Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/DZK_P9QNR6f8OJEG9yOR_W3rg28.roa
File: DZK_P9QNR6f8OJEG9yOR_W3rg28.roa (raw, json)
Hash identifier: tuu35H00x0fVUbfxVwNPMrbgWD57XgilzINfEDCsSKM=
Subject key identifier: 0D:92:BF:3F:D4:0D:47:A7:FC:38:91:06:F7:23:91:FD:6D:EB:83:6F
Certificate issuer: /CN=fabb49e688335ab1593f9d10e006ef5e9bc8bd56
Certificate serial: 0A0E9279
Authority key identifier: FA:BB:49:E6:88:33:5A:B1:59:3F:9D:10:E0:06:EF:5E:9B:C8:BD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/DZK_P9QNR6f8OJEG9yOR_W3rg28.roa
Signing time: Sat 01 Jan 2022 16:11:33 +0000
ROA not before: Sat 01 Jan 2022 16:11:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57494
IP address blocks: 91.199.149.0/24 maxlen: 24
185.133.43.0/24 maxlen: 24
185.135.80.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168727161 (0xa0e9279)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fabb49e688335ab1593f9d10e006ef5e9bc8bd56
Validity
Not Before: Jan 1 16:11:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d92bf3fd40d47a7fc389106f72391fd6deb836f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f1:e8:64:5a:01:d6:bb:9c:db:d2:9f:9f:69:
a3:1c:0c:57:9e:6c:5e:b7:68:c0:2e:66:47:a7:ae:
1a:46:e7:ab:9f:c0:a9:49:36:92:18:23:db:a8:c4:
b1:8c:5e:5d:38:31:ba:8f:5d:37:8a:c6:1a:80:c6:
d3:4f:48:64:75:48:15:b2:00:d8:16:00:ac:c9:77:
a1:7f:8f:cd:f8:3f:d3:f7:69:1d:5a:d5:57:0f:62:
6b:12:83:f6:dd:e9:81:41:e8:20:02:a0:41:22:d8:
fa:7e:42:f4:de:50:f4:27:87:12:18:77:cd:7e:cd:
2e:3d:0a:5a:e0:de:20:cc:ec:c4:90:89:ab:99:67:
98:bf:8c:2e:84:67:f0:d3:42:3c:f0:df:1f:d9:24:
a9:b8:65:95:c4:47:4c:32:9b:d9:ff:d5:de:dc:3f:
eb:61:0e:2a:f0:d9:01:98:bd:38:8c:bb:fc:26:5c:
5d:88:f8:09:e0:0a:d0:67:d2:32:f0:f8:44:54:59:
14:ad:52:98:3d:f4:9b:47:4e:0a:a6:39:c0:b8:0b:
47:0c:77:b3:01:ff:a3:45:c6:f5:71:0f:f9:91:31:
26:31:dd:9e:db:4e:d1:43:fd:ec:02:3a:60:76:a2:
d5:13:b7:50:ab:6b:84:cf:52:e9:4a:4c:6c:dd:18:
de:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:92:BF:3F:D4:0D:47:A7:FC:38:91:06:F7:23:91:FD:6D:EB:83:6F
X509v3 Authority Key Identifier:
keyid:FA:BB:49:E6:88:33:5A:B1:59:3F:9D:10:E0:06:EF:5E:9B:C8:BD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/DZK_P9QNR6f8OJEG9yOR_W3rg28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.149.0/24
185.133.43.0/24
185.135.80.0/22
Signature Algorithm: sha256WithRSAEncryption
14:b0:0e:f9:58:1c:96:12:1a:c8:29:ee:7d:cb:43:bc:f4:20:
f8:3a:45:9c:ff:28:d5:dc:3e:24:a5:84:48:a1:4c:09:52:df:
