Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/ZBdBfPiUPQ4jzESRDofmL78Mokw.roa
File: ZBdBfPiUPQ4jzESRDofmL78Mokw.roa (raw, json)
Hash identifier: Si3vEvAF7Xi+3sD5pm42k+DMsxJZdfT4CfjI5+64Umc=
Subject key identifier: 64:17:41:7C:F8:94:3D:0E:23:CC:44:91:0E:87:E6:2F:BF:0C:A2:4C
Certificate issuer: /CN=034b0eed2c5a787ad87fb49f04d3fdf3d0f49d4c
Certificate serial: 0183920955572118C2CAA344D326A461DC1D
Authority key identifier: 03:4B:0E:ED:2C:5A:78:7A:D8:7F:B4:9F:04:D3:FD:F3:D0:F4:9D:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A0sO7SxaeHrYf7SfBNP989D0nUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/ZBdBfPiUPQ4jzESRDofmL78Mokw.roa
Signing time: Sat 01 Oct 2022 05:33:48 +0000
ROA not before: Sat 01 Oct 2022 05:33:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9199
IP address blocks: 185.57.44.0/22 maxlen: 23
185.57.46.0/23 maxlen: 23
2a04:7580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:92:09:55:57:21:18:c2:ca:a3:44:d3:26:a4:61:dc:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=034b0eed2c5a787ad87fb49f04d3fdf3d0f49d4c
Validity
Not Before: Oct 1 05:33:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6417417cf8943d0e23cc44910e87e62fbf0ca24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:86:cc:15:06:21:d0:68:65:03:e1:24:32:
2b:e5:50:0d:41:55:77:c1:af:66:1a:c0:6d:a8:5b:
32:35:74:9a:b3:18:67:84:39:2a:2e:e4:c8:bd:3a:
97:3e:22:84:ab:79:0c:a5:7d:0c:b1:d3:57:32:f0:
79:58:12:5c:82:6d:c5:56:79:52:46:37:01:d2:b0:
5c:40:03:de:3a:95:b3:51:fe:c6:2b:6f:da:4e:98:
31:7e:7b:b2:89:1a:0f:6a:a8:5e:91:60:ed:58:0c:
1d:16:6a:66:65:54:04:2c:c3:38:28:f3:50:fe:60:
d2:20:35:ca:3e:b8:d7:2a:07:fe:78:29:56:1c:76:
2e:97:b7:e2:b2:b0:50:b4:14:57:4f:5d:14:d8:96:
0b:f0:ae:56:b4:2f:ca:c1:99:18:62:a5:89:02:f0:
a3:9a:87:6e:02:22:73:72:1a:b0:2e:a0:24:dc:e8:
33:2d:7b:f3:05:20:a1:76:54:26:46:d5:e0:78:18:
45:b8:09:4c:3e:a7:f6:42:60:da:f3:83:c0:c9:3c:
51:7c:9c:ce:07:0b:da:41:cd:1d:42:ef:79:86:41:
99:ac:60:82:be:86:c8:70:a9:e9:49:63:b3:e0:34:
ad:3c:ae:c8:f4:93:89:79:8e:10:c3:e7:12:17:da:
78:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:17:41:7C:F8:94:3D:0E:23:CC:44:91:0E:87:E6:2F:BF:0C:A2:4C
X509v3 Authority Key Identifier:
keyid:03:4B:0E:ED:2C:5A:78:7A:D8:7F:B4:9F:04:D3:FD:F3:D0:F4:9D:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0sO7SxaeHrYf7SfBNP989D0nUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/ZBdBfPiUPQ4jzESRDofmL78Mokw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/A0sO7SxaeHrYf7SfBNP989D0nUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.44.0/22
IPv6:
2a04:7580::/29
