Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa
File: ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa (raw, json)
Hash identifier: QsuAxk3I4qXO6K/+Iw+siI06P/LCqbT0BAxceX/XT8Y=
Subject key identifier: 66:D6:75:E1:0A:5B:A9:D5:C1:67:EE:BB:DC:34:8E:7B:CA:0D:D1:91
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 48776147
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa
Signing time: Sat 01 Jan 2022 03:00:36 +0000
ROA not before: Sat 01 Jan 2022 03:00:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200557
IP address blocks: 5.188.219.0/24 maxlen: 24
5.188.216.0/24 maxlen: 24
37.9.42.0/24 maxlen: 24
37.9.41.0/24 maxlen: 24
37.9.40.0/24 maxlen: 24
146.185.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1215783239 (0x48776147)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66d675e10a5ba9d5c167eebbdc348e7bca0dd191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fb:3a:b6:3b:a0:bc:3d:9c:3a:cb:81:05:a6:
f2:44:f2:9f:99:0e:d9:d8:c9:61:f6:7b:90:40:c8:
5d:79:fd:e9:eb:c2:ce:e0:7a:f6:fd:8d:42:44:d6:
b2:1d:a7:69:39:ef:3a:0e:a6:36:5b:c1:71:e0:82:
f4:32:9a:26:04:a1:6b:a4:51:b4:f6:ce:c9:29:75:
27:0c:f1:28:7e:3b:0e:8d:e1:ba:ba:a9:79:22:f8:
17:e5:37:31:40:38:19:91:00:a8:29:d9:7b:d5:df:
46:d6:c1:69:9a:a7:45:52:f6:67:96:af:39:f9:50:
ec:9f:1c:da:ff:be:cb:43:f6:d8:55:7f:a5:02:82:
66:e9:d4:c7:4f:45:5b:11:3d:b5:72:59:7f:a1:17:
bb:dd:28:8e:73:1a:56:ad:8a:9d:fd:1e:d1:b8:cd:
5d:e8:a0:26:66:84:5c:f4:e7:69:ec:7a:e1:57:ac:
2c:c4:71:3c:41:8a:b7:c2:fd:ce:f3:27:f3:e2:1d:
ab:9a:92:1a:8b:49:5c:c7:d6:ed:3f:84:7d:2f:f5:
ff:2e:69:e2:07:8c:ef:f8:fa:34:fa:0e:b4:20:ee:
6b:06:2a:3a:0d:2d:8e:d8:f7:4d:7f:03:db:26:ff:
d9:c7:1c:ad:1b:df:e3:09:d4:c0:f3:cd:4d:d3:a3:
19:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D6:75:E1:0A:5B:A9:D5:C1:67:EE:BB:DC:34:8E:7B:CA:0D:D1:91
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.216.0/24
5.188.219.0/24
37.9.40.0-37.9.42.255
146.185.207.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:cf:9c:fe:59:96:55:2f:9e:61:b9:db:d0:78:cf:0c:66:2c:
85:fa:b5:63:9f:cf:f6:fb:c9:be:8c:c2:62:b6:b8:0c:84:49:
41:5e:ff:b0:18:82:36:0f:42:d7:c5:c3:da:30:8b:dc:4b:32:
68:81:43:bf:75:2d:0b:24:99:68:c6:95:ae:21:35:15:ca:c8:
28:e2:32:05:a4:a8:4f:0a:92:8c:8c:70:84:e6:b9:6b:04:76:
e2:11:ab:44:04:eb:3f:b5:e6:21:53:3b:f6:1e:ab:c2:80:1a:
6d:41:5a:43:9c:bf:0f:08:3f:ee:a2:1d:ae:63:2f:fe:86:34:
da:38:94:8d:3e:d7:ea:20:1f:ca:96:ba:49:20:67:3c:98:d7:
03:5b:01:3e:93:c1:36:3a:77:5e:35:da:ad:c9:07:e1:85:4b:
ed:48:58:2b:76:1a:65:61:7a:56:83:3b:27:e8:e7:4c:45:16:
8b:a1:16:3a:75:a8:bd:b1:0c:eb:1f:3b:4d:4d:ad:67:7d:d4:
33:c4:36:1b:1b:7b:4c:f6:96:ce:39:f1:8d:0b:da:66:93:8d:
f6:2c:74:58:c9:c8:4f:e9:bd:d4:39:2f:16:ee:9c:fd:1f:7a:
c3:5b:9f:b1:ac:58:82:d8:4a:a5:ff:cb:55:0f:90:6c:3b:1a:
8f:4e:db:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIESHdhRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZkNjc1ZTEwYTVi
YTlkNWMxNjdlZWJiZGMzNDhlN2JjYTBkZDE5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH7OrY7oLw9nDrLgQWm8kTyn5kO2djJYfZ7kEDIXXn96evC
zuB69v2NQkTWsh2naTnvOg6mNlvBceCC9DKaJgSha6RRtPbOySl1JwzxKH47Do3h
urqpeSL4F+U3MUA4GZEAqCnZe9XfRtbBaZqnRVL2Z5avOflQ7J8c2v++y0P22FV/
pQKCZunUx09FWxE9tXJZf6EXu90ojnMaVq2Knf0e0bjNXeigJmaEXPTnaex64Ves
LMRxPEGKt8L9zvMn8+Idq5qSGotJXMfW7T+EfS/1/y5p4geM7/j6NPoOtCDuawYq
Og0tjtj3TX8D2yb/2cccrRvf4wnUwPPNTdOjGc0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRm1nXhClup1cFn7rvcNI57yg3RkTAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L1p0WjE0UXBicWRYQlotNjczRFNPZThvTjBaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAAW82AMEAAW82zAMAwQDJQkoAwQA
JQkqAwQAkrnPMA0GCSqGSIb3DQEBCwUAA4IBAQAPz5z+WZZVL55hudvQeM8MZiyF
+rVjn8/2+8m+jMJitrgMhElBXv+wGII2D0LXxcPaMIvcSzJogUO/dS0LJJloxpWu
ITUVysgo4jIFpKhPCpKMjHCE5rlrBHbiEatEBOs/teYhUzv2HqvCgBptQVpDnL8P
CD/uoh2uYy/+hjTaOJSNPtfqIB/KlrpJIGc8mNcDWwE+k8E2OndeNdqtyQfhhUvt
SFgrdhplYXpWgzsn6OdMRRaLoRY6dai9sQzrHztNTa1nfdQzxDYbG3tM9pbOOfGN
C9pmk432LHRYychP6b3UOS8W7pz9H3rDW5+xrFiC2Eql/8tVD5BsOxqPTtu6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org