ae:b2:b6:21:be:bb:97:d8:ca:f4:af:04:f3:97:fd:a9:f8:45:
82:86:3c:9d:57:83:70:d9:06:15:fb:6a:db:4c:ae:86:26:86:
dd:3b:6f:51:83:f0:97:94:3c:cb:e4:ba:69:5d:b7:b7:93:9f:
08:fb:0d:fe:0e:fe:4c:89:bc:df:70:e8:6c:76:f3:94:70:e7:
f6:9f:ce:87:d7:af:91:64:c4:3a:1a:6c:4b:9a:9e:bf:b2:78:
bf:cb:aa:f9:e7:e5:59:11:a1:31:ba:ae:7e:36:8a:45:75:e3:
ee:97:1d:af:26:f5:fe:d1:a8:42:f9:1f:92:49:7a:1b:00:5f:
59:d9:63:33:eb:c0:d6:68:8f:02:fa:e1:8c:80:55:6e:4d:51:
48:c2:06:63:a7:d5:f7:24:56:d7:46:bc:51:1e:73:66:0c:a3:
6f:f3:00:41:ff:b6:fc:2c:61:df:34:ab:d4:50:ad:f2:b3:ac:
7e:a8:56:c4:7c:f1:67:cc:60:31:b0:43:98:eb:db:b2:32:1f:
87:5f:56:43:da:06:7a:6e:6e:48:fc:0a:0a:60:79:99:a7:28:
5d:ea:16:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECg6SeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWJiNDllNjg4MzM1YWIxNTkzZjlkMTBlMDA2ZWY1ZTliYzhiZDU2MB4XDTIyMDEw
MTE2MTEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ5MmJmM2ZkNDBk
NDdhN2ZjMzg5MTA2ZjcyMzkxZmQ2ZGViODM2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzx6GRaAda7nNvSn59poxwMV55sXrdowC5mR6euGkbnq5/A
qUk2khgj26jEsYxeXTgxuo9dN4rGGoDG009IZHVIFbIA2BYArMl3oX+Pzfg/0/dp
HVrVVw9iaxKD9t3pgUHoIAKgQSLY+n5C9N5Q9CeHEhh3zX7NLj0KWuDeIMzsxJCJ
q5lnmL+MLoRn8NNCPPDfH9kkqbhllcRHTDKb2f/V3tw/62EOKvDZAZi9OIy7/CZc
XYj4CeAK0GfSMvD4RFRZFK1SmD30m0dOCqY5wLgLRwx3swH/o0XG9XEP+ZExJjHd
nttO0UP97AI6YHai1RO3UKtrhM9S6UpMbN0Y3ssCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQNkr8/1A1Hp/w4kQb3I5H9beuDbzAfBgNVHSMEGDAWgBT6u0nmiDNasVk/
nRDgBu9em8i9VjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtcnRKNW9neldyRlpQNTBRNEFidlhwdkl2VlkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzBmL2Q3YTNiYS0wN2U1LTQxZDYtOGMzOS01NmE1NWM0MmRlODgv
MS9EWktfUDlRTlI2ZjhPSkVHOXlPUl9XM3JnMjgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBm
L2Q3YTNiYS0wN2U1LTQxZDYtOGMzOS01NmE1NWM0MmRlODgvMS8xLXJ0SjVvZ3pX
ckZaUDUwUTRBYnZYcHZJdlZZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8eVAwQAuYUrAwQCuYdQMA0G
CSqGSIb3DQEBCwUAA4IBAQAUsA75WByWEhrIKe59y0O89CD4OkWc/yjV3D4kpYRI
oUwJUt+usrYhvruX2Mr0rwTzl/2p+EWChjydV4Nw2QYV+2rbTK6GJobdO29Rg/CX
lDzL5LppXbe3k58I+w3+Dv5MibzfcOhsdvOUcOf2n86H16+RZMQ6GmxLmp6/sni/
y6r55+VZEaExuq5+NopFdePulx2vJvX+0ahC+R+SSXobAF9Z2WMz68DWaI8C+uGM
gFVuTVFIwgZjp9X3JFbXRrxRHnNmDKNv8wBB/7b8LGHfNKvUUK3ys6x+qFbEfPFn
zGAxsEOY69uyMh+HX1ZD2gZ6bm5I/AoKYHmZpyhd6hZj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-ams.rpki-client.org