Signature Algorithm: sha256WithRSAEncryption
27:ff:01:d6:4a:91:8f:b4:fe:64:c7:e6:a5:61:a8:a6:6a:85:
0e:dd:fd:f7:dd:72:4a:ee:7e:b4:70:19:dd:3a:fc:e9:3e:81:
1d:ae:12:3e:75:41:d7:0c:fc:a7:21:90:25:30:c5:a7:de:53:
f3:04:ed:3e:87:8f:18:08:23:a7:c6:01:ab:36:67:aa:d5:48:
ef:73:ad:93:b0:92:97:8d:1d:c5:a0:e6:13:94:e6:6c:c7:8d:
45:09:9c:19:eb:b5:55:fa:fe:d9:71:bd:97:fb:c0:93:db:33:
17:49:cb:68:c6:ae:b9:8a:27:d4:84:84:df:ad:b4:97:1c:87:
7e:31:45:21:5e:12:c2:fd:a9:30:1a:0d:d2:56:31:3f:9b:05:
7a:86:93:55:10:53:8d:49:0b:f2:f8:7f:f8:d9:b1:23:09:37:
06:5e:4d:bd:67:a0:93:95:a4:28:40:5f:5c:8d:e0:42:4a:23:
f5:da:03:fc:a5:88:53:ad:d1:55:7e:25:76:6c:40:4b:6d:1f:
c2:3b:75:ad:19:c0:5e:9a:41:ae:f4:45:0a:12:a1:9c:54:1f:
7d:1a:8e:fb:94:e7:b9:a0:db:39:c1:26:ec:25:b4:6e:41:11:
28:91:f5:30:c3:6f:d0:d4:fe:e6:8c:76:37:29:e1:4f:cc:13:
6b:60:22:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOSCVVXIRjCyqNE0yakYdwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNGIwZWVkMmM1YTc4N2FkODdmYjQ5ZjA0ZDNmZGYzZDBm
NDlkNGMwHhcNMjIxMDAxMDUzMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDE3NDE3Y2Y4OTQzZDBlMjNjYzQ0OTEwZTg3ZTYyZmJmMGNhMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod6GzBUGIdBoZQPhJDIr5VANQVV3
wa9mGsBtqFsyNXSasxhnhDkqLuTIvTqXPiKEq3kMpX0MsdNXMvB5WBJcgm3FVnlS
RjcB0rBcQAPeOpWzUf7GK2/aTpgxfnuyiRoPaqhekWDtWAwdFmpmZVQELMM4KPNQ
/mDSIDXKPrjXKgf+eClWHHYul7fisrBQtBRXT10U2JYL8K5WtC/KwZkYYqWJAvCj
moduAiJzchqwLqAk3OgzLXvzBSChdlQmRtXgeBhFuAlMPqf2QmDa84PAyTxRfJzO
BwvaQc0dQu95hkGZrGCCvobIcKnpSWOz4DStPK7I9JOJeY4Qw+cSF9p4fwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGQXQXz4lD0OI8xEkQ6H5i+/DKJMMB8GA1UdIwQY
MBaAFANLDu0sWnh62H+0nwTT/fPQ9J1MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTBzTzdTeGFlSHJZZjdTZkJOUDk4OUQwblV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZDc4M2EtMWNiYy00MGQ0LWIwMTEt
ZTA4NTI3NWFhMzY0LzEvWkJkQmZQaVVQUTRqekVTUkRvZm1MNzhNb2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZDc4M2EtMWNiYy00MGQ0LWIwMTEtZTA4NTI3NWFhMzY0
LzEvQTBzTzdTeGFlSHJZZjdTZkJOUDk4OUQwblV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTksMA0E
AgACMAcDBQMqBHWAMA0GCSqGSIb3DQEBCwUAA4IBAQAn/wHWSpGPtP5kx+alYaim
aoUO3f333XJK7n60cBndOvzpPoEdrhI+dUHXDPynIZAlMMWn3lPzBO0+h48YCCOn
xgGrNmeq1Ujvc62TsJKXjR3FoOYTlOZsx41FCZwZ67VV+v7Zcb2X+8CT2zMXScto
xq65iifUhITfrbSXHId+MUUhXhLC/akwGg3SVjE/mwV6hpNVEFONSQvy+H/42bEj
CTcGXk29Z6CTlaQoQF9cjeBCSiP12gP8pYhTrdFVfiV2bEBLbR/CO3WtGcBemkGu
9EUKEqGcVB99Go77lOe5oNs5wSbsJbRuQREokfUww2/Q1P7mjHY3KeFPzBNrYCJE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:49 2023 by rpki-client on console-ams.rpki-client.org