Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/zX2MzGo9XtOAKorFJqulEZKvgAE.roa
File: zX2MzGo9XtOAKorFJqulEZKvgAE.roa (raw, json)
Hash identifier: P0QgLkarmbgW+O3IJNY9L57b0C7r140Uo4xpAM5yMLQ=
Subject key identifier: CD:7D:8C:CC:6A:3D:5E:D3:80:2A:8A:C5:26:AB:A5:11:92:AF:80:01
Certificate issuer: /CN=dfc2603437ef74117fa12272ec42c2527da800c7
Certificate serial: 0182EAA56CD7C9766DE9E39599D194910DCB
Authority key identifier: DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/zX2MzGo9XtOAKorFJqulEZKvgAE.roa
Signing time: Mon 29 Aug 2022 17:28:06 +0000
ROA not before: Mon 29 Aug 2022 17:28:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198175
IP address blocks: 193.134.8.0/21 maxlen: 21
2a10:8240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:a5:6c:d7:c9:76:6d:e9:e3:95:99:d1:94:91:0d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc2603437ef74117fa12272ec42c2527da800c7
Validity
Not Before: Aug 29 17:28:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd7d8ccc6a3d5ed3802a8ac526aba51192af8001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:30:87:f5:76:69:fc:25:c1:7d:ee:75:a3:1e:
fa:f3:cc:e7:92:ad:18:3f:09:46:b8:9c:e4:4a:06:
e5:42:f1:e5:2d:62:c4:e0:2b:6d:32:90:ce:87:df:
5b:a0:af:f4:38:ef:91:22:b6:85:85:4e:e5:c4:03:
9d:4b:4a:e2:80:ef:a0:57:d8:ad:de:5d:17:c6:dd:
4b:c8:34:78:44:88:af:5e:63:78:00:79:39:6f:50:
a5:d5:59:7e:b7:c8:d2:a6:5a:50:d1:17:4c:7c:ab:
10:8c:59:1b:6d:64:2e:04:a8:8a:7f:5c:ec:ff:e9:
f2:5f:da:68:9e:35:11:90:38:bd:e0:20:d1:80:7a:
c9:04:60:56:94:5c:a7:ab:02:94:eb:a3:b8:52:d8:
61:d4:1f:77:ca:b0:a5:a8:97:f8:50:52:b7:77:89:
e0:c5:94:45:dc:75:54:12:3d:21:f5:69:7c:ce:46:
eb:73:9d:18:d6:ab:20:e7:42:a1:79:bd:62:bb:45:
12:f4:32:89:ce:a4:08:c8:fa:b3:e7:54:41:c6:b6:
2a:87:0d:67:49:4f:ef:55:e6:03:4b:f9:a2:8c:6b:
73:7e:3d:6b:61:bc:1b:da:f2:55:ef:8b:df:35:8f:
54:1d:ee:90:4c:42:a4:74:e8:88:03:7c:e4:43:b7:
65:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7D:8C:CC:6A:3D:5E:D3:80:2A:8A:C5:26:AB:A5:11:92:AF:80:01
X509v3 Authority Key Identifier:
keyid:DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/zX2MzGo9XtOAKorFJqulEZKvgAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/38JgNDfvdBF_oSJy7ELCUn2oAMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.8.0/21
IPv6:
2a10:8240::/32
Signature Algorithm: sha256WithRSAEncryption
0f:47:0b:08:6a:44:92:85:91:0b:c3:58:4a:70:38:ba:5f:b0:
26:c0:33:b1:50:81:a4:0c:b2:1b:5a:39:b5:1d:de:0d:5c:83:
