Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/Zr7cUZHJax8zVwWUd0XbH0VdLAc.roa
File: Zr7cUZHJax8zVwWUd0XbH0VdLAc.roa (raw, json)
Hash identifier: gmwZnAIaKIxX+ZC+xQLRhzFgWXneORf+iMy0lVEsS10=
Subject key identifier: 66:BE:DC:51:91:C9:6B:1F:33:57:05:94:77:45:DB:1F:45:5D:2C:07
Certificate issuer: /CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Certificate serial: 01853E9EF092FA14E8F45E7044606418EEAA
Authority key identifier: 30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/Zr7cUZHJax8zVwWUd0XbH0VdLAc.roa
Signing time: Fri 23 Dec 2022 10:54:41 +0000
ROA not before: Fri 23 Dec 2022 10:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209044
IP address blocks: 5.183.48.0/22 maxlen: 22
185.254.1.0/24 maxlen: 24
2a0e:d200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:9e:f0:92:fa:14:e8:f4:5e:70:44:60:64:18:ee:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Validity
Not Before: Dec 23 10:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66bedc5191c96b1f335705947745db1f455d2c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:63:89:ed:01:c9:4d:36:6f:98:e5:1a:dc:b3:
04:80:8c:09:d4:99:e7:dd:57:db:29:c0:5a:ed:af:
d0:b9:4f:64:db:bf:4b:80:b7:c2:f2:15:d1:65:0b:
78:7d:4e:a3:65:68:bb:51:d5:49:19:d0:1f:f7:65:
17:49:4e:5b:2b:b6:e9:cb:96:e7:fe:11:bf:65:22:
3e:16:1b:25:16:bb:73:b6:e5:ff:be:32:73:3e:b9:
84:bb:5a:97:de:57:e6:26:0e:ea:e4:73:5f:79:7e:
51:7e:d9:83:0d:ce:88:ab:25:c7:04:dd:0b:bf:e5:
1d:4d:42:5b:65:ec:37:8b:29:aa:57:88:21:a6:74:
ff:c7:a1:b5:ea:47:98:13:8b:a3:64:ae:ea:75:e9:
6c:1a:c5:17:20:8d:76:96:4a:b7:13:aa:a6:74:21:
b6:7e:83:af:09:d6:d3:e2:77:99:2d:bb:52:be:03:
6a:9d:32:ad:b7:f5:d2:49:d1:e6:fb:b4:26:67:2f:
1e:85:55:76:0b:7e:ad:e2:87:73:91:f7:21:fe:34:
c3:6f:8a:63:b2:33:5c:8b:20:5a:42:3f:66:4c:88:
11:ea:b0:ed:cf:23:6c:ed:f3:02:c4:74:ad:36:a8:
2b:d3:1b:c8:7f:80:1a:b9:97:24:5d:46:93:e6:6d:
7d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BE:DC:51:91:C9:6B:1F:33:57:05:94:77:45:DB:1F:45:5D:2C:07
X509v3 Authority Key Identifier:
keyid:30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/Zr7cUZHJax8zVwWUd0XbH0VdLAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.48.0/22
185.254.1.0/24
IPv6:
2a0e:d200::/29
Signature Algorithm: sha256WithRSAEncryption
52:0d:a0:03:69:db:e8:cb:d6:ee:57:b8:60:d5:d7:76:4a:ad:
4c:69:76:56:f8:3f:52:77:22:97:26:6a:81:6e:74:a0:d6:66:
fb:a8:be:2a:a7:b7:82:1b:ef:f7:de:0a:db:1c:73:3c:ac:a9:
27:e9:ca:17:51:5d:78:a1:8e:0c:59:66:c1:6f:cb:fc:40:5c:
b4:1b:07:34:e6:6d:92:90:3c:58:32:5c:e5:4c:df:ae:43:e8:
c5:ab:f5:0a:35:88:19:47:0c:85:b2:85:16:5b:fe:15:69:dc:
a5:d5:cb:bb:74:52:3b:a7:35:25:24:67:28:91:cf:9e:0a:d3:
d9:8d:62:90:52:7a:a1:12:78:cb:50:44:48:5f:98:48:a5:1f:
7f:d1:e3:4b:f1:32:9c:41:8e:c8:ac:7b:ab:d0:97:7f:60:6b:
d2:17:0c:90:aa:7d:eb:e8:61:f7:8d:bf:af:c9:04:20:a1:f8:
de:5e:32:b6:2e:47:87:b8:9b:5a:67:52:6e:eb:eb:13:2f:ad:
7a:3f:dd:e8:79:32:ce:32:41:96:a0:c8:88:87:9a:f3:37:52:
59:b9:4c:f7:2c:e2:03:58:1a:cf:bd:9c:02:b0:f5:7f:99:e2:
9b:41:a6:cc:b3:51:23:cb:20:71:04:81:2e:c1:1b:81:bf:6e:
a6:de:de:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYU+nvCS+hTo9F5wRGBkGO6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMWE2NDg3MjVlZTI2YTQ2MGNiOWIxY2JjZDljOWM4MzJj
NDQ5YWYwHhcNMjIxMjIzMTA1NDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJlZGM1MTkxYzk2YjFmMzM1NzA1OTQ3NzQ1ZGIxZjQ1NWQyYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2OJ7QHJTTZvmOUa3LMEgIwJ1Jnn
3VfbKcBa7a/QuU9k279LgLfC8hXRZQt4fU6jZWi7UdVJGdAf92UXSU5bK7bpy5bn
/hG/ZSI+FhslFrtztuX/vjJzPrmEu1qX3lfmJg7q5HNfeX5RftmDDc6IqyXHBN0L
v+UdTUJbZew3iymqV4ghpnT/x6G16keYE4ujZK7qdelsGsUXII12lkq3E6qmdCG2
foOvCdbT4neZLbtSvgNqnTKtt/XSSdHm+7QmZy8ehVV2C36t4odzkfch/jTDb4pj
sjNciyBaQj9mTIgR6rDtzyNs7fMCxHStNqgr0xvIf4AauZckXUaT5m19nwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGa+3FGRyWsfM1cFlHdF2x9FXSwHMB8GA1UdIwQY
MBaAFDAaZIcl7iakYMubHLzZycgyxEmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzIt
YTViMmQwOWUwNWNmLzEvWnI3Y1VaSEpheDh6VndXVWQwWGJIMFZkTEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzItYTViMmQwOWUwNWNm
LzEvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbcwAwQA
uf4BMA0EAgACMAcDBQMqDtIAMA0GCSqGSIb3DQEBCwUAA4IBAQBSDaADadvoy9bu
V7hg1dd2Sq1MaXZW+D9SdyKXJmqBbnSg1mb7qL4qp7eCG+/33grbHHM8rKkn6coX
UV14oY4MWWbBb8v8QFy0Gwc05m2SkDxYMlzlTN+uQ+jFq/UKNYgZRwyFsoUWW/4V
adyl1cu7dFI7pzUlJGcokc+eCtPZjWKQUnqhEnjLUERIX5hIpR9/0eNL8TKcQY7I
rHur0Jd/YGvSFwyQqn3r6GH3jb+vyQQgofjeXjK2LkeHuJtaZ1Ju6+sTL616P93o
eTLOMkGWoMiIh5rzN1JZuUz3LOIDWBrPvZwCsPV/meKbQabMs1EjyyBxBIEuwRuB
v26m3t4u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:19 2024 by rpki-client on console-fra.rpki-client.org