Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/zenjlkg-XLPprPWS7f3Jn4o0UjQ.roa
File: zenjlkg-XLPprPWS7f3Jn4o0UjQ.roa (raw, json)
Hash identifier: 1YYJhxvQJzYOy0sY4G8fviFRukpV2PzlmxlqRRc5Iug=
Subject key identifier: CD:E9:E3:96:48:3E:5C:B3:E9:AC:F5:92:ED:FD:C9:9F:8A:34:52:34
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 16A25E8F
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/zenjlkg-XLPprPWS7f3Jn4o0UjQ.roa
Signing time: Sat 01 Jan 2022 07:03:49 +0000
ROA not before: Sat 01 Jan 2022 07:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20546
IP address blocks: 5.61.80.0/21 maxlen: 24
195.135.128.0/18 maxlen: 24
195.94.64.0/19 maxlen: 24
62.40.0.0/19 maxlen: 24
80.87.160.0/20 maxlen: 24
195.227.0.0/16 maxlen: 24
185.32.32.0/22 maxlen: 24
195.82.64.0/19 maxlen: 24
212.237.160.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 379739791 (0x16a25e8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Jan 1 07:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cde9e396483e5cb3e9acf592edfdc99f8a345234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:f4:3e:e2:8d:34:f2:d2:c9:8c:7f:f7:8d:
68:71:de:da:fb:06:de:3c:66:7d:be:1a:42:34:b7:
5f:17:45:e5:c0:de:8a:4a:85:0e:a9:80:93:12:3e:
0e:f4:d0:6a:1c:4e:76:fb:90:40:02:57:5e:f8:72:
13:48:12:96:9c:09:dc:29:3f:3b:d2:37:aa:d6:54:
1b:4d:2e:e3:02:f3:a0:70:2b:0c:65:1d:3b:94:69:
7d:48:bc:16:b6:21:46:34:7d:90:4c:08:d3:da:77:
26:1d:ab:9b:d1:13:ce:84:54:21:75:ab:48:7b:1b:
20:36:87:f8:14:21:e4:5b:95:17:4e:5b:1e:53:95:
1b:50:fe:20:05:ff:26:ba:d3:b4:3b:ef:82:b7:0a:
2b:ed:d7:aa:0d:72:2e:a1:83:9f:ed:b4:7b:1b:50:
9f:3f:50:3c:e3:18:52:89:53:bd:d5:6a:a4:02:74:
30:dd:2a:f5:e4:67:b0:e7:76:a5:76:68:c3:bc:55:
f4:f0:58:b1:cc:49:84:c0:89:df:2d:72:5f:6f:a6:
cf:64:43:eb:1f:4b:8f:c1:b5:a7:f2:6e:30:e5:1a:
fc:6a:94:6a:78:8d:21:33:b2:20:ca:1f:d6:f5:3d:
b6:8a:ed:b7:1a:62:d2:f2:22:0f:d4:51:25:cf:cb:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E9:E3:96:48:3E:5C:B3:E9:AC:F5:92:ED:FD:C9:9F:8A:34:52:34
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/zenjlkg-XLPprPWS7f3Jn4o0UjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
62.40.0.0/19
80.87.160.0/20
185.32.32.0/22
195.82.64.0/19
195.94.64.0/19
195.135.128.0/18
195.227.0.0/16
212.237.160.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:7f:4f:ad:dd:b0:7a:b3:c0:77:eb:ec:fe:ab:c4:8d:ff:d4:
59:28:86:80:3f:75:9c:2c:80:05:dd:b1:51:d5:6c:28:cf:12:
91:d7:0d:70:67:95:7f:94:c5:a6:9d:92:b8:65:bf:11:06:04:
