQCbQyomeS2WW2O7NF4SmLJUU5SKLLDRORbtExfyzZt5
dDRWZp4l0HzmGGzi7vmcOXs69DitzHqiB/tFI8BWmnehF7mOyxUts7ejuVNOCOTw
gFtjOQWc9PpnvjgtGpBwjCKN5nSsBGU0hFKdOp4ybNRWDhfix2asTRrLOEdtZ8MX
TIfT4xZ4VIkAglvNPhZNohmVQ6PHRuIV0gf7ZGKOpjGl1dJ8PIF0iic44mM6Ugj1
oPJMCj1NC2rcu6jVKDyheuYxqL3/GaNiK91bYAW7g9JfWtSpnFBqPcQwOoyEyz8i
I8dRQDgSfLfqM2ovxan9f1/Cm/uud7NvAoS+rCEmCfCM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:40 2024 by rpki-client on console-fra.rpki-client.org