Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/zw-Vg8xaoRd25vAcnbkhuT22tW4.roa
File: zw-Vg8xaoRd25vAcnbkhuT22tW4.roa (raw, json)
Hash identifier: UkB07gxYbKKXzWIUMdLmUSMETatZQLmSy1/Xc1ecKdY=
Subject key identifier: CF:0F:95:83:CC:5A:A1:17:76:E6:F0:1C:9D:B9:21:B9:3D:B6:B5:6E
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: 1F2F88
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/zw-Vg8xaoRd25vAcnbkhuT22tW4.roa
Signing time: Wed 23 Feb 2022 14:37:49 +0000
ROA not before: Wed 23 Feb 2022 14:37:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15742
IP address blocks: 217.117.68.0/24 maxlen: 24
217.117.67.0/24 maxlen: 24
217.117.66.0/24 maxlen: 24
217.117.65.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.70.0/24 maxlen: 24
217.117.69.0/24 maxlen: 24
217.117.75.0/24 maxlen: 24
217.117.74.0/24 maxlen: 24
217.117.72.0/24 maxlen: 24
217.117.78.0/24 maxlen: 24
217.117.77.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
217.117.79.0/24 maxlen: 24
87.238.152.0/24 maxlen: 24
87.238.156.0/24 maxlen: 24
87.238.155.0/24 maxlen: 24
87.238.154.0/24 maxlen: 24
87.238.153.0/24 maxlen: 24
87.238.159.0/24 maxlen: 24
87.238.158.0/24 maxlen: 24
87.238.157.0/24 maxlen: 24
217.117.64.0/24 maxlen: 24
2a03:9220::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2043784 (0x1f2f88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: Feb 23 14:37:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf0f9583cc5aa11776e6f01c9db921b93db6b56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:21:7b:f7:93:a4:b6:d2:4f:de:9c:63:bc:38:
95:44:7a:b5:1b:36:b5:37:35:a4:00:f4:39:cf:12:
d7:51:24:e2:37:2c:0b:ee:55:a8:51:4b:72:76:49:
d8:a8:38:5e:1f:0e:e6:a7:c1:c8:df:f0:9b:ad:1f:
24:dd:c3:fd:d5:cf:ea:e1:20:6f:70:cc:81:a6:e2:
a9:d3:ed:b0:1b:91:fc:98:39:5a:92:39:33:2a:f7:
8c:d9:c6:3e:65:20:a9:09:11:2b:53:14:f0:cc:19:
b8:0e:a1:aa:da:8b:de:38:74:49:89:be:2e:3d:12:
01:1a:07:a8:b5:39:52:8e:ea:73:41:a0:9b:da:09:
55:88:ce:e8:a6:96:64:1c:a9:15:01:75:ce:80:a5:
2e:91:cf:1c:2b:67:4d:1f:f1:0e:f5:5e:99:da:b5:
01:ef:1e:d3:da:10:6b:e1:45:3b:50:36:cb:1c:5a:
89:60:af:fa:51:fa:9d:a6:b7:4e:9d:72:1d:26:84:
36:92:fb:03:22:86:e5:78:c2:12:0f:74:54:4f:c1:
60:52:7f:3f:5b:e9:19:b7:65:9e:8e:5c:b1:c3:77:
30:da:7f:06:d8:3f:a4:c8:fd:03:e6:70:57:3b:48:
4e:38:f8:0b:ba:bb:6f:23:43:e9:d8:27:55:58:50:
af:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0F:95:83:CC:5A:A1:17:76:E6:F0:1C:9D:B9:21:B9:3D:B6:B5:6E
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/zw-Vg8xaoRd25vAcnbkhuT22tW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.152.0/21
217.117.64.0-217.117.72.255