94:7c:30:1a:24:30:d9:5a:9e:3b:fc:9b:00:62:2c:ca:ff:8d:
11:d9:99:dd:92:60:e5:98:96:6a:d9:7f:ee:2f:c6:95:ae:31:
38:e5:51:34:34:24:d2:a5:5b:24:2f:3c:57:ad:d7:6d:a3:a4:
0e:ad:2c:98:32:82:26:c2:f2:15:5b:5f:ef:0f:86:c3:b7:4d:
a3:af:83:a5:f0:ae:f6:f5:6b:9f:d5:8c:a3:cb:06:99:24:91:
99:27:7e:8b:19:bb:d6:81:2e:7d:37:1d:33:da:33:36:6a:e3:
4b:0a:e2:b1:f6:47:6b:6f:ad:8b:28:99:0e:35:aa:28:4c:9a:
14:d1:55:2e:45:d5:85:b0:73:c7:52:bf:ce:8b:d6:5c:bf:fb:
bc:07:4f:08:b1:44:c6:96:d9:6e:d4:e9:bd:a8:c3:55:ac:4e:
31:7d:44:03:ed:0b:25:d7:f0:00:7d:7a:39:b4:cf:24:4c:4e:
7d:48:ec:62:24:4e:c0:5a:8b:e0:e7:3d:58:31:83:c3:c1:f9:
69:55:54:46
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEFqJejzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzEzZjdmYTIzN2Y4OWQwMTEyMzNiYWM3MzI4YzIyMTliYTdkNjJjMB4XDTIyMDEw
MTA3MDM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RlOWUzOTY0ODNl
NWNiM2U5YWNmNTkyZWRmZGM5OWY4YTM0NTIzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2Z9D7ijTTy0smMf/eNaHHe2vsG3jxmfb4aQjS3XxdF5cDe
ikqFDqmAkxI+DvTQahxOdvuQQAJXXvhyE0gSlpwJ3Ck/O9I3qtZUG00u4wLzoHAr
DGUdO5RpfUi8FrYhRjR9kEwI09p3Jh2rm9ETzoRUIXWrSHsbIDaH+BQh5FuVF05b
HlOVG1D+IAX/JrrTtDvvgrcKK+3Xqg1yLqGDn+20extQnz9QPOMYUolTvdVqpAJ0
MN0q9eRnsOd2pXZow7xV9PBYscxJhMCJ3y1yX2+mz2RD6x9Lj8G1p/JuMOUa/GqU
aniNITOyIMof1vU9torttxpi0vIiD9RRJc/L3IMCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBTN6eOWSD5cs+ms9ZLt/cmfijRSNDAfBgNVHSMEGDAWgBT8E/f6I3+J0BEj
O6xzKMIhm6fWLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19CUDMtaU5faWRBUkl6dXNjeWpDSVp1bjFpdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMDlhZjJiLTY0ZjctNGMxZC1hYmQ0LWQwNzQ2NGI5YjM3OC8x
L3plbmpsa2ctWExQcHJQV1M3ZjNKbjRvMFVqUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
MDlhZjJiLTY0ZjctNGMxZC1hYmQ0LWQwNzQ2NGI5YjM3OC8xL19CUDMtaU5faWRB
Ukl6dXNjeWpDSVp1bjFpdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wOwQCAAEwNQMEAwU9UAMEBT4oAAMEBFBXoAMEArkg
IAMEBcNSQAMEBcNeQAMEBsOHgAMDAMPjAwQD1O2gMA0GCSqGSIb3DQEBCwUAA4IB
AQBuf0+t3bB6s8B36+z+q8SN/9RZKIaAP3WcLIAF3bFR1WwozxKR1w1wZ5V/lMWm
nZK4Zb8RBgSUfDAaJDDZWp47/JsAYizK/40R2ZndkmDlmJZq2X/uL8aVrjE45VE0
NCTSpVskLzxXrddto6QOrSyYMoImwvIVW1/vD4bDt02jr4Ol8K729Wuf1YyjywaZ
JJGZJ36LGbvWgS59Nx0z2jM2auNLCuKx9kdrb62LKJkONaooTJoU0VUuRdWFsHPH
Ur/Oi9Zcv/u8B08IsUTGltlu1Om9qMNVrE4xfUQD7Qsl1/AAfXo5tM8kTE59SOxi
JE7AWovg5z1YMYPDwflpVVRG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:11 2024 by rpki-client on console-ams.rpki-client.org