96:6c:12:2d:77:eb:f4:c9:1d:10:fb:17:d5:57:97:76:47:8d:
b6:df:62:a2:1a:98:99:1e:1d:34:80:a3:28:6a:a5:98:f2:6d:
84:8a:87:f3:2a:80:7b:04:0d:a9:72:5b:31:69:a2:5b:58:7c:
90:4d:d5:b2:a8:e5:6f:8c:86:00:12:9f:b9:b9:3b:de:8d:ca:
28:59:d3:e8:4f:7e:3f:c2:cb:8a:7c:11:49:a7:83:8c:1e:1d:
55:b4:f1:ec:a1:a5:47:57:44:2a:a5:11:ec:de:53:6f:e5:2e:
1d:f9:22:df:05:1f:f3:50:bb:18:74:4f:ae:35:7e:f2:ad:61:
0e:00:1b:b9:bb:02:c2:4d:19:e9:b7:55:94:8c:cf:68:fd:0b:
c9:a2:f2:80:3a:92:ac:1f:47:45:3c:4a:d3:b6:ed:03:56:62:
0f:09:85:bd:fe:25:97:5d:d6:56:4a:17:fb:e3:ed:e2:a8:51:
e6:5d:5a:65:61:d7:02:17:5b:5b:ef:86:e6:aa:88:aa:96:9a:
90:c6:f7:a9:3b:d8:ec:78:e4:45:da:35:aa:7d:e3:c4:80:bc:
f4:4b:b9:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLqpWzXyXZt6eOVmdGUkQ3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYzI2MDM0MzdlZjc0MTE3ZmExMjI3MmVjNDJjMjUyN2Rh
ODAwYzcwHhcNMjIwODI5MTcyODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdkOGNjYzZhM2Q1ZWQzODAyYThhYzUyNmFiYTUxMTkyYWY4MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTCH9XZp/CXBfe51ox7688znkq0Y
PwlGuJzkSgblQvHlLWLE4CttMpDOh99boK/0OO+RIraFhU7lxAOdS0rigO+gV9it
3l0Xxt1LyDR4RIivXmN4AHk5b1Cl1Vl+t8jSplpQ0RdMfKsQjFkbbWQuBKiKf1zs
/+nyX9ponjURkDi94CDRgHrJBGBWlFynqwKU66O4Uthh1B93yrClqJf4UFK3d4ng
xZRF3HVUEj0h9Wl8zkbrc50Y1qsg50Kheb1iu0US9DKJzqQIyPqz51RBxrYqhw1n
SU/vVeYDS/mijGtzfj1rYbwb2vJV74vfNY9UHe6QTEKkdOiIA3zkQ7dlxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM19jMxqPV7TgCqKxSarpRGSr4ABMB8GA1UdIwQY
MBaAFN/CYDQ373QRf6EicuxCwlJ9qADHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzhKZ05EZnZkQkZfb1NKeTdFTENVbjJvQU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iNTVlNDAtZDhiZS00OGQ5LWJkNTUt
YzgzMDA3MzI3NDQ5LzEvelgyTXpHbzlYdE9BS29yRkpxdWxFWkt2Z0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iNTVlNDAtZDhiZS00OGQ5LWJkNTUtYzgzMDA3MzI3NDQ5
LzEvMzhKZ05EZnZkQkZfb1NKeTdFTENVbjJvQU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwYYIMA0E
AgACMAcDBQAqEIJAMA0GCSqGSIb3DQEBCwUAA4IBAQAPRwsIakSShZELw1hKcDi6
X7AmwDOxUIGkDLIbWjm1Hd4NXIOWbBItd+v0yR0Q+xfVV5d2R42232KiGpiZHh00
gKMoaqWY8m2EiofzKoB7BA2pclsxaaJbWHyQTdWyqOVvjIYAEp+5uTvejcooWdPo
T34/wsuKfBFJp4OMHh1VtPHsoaVHV0QqpRHs3lNv5S4d+SLfBR/zULsYdE+uNX7y
rWEOABu5uwLCTRnpt1WUjM9o/QvJovKAOpKsH0dFPErTtu0DVmIPCYW9/iWXXdZW
Shf74+3iqFHmXVplYdcCF1tb74bmqoiqlpqQxvepO9jseORF2jWqfePEgLz0S7kl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:35 2023 by rpki-client on console-ams.rpki-client.org