Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Zo-Mx8lxP1DW0LV2KZC3KHbsH98.roa
File: Zo-Mx8lxP1DW0LV2KZC3KHbsH98.roa (raw, json)
Hash identifier: 3XFJ70tHppWSssgsOXwqf4JybdxEWty5XCPtt+FW724=
Subject key identifier: 66:8F:8C:C7:C9:71:3F:50:D6:D0:B5:76:29:90:B7:28:76:EC:1F:DF
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08DC9679
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Zo-Mx8lxP1DW0LV2KZC3KHbsH98.roa
Signing time: Thu 06 Jan 2022 17:21:43 +0000
ROA not before: Thu 06 Jan 2022 17:21:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207778
IP address blocks: 2a0e:8f02:2020::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148674169 (0x8dc9679)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 6 17:21:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=668f8cc7c9713f50d6d0b5762990b72876ec1fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a9:84:72:32:1a:ec:20:0d:f9:1d:99:bb:cf:
ba:86:a4:d0:c8:09:0a:9c:af:e4:6a:75:10:fb:0b:
6c:90:7a:94:59:af:38:b4:e8:20:84:8e:57:e0:68:
6c:e8:d0:a9:7c:a6:fc:1d:6c:1c:c2:b0:64:91:29:
c6:a1:09:d3:0a:03:56:6d:17:90:ec:d7:d8:53:84:
39:06:02:d4:b9:37:1a:ac:c5:af:e3:41:57:be:fa:
c9:0e:87:54:90:26:0b:85:a6:5b:83:cc:44:78:52:
fb:da:f2:a1:c7:43:92:f3:a6:ff:d0:df:10:92:fb:
69:4d:dd:07:da:fc:d1:13:96:a0:60:3e:8b:4b:29:
4e:95:a6:67:87:63:08:45:50:d6:d3:1a:c8:5b:a1:
e0:ad:82:83:c0:0d:33:35:67:41:39:9e:73:b2:f5:
04:83:33:83:7c:8a:ba:cd:ff:4a:ce:2c:76:38:ad:
3e:d0:20:00:7e:f5:36:d0:ca:d1:49:75:6c:5c:c8:
74:b4:24:92:f2:8e:36:20:96:60:10:68:2b:5e:9c:
f7:45:94:bd:9f:05:f7:7c:8b:28:0d:e9:bc:52:03:
34:21:2a:f8:ce:ea:49:72:f5:4c:d6:70:3e:92:5b:
3b:a6:85:3b:58:04:22:2f:a8:49:c5:6a:51:13:4a:
ac:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8F:8C:C7:C9:71:3F:50:D6:D0:B5:76:29:90:B7:28:76:EC:1F:DF
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Zo-Mx8lxP1DW0LV2KZC3KHbsH98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2020::/44
Signature Algorithm: sha256WithRSAEncryption
22:af:e0:eb:a0:18:21:e8:31:73:76:c5:d8:7e:3b:86:d2:00:
bd:64:91:d9:9a:ae:c1:0d:72:3c:87:ba:bd:05:27:b1:12:ae:
b7:fa:ce:a6:35:a3:84:04:3b:12:36:03:c0:20:84:00:9b:31:
1f:0e:13:b5:f3:e7:ab:97:31:18:05:ee:87:92:11:d3:b1:d1:
bf:13:36:cb:53:40:64:07:2f:a7:4c:ea:49:3d:07:6a:b0:61:
6d:1e:70:d1:ee:0e:fa:bf:49:40:23:e9:b1:14:7f:3f:fd:83:
16:23:a7:1b:24:34:8e:2f:5d:36:a7:f6:16:f2:be:69:f1:6e:
42:a0:41:b7:c2:2f:8f:8b:aa:e2:0d:8a:7a:6d:fa:3d:24:5e:
5b:8a:8a:c4:82:db:34:ce:ea:e4:d7:0a:2c:eb:71:51:18:23:
86:ce:c4:b7:12:c6:b5:b0:9b:6a:9b:57:b7:92:fe:79:d2:06:
9c:56:b6:1a:32:9f:1a:9a:78:0e:ce:a7:13:9a:d1:a7:bb:f4:
f0:38:c4:93:53:31:0d:9e:de:d9:6e:fb:28:d0:32:82:c9:b5:
59:60:fa:02:8a:3a:5e:88:4a:e7:ec:ea:61:bd:1a:10:2a:e5:
ec:a5:35:b1:96:4f:7e:2a:2d:31:72:f1:fb:7e:6a:a3:72:18:
38:50:5e:37
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECNyWeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
NjE3MjE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY4ZjhjYzdjOTcx
M2Y1MGQ2ZDBiNTc2Mjk5MGI3Mjg3NmVjMWZkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOaphHIyGuwgDfkdmbvPuoak0MgJCpyv5Gp1EPsLbJB6lFmv
OLToIISOV+BobOjQqXym/B1sHMKwZJEpxqEJ0woDVm0XkOzX2FOEOQYC1Lk3GqzF
r+NBV776yQ6HVJAmC4WmW4PMRHhS+9ryocdDkvOm/9DfEJL7aU3dB9r80ROWoGA+
i0spTpWmZ4djCEVQ1tMayFuh4K2Cg8ANMzVnQTmec7L1BIMzg3yKus3/Ss4sdjit
PtAgAH71NtDK0Ul1bFzIdLQkkvKONiCWYBBoK16c90WUvZ8F93yLKA3pvFIDNCEq
+M7qSXL1TNZwPpJbO6aFO1gEIi+oScVqURNKrAsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRmj4zHyXE/UNbQtXYpkLcoduwf3zAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L1pvLU14OGx4UDFEVzBMVjJLWkMzS0hic0g5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOjwIgIDANBgkqhkiG9w0BAQsF
AAOCAQEAIq/g66AYIegxc3bF2H47htIAvWSR2ZquwQ1yPIe6vQUnsRKut/rOpjWj
hAQ7EjYDwCCEAJsxHw4TtfPnq5cxGAXuh5IR07HRvxM2y1NAZAcvp0zqST0HarBh
bR5w0e4O+r9JQCPpsRR/P/2DFiOnGyQ0ji9dNqf2FvK+afFuQqBBt8Ivj4uq4g2K
em36PSReW4qKxILbNM7q5NcKLOtxURgjhs7EtxLGtbCbaptXt5L+edIGnFa2GjKf
Gpp4Ds6nE5rRp7v08DjEk1MxDZ7e2W77KNAygsm1WWD6Aoo6XohK5+zqYb0aECrl
7KU1sZZPfiotMXLx+35qo3IYOFBeNw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org