Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/zibYdDTUU17U4Lwmd07y0h3C5Yk.roa
File: zibYdDTUU17U4Lwmd07y0h3C5Yk.roa (raw, json)
Hash identifier: FUQcKIKQxFg7wT42WIzo5D+j8BpkpwErMcT5H+j4xeg=
Subject key identifier: CE:26:D8:74:34:D4:53:5E:D4:E0:BC:26:77:4E:F2:D2:1D:C2:E5:89
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 387E27E4
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/zibYdDTUU17U4Lwmd07y0h3C5Yk.roa
Signing time: Sat 01 Jan 2022 16:10:57 +0000
ROA not before: Sat 01 Jan 2022 16:10:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41798
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947791844 (0x387e27e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 16:10:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce26d87434d4535ed4e0bc26774ef2d21dc2e589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:73:4e:e5:06:50:80:68:7c:3b:c5:fd:1f:4c:
eb:bc:4c:a2:f0:88:8d:7d:5b:09:b4:24:58:83:ee:
d7:bf:48:1d:3f:8e:e8:af:43:6a:b6:3f:56:96:87:
e8:6f:cf:2d:1b:ac:10:32:69:51:b5:13:64:a0:a3:
08:ca:92:7f:f1:46:16:ba:83:56:e5:8b:83:d0:cf:
64:06:90:ed:fd:ea:98:a5:5d:c4:7d:26:eb:72:14:
ff:14:8f:f1:4a:e9:fe:d1:0b:78:e1:d9:b9:73:70:
d8:b7:65:8c:b3:f5:0b:c5:67:ed:e2:46:83:3f:04:
ea:40:99:0d:e2:a3:fc:1c:db:4f:0b:e8:fe:ef:6f:
93:0c:35:93:2e:d2:7c:fc:0d:11:ca:e3:b2:f8:f9:
dc:cc:a3:2a:92:9d:c6:d7:e4:a5:fa:ab:a0:94:86:
03:e2:61:64:08:73:52:de:19:e0:f7:fb:ad:e0:2f:
01:8e:73:f0:a8:67:9f:57:11:c3:ad:a0:30:fc:49:
ff:e7:88:a7:2e:ac:3b:8e:9e:5c:1e:fa:8a:14:6e:
ca:a2:0f:f8:55:6d:1d:db:9f:2a:62:64:41:ad:1e:
25:1c:4b:e0:ac:dd:1e:d4:de:4a:e4:54:32:c4:9f:
22:3c:3c:4e:35:6e:5d:fc:34:a2:1a:80:f9:a5:3e:
63:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:26:D8:74:34:D4:53:5E:D4:E0:BC:26:77:4E:F2:D2:1D:C2:E5:89
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/zibYdDTUU17U4Lwmd07y0h3C5Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
b0:5c:d8:f8:9a:f3:44:e8:22:1f:e3:b9:a9:30:9d:98:1f:11:
03:cc:36:4c:0b:49:43:30:5e:e5:93:da:e3:d7:38:b7:31:c8:
92:26:06:9a:04:89:57:b2:ee:0a:e7:f3:d1:08:ad:52:71:3d:
3d:25:66:b0:dd:5b:35:04:a2:41:70:11:6c:0d:60:c4:cc:66:
8c:be:0c:36:d0:77:6a:20:d9:4a:18:ac:5f:b2:42:7c:24:6f:
fe:1e:c1:f9:24:33:9e:86:fa:07:61:09:cc:68:d5:96:fb:b4:
dc:77:ce:93:19:b4:2b:ce:b9:a6:22:26:a1:db:4e:64:cf:2e:
4e:ab:98:41:2d:89:db:c7:f5:11:1f:dd:e4:0a:86:db:96:65:
1a:9d:a5:e4:29:03:f3:03:ef:84:2d:9a:15:e2:e9:94:a8:12:
66:43:32:2c:75:30:3d:18:c5:d2:74:e9:81:89:29:fc:70:74:
12:9a:bb:60:55:11:18:5c:f4:90:3c:b4:a1:a8:c2:01:0c:c8:
d4:c9:b4:58:95:1a:c6:0c:a8:d3:c1:d2:5f:ff:01:ee:99:ad:
45:5d:f4:82:d2:61:90:f8:7d:39:07:31:97:6d:28:e3:d8:1c:
46:03:8a:d9:86:56:d6:c4:57:b6:6b:fb:70:dd:ce:d2:ed:f2:
e3:75:8a:fa
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEOH4n5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDIxMGYyMjU5MDkzYWFmNDUyODU5MjJhNTg4ZTlhNjYxYWJhOWZhMB4XDTIyMDEw
MTE2MTA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2UyNmQ4NzQzNGQ0
NTM1ZWQ0ZTBiYzI2Nzc0ZWYyZDIxZGMyZTU4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1zTuUGUIBofDvF/R9M67xMovCIjX1bCbQkWIPu179IHT+O
6K9DarY/VpaH6G/PLRusEDJpUbUTZKCjCMqSf/FGFrqDVuWLg9DPZAaQ7f3qmKVd
xH0m63IU/xSP8Urp/tELeOHZuXNw2LdljLP1C8Vn7eJGgz8E6kCZDeKj/BzbTwvo
/u9vkww1ky7SfPwNEcrjsvj53MyjKpKdxtfkpfqroJSGA+JhZAhzUt4Z4Pf7reAv
AY5z8Khnn1cRw62gMPxJ/+eIpy6sO46eXB76ihRuyqIP+FVtHdufKmJkQa0eJRxL
4KzdHtTeSuRUMsSfIjw8TjVuXfw0ohqA+aU+Y0MCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTOJth0NNRTXtTgvCZ3TvLSHcLliTAfBgNVHSMEGDAWgBSdIQ8iWQk6r0Uo
WSKliOmmYaup+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TRVBJbGtKT3E5RktGa2lwWWpwcG1HcnFmby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvOTM2ODZkLTExZjUtNGUzZS1iNWM0LTQzODQzYzJlOTQzYi8x
L3ppYllkRFRVVTE3VTRMd21kMDd5MGgzQzVZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
OTM2ODZkLTExZjUtNGUzZS1iNWM0LTQzODQzYzJlOTQzYi8xL25TRVBJbGtKT3E5
RktGa2lwWWpwcG1HcnFmby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBE31YAMEBF25QAMEBF+NgAMEBNnE
EDANBgkqhkiG9w0BAQsFAAOCAQEAsFzY+JrzROgiH+O5qTCdmB8RA8w2TAtJQzBe
5ZPa49c4tzHIkiYGmgSJV7LuCufz0QitUnE9PSVmsN1bNQSiQXARbA1gxMxmjL4M
NtB3aiDZShisX7JCfCRv/h7B+SQznob6B2EJzGjVlvu03HfOkxm0K865piImodtO
ZM8uTquYQS2J28f1ER/d5AqG25ZlGp2l5CkD8wPvhC2aFeLplKgSZkMyLHUwPRjF
0nTpgYkp/HB0Epq7YFURGFz0kDy0oajCAQzI1Mm0WJUaxgyo08HSX/8B7pmtRV30
gtJhkPh9OQcxl20o49gcRgOK2YZW1sRXtmv7cN3O0u3y43WK+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:17 2024 by rpki-client on console-fra.rpki-client.org