Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/zcfSGa8A5J-n2Hc-5_ftgl8K9yg.roa
File: zcfSGa8A5J-n2Hc-5_ftgl8K9yg.roa (raw, json)
Hash identifier: c/Uqp8H2MD49XyQneJbWibQuLWCT1oqMXSiHrCIikbI=
Subject key identifier: CD:C7:D2:19:AF:00:E4:9F:A7:D8:77:3E:E7:F7:ED:82:5F:0A:F7:28
Certificate issuer: /CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Certificate serial: 01851AD43CE80DDB822BC3E1EFE016DE7393
Authority key identifier: D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/zcfSGa8A5J-n2Hc-5_ftgl8K9yg.roa
Signing time: Fri 16 Dec 2022 12:06:34 +0000
ROA not before: Fri 16 Dec 2022 12:06:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210103
IP address blocks: 146.19.11.0/24 maxlen: 24
2a12:1d00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:d4:3c:e8:0d:db:82:2b:c3:e1:ef:e0:16:de:73:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Validity
Not Before: Dec 16 12:06:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdc7d219af00e49fa7d8773ee7f7ed825f0af728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cd:a1:b6:bb:f3:87:71:78:27:de:b7:47:ec:
d5:c0:fa:78:e6:77:1d:5d:f0:a8:1c:3a:c1:52:ac:
f5:da:6c:c4:ed:e8:8d:d0:f9:97:6d:7e:57:97:52:
92:9d:1d:6b:84:1d:98:64:63:08:19:52:7d:eb:40:
ae:cb:5d:78:6b:1b:ef:b2:d3:f8:0a:ef:22:04:44:
d7:3c:c9:a1:36:1b:80:34:66:b8:77:c4:e1:c1:f3:
ca:df:95:66:47:4a:11:5b:db:12:bd:3d:bc:e0:6e:
fc:2f:f5:3a:11:cb:5c:62:e8:fd:ee:71:89:cf:4b:
0b:df:4b:06:7e:b0:42:39:be:b4:fd:ab:67:15:e3:
4e:b4:5e:aa:01:c3:4b:dc:fc:6f:d2:53:1f:93:85:
79:d3:04:1d:0b:86:ad:b2:ae:86:f2:33:33:e6:96:
d4:b8:6f:45:54:09:69:16:71:d4:9c:54:79:e2:92:
8d:c9:80:4f:97:f9:7b:ac:53:80:8f:4c:e3:91:96:
68:f5:59:21:7c:fb:b4:d3:5a:d3:0b:21:58:21:de:
fd:e8:63:0b:8e:40:e0:f0:43:25:8a:e2:51:18:24:
a4:40:ac:90:99:33:48:57:4a:43:a1:37:dd:89:e4:
34:4a:dd:b8:04:d8:45:2e:3a:cc:2f:6e:c5:3f:e3:
02:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C7:D2:19:AF:00:E4:9F:A7:D8:77:3E:E7:F7:ED:82:5F:0A:F7:28
X509v3 Authority Key Identifier:
keyid:D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/zcfSGa8A5J-n2Hc-5_ftgl8K9yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.11.0/24
IPv6:
2a12:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
7d:59:be:27:0e:15:09:cc:2e:35:4e:29:38:f9:78:c1:aa:73:
80:1b:a1:1e:e2:8e:85:af:77:3a:1c:01:f4:03:0b:11:15:7e:
dc:3d:4a:24:17:fd:45:e9:f3:be:55:52:a0:e9:16:d9:12:a8:
66:eb:69:27:e8:ba:d5:91:15:75:13:ec:26:e7:58:a6:b7:95:
73:a1:f3:2b:1b:29:7a:9a:3f:69:23:14:1c:53:69:6b:99:c0:
a7:dd:98:c3:e1:dc:9a:ee:32:8b:c7:84:f3:a5:96:22:dc:e2:
82:88:0f:51:07:f8:b6:cf:92:bf:f8:a3:45:8f:fe:40:e0:31:
60:9d:b1:9a:97:69:11:31:f9:12:ff:29:df:e3:be:8a:02:86:
d2:fb:50:e0:ea:92:49:a1:fa:e3:68:26:ef:0f:13:7e:5d:03:
b1:3f:90:a3:d7:ee:97:48:1b:8a:f7:66:88:6b:6f:60:4e:e9:
16:d0:7b:05:0b:ba:00:f9:be:21:73:b2:f1:c9:01:ef:28:8b:
df:85:75:90:12:bc:30:8e:02:5f:12:bd:37:67:20:39:95:35:
19:3b:c0:12:94:4d:b7:f5:0a:25:d9:e6:bc:72:c8:b3:85:80:
e2:ab:c3:29:36:5d:58:9f:02:1d:70:c0:b2:5c:85:bd:56:a1:
bb:2b:a6:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUa1DzoDduCK8Ph7+AW3nOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZmFmM2EzZjIxNDBjYjdjNmZmMGNkNmE3ZjU2MTRhMDVl
NGU0NjcwHhcNMjIxMjE2MTIwNjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGM3ZDIxOWFmMDBlNDlmYTdkODc3M2VlN2Y3ZWQ4MjVmMGFmNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc2htrvzh3F4J963R+zVwPp45ncd
XfCoHDrBUqz12mzE7eiN0PmXbX5Xl1KSnR1rhB2YZGMIGVJ960Cuy114axvvstP4
Cu8iBETXPMmhNhuANGa4d8ThwfPK35VmR0oRW9sSvT284G78L/U6EctcYuj97nGJ
z0sL30sGfrBCOb60/atnFeNOtF6qAcNL3Pxv0lMfk4V50wQdC4atsq6G8jMz5pbU
uG9FVAlpFnHUnFR54pKNyYBPl/l7rFOAj0zjkZZo9VkhfPu001rTCyFYId796GML
jkDg8EMliuJRGCSkQKyQmTNIV0pDoTfdieQ0St24BNhFLjrML27FP+MCfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM3H0hmvAOSfp9h3Puf37YJfCvcoMB8GA1UdIwQY
MBaAFNf686PyFAy3xv8M1qf1YUoF5ORnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYt
ZjM3OTdjZmQ2NWFlLzEvemNmU0dhOEE1Si1uMkhjLTVfZnRnbDhLOXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYtZjM3OTdjZmQ2NWFl
LzEvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkhMLMA0E
AgACMAcDBQMqEh0AMA0GCSqGSIb3DQEBCwUAA4IBAQB9Wb4nDhUJzC41Tik4+XjB
qnOAG6Ee4o6Fr3c6HAH0AwsRFX7cPUokF/1F6fO+VVKg6RbZEqhm62kn6LrVkRV1
E+wm51imt5VzofMrGyl6mj9pIxQcU2lrmcCn3ZjD4dya7jKLx4TzpZYi3OKCiA9R
B/i2z5K/+KNFj/5A4DFgnbGal2kRMfkS/ynf476KAobS+1Dg6pJJofrjaCbvDxN+
XQOxP5Cj1+6XSBuK92aIa29gTukW0HsFC7oA+b4hc7LxyQHvKIvfhXWQErwwjgJf
Er03ZyA5lTUZO8ASlE239Qol2ea8csizhYDiq8MpNl1YnwIdcMCyXIW9VqG7K6ZR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:02 2023 by rpki-client on console-ams.rpki-client.org