217.117.74.0-217.117.79.255
IPv6:
2a03:9220::/32
Signature Algorithm: sha256WithRSAEncryption
41:e0:00:54:8c:37:ad:f7:ef:8d:3a:13:e2:d2:ec:7b:83:77:
e7:c9:aa:71:6a:26:fa:0c:65:92:9b:83:3e:4c:1d:2c:be:b2:
2f:91:c5:fe:9c:94:6f:12:30:50:b0:f9:00:00:ad:8a:fc:33:
aa:77:b7:2e:cb:f2:11:f4:2b:1d:b8:a0:9e:64:df:1a:7e:99:
0b:a2:0b:24:90:a5:56:b7:e8:dd:c3:45:49:ec:3e:cb:aa:73:
4c:ec:fb:4f:de:e8:e6:8a:14:ac:7d:85:ca:53:d2:90:8a:89:
e0:09:db:0d:92:f5:7c:40:89:de:f5:cb:70:63:08:dd:e0:e2:
06:51:08:b8:65:1f:47:1a:a5:34:53:2d:6b:2b:2e:41:44:80:
98:52:7b:0e:ea:8a:c3:c3:23:1b:5f:5e:38:e1:a2:06:66:d3:
25:7f:ee:c9:d7:13:17:e0:1d:a5:d4:06:c6:30:7f:bd:d0:7e:
88:88:d7:e0:74:89:75:48:f2:d6:a7:f7:fb:93:91:99:d5:42:
bc:70:01:d2:aa:c1:04:51:34:1c:d4:a1:15:10:a4:83:cb:34:
9c:a6:23:15:f5:03:3a:e2:92:8e:46:b2:20:97:a2:51:64:54:
fc:6c:ea:d3:ad:46:43:3e:5c:c1:d2:27:a3:81:f1:92:af:06:
0f:f1:4b:87
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIDHy+IMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
Y2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZlMWM2MjIwHhcNMjIwMjIz
MTQzNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZjBmOTU4M2NjNWFh
MTE3NzZlNmYwMWM5ZGI5MjFiOTNkYjZiNTZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoyF795OkttJP3pxjvDiVRHq1Gza1NzWkAPQ5zxLXUSTiNywL
7lWoUUtydknYqDheHw7mp8HI3/CbrR8k3cP91c/q4SBvcMyBpuKp0+2wG5H8mDla
kjkzKveM2cY+ZSCpCRErUxTwzBm4DqGq2oveOHRJib4uPRIBGgeotTlSjupzQaCb
2glViM7oppZkHKkVAXXOgKUukc8cK2dNH/EO9V6Z2rUB7x7T2hBr4UU7UDbLHFqJ
YK/6UfqdprdOnXIdJoQ2kvsDIobleMISD3RUT8FgUn8/W+kZt2Wejlyxw3cw2n8G
2D+kyP0D5nBXO0hOOPgLurtvI0Pp2CdVWFCvQQIDAQABo4ICNDCCAjAwHQYDVR0O
BBYEFM8PlYPMWqEXdubwHJ25Ibk9trVuMB8GA1UdIwQYMBaAFCrOIQkO5NeGd0E0
I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRmLzEv
enctVmc4eGFvUmQyNXZBY25ia2h1VDIydFc0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8y
OTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRmLzEvS3M0aENRN2sxNFoz
UVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEoG
CCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQDV+6YMAwDBAbZdUADBADZdUgwDAME
Adl1SgMEBNl1QDANBAIAAjAHAwUAKgOSIDANBgkqhkiG9w0BAQsFAAOCAQEAQeAA
VIw3rffvjToT4tLse4N358mqcWom+gxlkpuDPkwdLL6yL5HF/pyUbxIwULD5AACt
ivwzqne3LsvyEfQrHbignmTfGn6ZC6ILJJClVrfo3cNFSew+y6pzTOz7T97o5ooU
rH2FylPSkIqJ4AnbDZL1fECJ3vXLcGMI3eDiBlEIuGUfRxqlNFMtaysuQUSAmFJ7
DuqKw8MjG19eOOGiBmbTJX/uydcTF+AdpdQGxjB/vdB+iIjX4HSJdUjy1qf3+5OR
mdVCvHAB0qrBBFE0HNShFRCkg8s0nKYjFfUDOuKSjkayIJeiUWRU/Gzq061GQz5c
wdIno4Hxkq8GD/FLhw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:10 2023 by rpki-client on console-fra.rpki-client.org